CVE-2016-5195 (Dirty COW)

CVSS v3.1 7 (High)

CVSS v2.0 7.2 (High)

EPSS 81.66 % (98^th)

Affected Products 18

Advisories 54

NVD Status Analyzed

Race condition in mm/gup.c in the Linux kernel 2.x through 4.x before 4.8.3 allows local users to gain privileges by leveraging incorrect handling of a copy-on-write (COW) feature to write to a read-only memory mapping, as exploited in the wild in October 2016, aka "Dirty COW."

Weaknesses

CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')

Alias

Dirty COW

Related CVEs

CVE-2016-3919

CVE Status: PUBLISHED
NVD Status: Analyzed
CNA: Chrome
Published Date: 2016-11-10 21:59:00
(7 years ago)
Updated Date: 2024-07-24 14:27:14
(6 weeks ago)

Linux Kernel Race Condition Vulnerability (CISA - Known Exploited Vulnerabilities Catalog)

Description: Race condition in mm/gup.c in the Linux kernel allows local users to escalate privileges.
Required Action: Apply updates per vendor instructions.
Known to be Used in Ransomware Campaigns: Unknown

Vendor: Linux
Product: Kernel
In CISA Catalog from: 2022-03-03
(2 years ago)
Due Date: 2022-03-24
(2 years ago)

Affected Products

Netapp

Paloaltonetworks

Pan-os

Redhat

Configuration #1

		CPE23	From	Up To
	Canonical Ubuntu Linux 12.04	cpe:2.3:o:canonical:ubuntu_linux:12.04:::*:-
	Canonical Ubuntu Linux 14.04	cpe:2.3:o:canonical:ubuntu_linux:14.04:::*:esm
	Canonical Ubuntu Linux 16.04	cpe:2.3:o:canonical:ubuntu_linux:16.04:::*:esm
	Canonical Ubuntu Linux 16.10	cpe:2.3:o:canonical:ubuntu_linux:16.10

Configuration #2

	CPE23	From	Up To
Linux Kernel from 2.6.22 version and prior 3.2.83 version	cpe:2.3:o:linux:linux_kernel	>= 2.6.22	< 3.2.83
Linux Kernel from 3.3 version and prior 3.4.113 version	cpe:2.3:o:linux:linux_kernel	>= 3.3	< 3.4.113
Linux Kernel from 3.5 version and prior 3.10.104 version	cpe:2.3:o:linux:linux_kernel	>= 3.5	< 3.10.104
Linux Kernel from 3.11 version and prior 3.12.66 version	cpe:2.3:o:linux:linux_kernel	>= 3.11	< 3.12.66
Linux Kernel from 3.13 version and prior 3.16.38 version	cpe:2.3:o:linux:linux_kernel	>= 3.13	< 3.16.38
Linux Kernel from 3.17 version and prior 3.18.44 version	cpe:2.3:o:linux:linux_kernel	>= 3.17	< 3.18.44
Linux Kernel from 3.19 version and prior 4.1.35 version	cpe:2.3:o:linux:linux_kernel	>= 3.19	< 4.1.35
Linux Kernel from 4.2 version and prior 4.4.26 version	cpe:2.3:o:linux:linux_kernel	>= 4.2	< 4.4.26
Linux Kernel from 4.5 version and prior 4.7.9 version	cpe:2.3:o:linux:linux_kernel	>= 4.5	< 4.7.9
Linux Kernel from 4.8 version and prior 4.8.3 version	cpe:2.3:o:linux:linux_kernel	>= 4.8	< 4.8.3

Configuration #3

		CPE23	From	Up To
	Redhat Enterprise Linux 5	cpe:2.3:o:redhat:enterprise_linux:5
	Redhat Enterprise Linux 6.0	cpe:2.3:o:redhat:enterprise_linux:6.0
	Redhat Enterprise Linux 7.0	cpe:2.3:o:redhat:enterprise_linux:7.0
	Redhat Enterprise Linux Aus 6.2	cpe:2.3:o:redhat:enterprise_linux_aus:6.2
	Redhat Enterprise Linux Aus 6.4	cpe:2.3:o:redhat:enterprise_linux_aus:6.4
	Redhat Enterprise Linux Aus 6.5	cpe:2.3:o:redhat:enterprise_linux_aus:6.5
	Redhat Enterprise Linux Eus 6.6	cpe:2.3:o:redhat:enterprise_linux_eus:6.6
	Redhat Enterprise Linux Eus 6.7	cpe:2.3:o:redhat:enterprise_linux_eus:6.7
	Redhat Enterprise Linux Eus 7.1	cpe:2.3:o:redhat:enterprise_linux_eus:7.1
	Redhat Enterprise Linux Long Life 5.6	cpe:2.3:o:redhat:enterprise_linux_long_life:5.6
	Redhat Enterprise Linux Long Life 5.9	cpe:2.3:o:redhat:enterprise_linux_long_life:5.9
	Redhat Enterprise Linux Tus 6.5	cpe:2.3:o:redhat:enterprise_linux_tus:6.5

Configuration #4

		CPE23	From	Up To
	Debian Linux 7.0	cpe:2.3:o:debian:debian_linux:7.0
	Debian Linux 8.0	cpe:2.3:o:debian:debian_linux:8.0

Configuration #5

		CPE23	From	Up To
	Fedoraproject Fedora 23	cpe:2.3:o:fedoraproject:fedora:23
	Fedoraproject Fedora 24	cpe:2.3:o:fedoraproject:fedora:24
	Fedoraproject Fedora 25	cpe:2.3:o:fedoraproject:fedora:25

Configuration #6

		CPE23	From	Up To
	Paloaltonetworks Pan-os from 5.1 version and prior 7.0.14 version	cpe:2.3:o:paloaltonetworks:pan-os	>= 5.1	< 7.0.14
	Paloaltonetworks Pan-os from 7.1.0 version and prior 7.1.8 version	cpe:2.3:o:paloaltonetworks:pan-os	>= 7.1.0	< 7.1.8

Configuration #7

		CPE23	From	Up To
	Netapp Cloud Backup	cpe:2.3:a:netapp:cloud_backup:-
	Netapp Hci Storage Nodes	cpe:2.3:a:netapp:hci_storage_nodes:-
	Netapp Oncommand Balance	cpe:2.3:a:netapp:oncommand_balance:-
	Netapp Oncommand Performance Manager	cpe:2.3:a:netapp:oncommand_performance_manager:-
	Netapp Oncommand Unified Manager for Clustered Data Ontap	cpe:2.3:a:netapp:oncommand_unified_manager_for_clustered_data_ontap:-
	Netapp Ontap Select Deploy Administration Utility	cpe:2.3:a:netapp:ontap_select_deploy_administration_utility:-
	Netapp Snapprotect	cpe:2.3:a:netapp:snapprotect:-
	Netapp Solidfire	cpe:2.3:a:netapp:solidfire:-