Action not permitted
Modal body text goes here.
Modal Title
Modal Body
suse-su-2016:2633-1
Vulnerability from csaf_suse
Published
2016-10-25 21:18
Modified
2016-10-25 21:18
Summary
Security update for Linux Kernel Live Patch 11 for SLE 12
Notes
Title of the patch
Security update for Linux Kernel Live Patch 11 for SLE 12
Description of the patch
This update for the Linux Kernel 3.12.51-52_39 fixes several issues.
The following security bugs were fixed:
- CVE-2016-5195: A local privilege escalation using MAP_PRIVATE was fixed, which is reportedly exploited in the wild (bsc#1004419).
- CVE-2016-4997: The compat IPT_SO_SET_REPLACE and IP6T_SO_SET_REPLACE setsockopt implementations in the netfilter subsystem in the Linux kernel allowed local users to gain privileges or cause a denial of service (memory corruption) by leveraging in-container root access to provide a crafted offset value that triggers an unintended decrement (bsc#986377).
Patchnames
SUSE-SLE-SAP-12-2016-1548,SUSE-SLE-SERVER-12-2016-1548
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for Linux Kernel Live Patch 11 for SLE 12",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for the Linux Kernel 3.12.51-52_39 fixes several issues.\n\nThe following security bugs were fixed:\n- CVE-2016-5195: A local privilege escalation using MAP_PRIVATE was fixed, which is reportedly exploited in the wild (bsc#1004419).\n- CVE-2016-4997: The compat IPT_SO_SET_REPLACE and IP6T_SO_SET_REPLACE setsockopt implementations in the netfilter subsystem in the Linux kernel allowed local users to gain privileges or cause a denial of service (memory corruption) by leveraging in-container root access to provide a crafted offset value that triggers an unintended decrement (bsc#986377).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-SLE-SAP-12-2016-1548,SUSE-SLE-SERVER-12-2016-1548",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2016_2633-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2016:2633-1",
"url": "https://www.suse.com/support/update/announcement/2016/suse-su-20162633-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2016:2633-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2016-October/002357.html"
},
{
"category": "self",
"summary": "SUSE Bug 1004419",
"url": "https://bugzilla.suse.com/1004419"
},
{
"category": "self",
"summary": "SUSE Bug 986377",
"url": "https://bugzilla.suse.com/986377"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-4997 page",
"url": "https://www.suse.com/security/cve/CVE-2016-4997/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-5195 page",
"url": "https://www.suse.com/security/cve/CVE-2016-5195/"
}
],
"title": "Security update for Linux Kernel Live Patch 11 for SLE 12",
"tracking": {
"current_release_date": "2016-10-25T21:18:09Z",
"generator": {
"date": "2016-10-25T21:18:09Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2016:2633-1",
"initial_release_date": "2016-10-25T21:18:09Z",
"revision_history": [
{
"date": "2016-10-25T21:18:09Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "kgraft-patch-3_12_51-52_39-default-5-2.1.x86_64",
"product": {
"name": "kgraft-patch-3_12_51-52_39-default-5-2.1.x86_64",
"product_id": "kgraft-patch-3_12_51-52_39-default-5-2.1.x86_64"
}
},
{
"category": "product_version",
"name": "kgraft-patch-3_12_51-52_39-xen-5-2.1.x86_64",
"product": {
"name": "kgraft-patch-3_12_51-52_39-xen-5-2.1.x86_64",
"product_id": "kgraft-patch-3_12_51-52_39-xen-5-2.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 12",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 12",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:12"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 12-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server 12-LTSS",
"product_id": "SUSE Linux Enterprise Server 12-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles-ltss:12"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-3_12_51-52_39-default-5-2.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_51-52_39-default-5-2.1.x86_64"
},
"product_reference": "kgraft-patch-3_12_51-52_39-default-5-2.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-3_12_51-52_39-xen-5-2.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_51-52_39-xen-5-2.1.x86_64"
},
"product_reference": "kgraft-patch-3_12_51-52_39-xen-5-2.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-3_12_51-52_39-default-5-2.1.x86_64 as component of SUSE Linux Enterprise Server 12-LTSS",
"product_id": "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_51-52_39-default-5-2.1.x86_64"
},
"product_reference": "kgraft-patch-3_12_51-52_39-default-5-2.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-3_12_51-52_39-xen-5-2.1.x86_64 as component of SUSE Linux Enterprise Server 12-LTSS",
"product_id": "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_51-52_39-xen-5-2.1.x86_64"
},
"product_reference": "kgraft-patch-3_12_51-52_39-xen-5-2.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12-LTSS"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2016-4997",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-4997"
}
],
"notes": [
{
"category": "general",
"text": "The compat IPT_SO_SET_REPLACE and IP6T_SO_SET_REPLACE setsockopt implementations in the netfilter subsystem in the Linux kernel before 4.6.3 allow local users to gain privileges or cause a denial of service (memory corruption) by leveraging in-container root access to provide a crafted offset value that triggers an unintended decrement.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_51-52_39-default-5-2.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_51-52_39-xen-5-2.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_51-52_39-default-5-2.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_51-52_39-xen-5-2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-4997",
"url": "https://www.suse.com/security/cve/CVE-2016-4997"
},
{
"category": "external",
"summary": "SUSE Bug 1020452 for CVE-2016-4997",
"url": "https://bugzilla.suse.com/1020452"
},
{
"category": "external",
"summary": "SUSE Bug 986362 for CVE-2016-4997",
"url": "https://bugzilla.suse.com/986362"
},
{
"category": "external",
"summary": "SUSE Bug 986365 for CVE-2016-4997",
"url": "https://bugzilla.suse.com/986365"
},
{
"category": "external",
"summary": "SUSE Bug 986377 for CVE-2016-4997",
"url": "https://bugzilla.suse.com/986377"
},
{
"category": "external",
"summary": "SUSE Bug 991651 for CVE-2016-4997",
"url": "https://bugzilla.suse.com/991651"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_51-52_39-default-5-2.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_51-52_39-xen-5-2.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_51-52_39-default-5-2.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_51-52_39-xen-5-2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_51-52_39-default-5-2.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_51-52_39-xen-5-2.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_51-52_39-default-5-2.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_51-52_39-xen-5-2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-10-25T21:18:09Z",
"details": "important"
}
],
"title": "CVE-2016-4997"
},
{
"cve": "CVE-2016-5195",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-5195"
}
],
"notes": [
{
"category": "general",
"text": "Race condition in mm/gup.c in the Linux kernel 2.x through 4.x before 4.8.3 allows local users to gain privileges by leveraging incorrect handling of a copy-on-write (COW) feature to write to a read-only memory mapping, as exploited in the wild in October 2016, aka \"Dirty COW.\"",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_51-52_39-default-5-2.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_51-52_39-xen-5-2.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_51-52_39-default-5-2.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_51-52_39-xen-5-2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-5195",
"url": "https://www.suse.com/security/cve/CVE-2016-5195"
},
{
"category": "external",
"summary": "SUSE Bug 1004418 for CVE-2016-5195",
"url": "https://bugzilla.suse.com/1004418"
},
{
"category": "external",
"summary": "SUSE Bug 1004419 for CVE-2016-5195",
"url": "https://bugzilla.suse.com/1004419"
},
{
"category": "external",
"summary": "SUSE Bug 1004436 for CVE-2016-5195",
"url": "https://bugzilla.suse.com/1004436"
},
{
"category": "external",
"summary": "SUSE Bug 1006323 for CVE-2016-5195",
"url": "https://bugzilla.suse.com/1006323"
},
{
"category": "external",
"summary": "SUSE Bug 1006695 for CVE-2016-5195",
"url": "https://bugzilla.suse.com/1006695"
},
{
"category": "external",
"summary": "SUSE Bug 1007291 for CVE-2016-5195",
"url": "https://bugzilla.suse.com/1007291"
},
{
"category": "external",
"summary": "SUSE Bug 1008110 for CVE-2016-5195",
"url": "https://bugzilla.suse.com/1008110"
},
{
"category": "external",
"summary": "SUSE Bug 1030118 for CVE-2016-5195",
"url": "https://bugzilla.suse.com/1030118"
},
{
"category": "external",
"summary": "SUSE Bug 1046453 for CVE-2016-5195",
"url": "https://bugzilla.suse.com/1046453"
},
{
"category": "external",
"summary": "SUSE Bug 1069496 for CVE-2016-5195",
"url": "https://bugzilla.suse.com/1069496"
},
{
"category": "external",
"summary": "SUSE Bug 1149725 for CVE-2016-5195",
"url": "https://bugzilla.suse.com/1149725"
},
{
"category": "external",
"summary": "SUSE Bug 870618 for CVE-2016-5195",
"url": "https://bugzilla.suse.com/870618"
},
{
"category": "external",
"summary": "SUSE Bug 986445 for CVE-2016-5195",
"url": "https://bugzilla.suse.com/986445"
},
{
"category": "external",
"summary": "SUSE Bug 998689 for CVE-2016-5195",
"url": "https://bugzilla.suse.com/998689"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_51-52_39-default-5-2.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_51-52_39-xen-5-2.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_51-52_39-default-5-2.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_51-52_39-xen-5-2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_51-52_39-default-5-2.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_51-52_39-xen-5-2.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_51-52_39-default-5-2.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_51-52_39-xen-5-2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-10-25T21:18:09Z",
"details": "important"
}
],
"title": "CVE-2016-5195"
}
]
}
CVE-2016-5195 (GCVE-0-2016-5195)
Vulnerability from cvelistv5
Published
2016-11-10 21:00
Modified
2025-07-30 01:46
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Race condition in mm/gup.c in the Linux kernel 2.x through 4.x before 4.8.3 allows local users to gain privileges by leveraging incorrect handling of a copy-on-write (COW) feature to write to a read-only memory mapping, as exploited in the wild in October 2016, aka "Dirty COW."
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T00:53:48.930Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "RHSA-2016:2107",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-2107.html"
},
{
"name": "40616",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/40616/"
},
{
"name": "RHSA-2017:0372",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:0372"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bto.bluecoat.com/security-advisory/sa134"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05352241"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html"
},
{
"name": "40839",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/40839/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://dirtycow.ninja"
},
{
"name": "40847",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/40847/"
},
{
"name": "RHSA-2016:2118",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-2118.html"
},
{
"name": "RHSA-2016:2128",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-2128.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://source.android.com/security/bulletin/2016-12-01.html"
},
{
"name": "RHSA-2016:2120",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-2120.html"
},
{
"name": "[oss-security] 20161026 Re: CVE-2016-5195 \"Dirty COW\" Linux kernel privilege escalation vulnerability",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2016/10/26/7"
},
{
"name": "RHSA-2016:2133",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-2133.html"
},
{
"name": "RHSA-2016:2098",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-2098.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbgn03761en_us"
},
{
"name": "VU#243144",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "https://www.kb.cert.org/vuls/id/243144"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.suse.com/show_bug.cgi?id=1004418"
},
{
"name": "1037078",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1037078"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://people.canonical.com/~ubuntu-security/cve/2016/CVE-2016-5195.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbgn03722en_us"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20161025-0001/"
},
{
"name": "93793",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/93793"
},
{
"name": "RHSA-2016:2127",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-2127.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://security-tracker.debian.org/tracker/CVE-2016-5195"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/dirtycow/dirtycow.github.io/wiki/PoCs"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbgn03742en_us"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/torvalds/linux/commit/19be0eaffa3ac7d8eb6784ad9bdbc7d67ed8e619"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://help.ecostruxureit.com/display/public/UADCO8x/StruxureWare+Data+Center+Operation+Software+Vulnerability+Fixes"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/dirtycow/dirtycow.github.io/wiki/VulnerabilityDetails"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1384344"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://access.redhat.com/security/vulnerabilities/2706661"
},
{
"name": "RHSA-2016:2106",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-2106.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=19be0eaffa3ac7d8eb6784ad9bdbc7d67ed8e619"
},
{
"name": "40611",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/40611/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://access.redhat.com/security/cve/cve-2016-5195"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://source.android.com/security/bulletin/2016-11-01.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05347541"
},
{
"name": "RHSA-2016:2124",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-2124.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.8.3"
},
{
"name": "RHSA-2016:2105",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-2105.html"
},
{
"name": "RHSA-2016:2126",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-2126.html"
},
{
"name": "RHSA-2016:2132",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-2132.html"
},
{
"name": "RHSA-2016:2110",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-2110.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbgn03707en_us"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05341463"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10176"
},
{
"name": "SUSE-SU-2016:2635",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00055.html"
},
{
"name": "SUSE-SU-2016:2659",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00067.html"
},
{
"name": "[oss-security] 20161027 CVE-2016-5195 test case",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2016/10/27/13"
},
{
"name": "USN-3106-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-3106-2"
},
{
"name": "openSUSE-SU-2016:2583",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00034.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/139277/Kernel-Live-Patch-Security-Notice-LSN-0012-1.html"
},
{
"name": "SUSE-SU-2016:2633",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00053.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20161207-01-dirtycow-en"
},
{
"name": "SUSE-SU-2016:2638",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00058.html"
},
{
"name": "openSUSE-SU-2016:2584",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00035.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/142151/Kernel-Live-Patch-Security-Notice-LSN-0021-1.html"
},
{
"name": "SUSE-SU-2016:2658",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00066.html"
},
{
"name": "SUSE-SU-2016:2631",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00051.html"
},
{
"name": "USN-3106-3",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-3106-3"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-c05352241"
},
{
"name": "SUSE-SU-2016:2655",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00064.html"
},
{
"name": "FEDORA-2016-c3558808cd",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/W3APRVDVPDBXLH4DC5UKZVCR742MJIM3/"
},
{
"name": "20170615 [security bulletin] HPESBGN03761 rev.1 - HPE Virtualization Performance Viewer (VPV)/ Cloud Optimizer using Linux, Remote Escalation of Privilege",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/archive/1/540736/100/0/threaded"
},
{
"name": "SUSE-SU-2016:2637",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00057.html"
},
{
"name": "SUSE-SU-2016:2596",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00040.html"
},
{
"name": "SUSE-SU-2016:2634",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00054.html"
},
{
"name": "20181107 Cisco TelePresence Video Communication Server Test Validation Script Issue",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20181107-vcsd"
},
{
"name": "20161026 Vulnerability in Linux Kernel Affecting Cisco Products: October 2016",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161026-linux"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10770"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10177"
},
{
"name": "SUSE-SU-2016:2657",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00065.html"
},
{
"name": "SUSE-SU-2016:2614",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00045.html"
},
{
"name": "USN-3105-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-3105-2"
},
{
"name": "USN-3107-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-3107-1"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10774"
},
{
"name": "USN-3107-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-3107-2"
},
{
"name": "20170331 [security bulletin] HPESBGN03722 rev.1 - HPE Operations Agent, Local Escalation of Privilege",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/540344/100/0/threaded"
},
{
"name": "openSUSE-SU-2016:2625",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00048.html"
},
{
"name": "USN-3106-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-3106-1"
},
{
"name": "USN-3106-4",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-3106-4"
},
{
"name": "[oss-security] 20161030 Re: CVE-2016-5195 test case",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2016/10/30/1"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/139923/Linux-Kernel-Dirty-COW-PTRACE_POKEDATA-Privilege-Escalation.html"
},
{
"name": "SUSE-SU-2016:2673",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00072.html"
},
{
"name": "USN-3104-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-3104-2"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://fortiguard.com/advisory/FG-IR-16-063"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10807"
},
{
"name": "SUSE-SU-2016:2629",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00049.html"
},
{
"name": "20161020 [CVE-2016-5195] \"Dirty COW\" Linux privilege escalation vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/539611/100/0/threaded"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/139922/Linux-Kernel-Dirty-COW-PTRACE_POKEDATA-Privilege-Escalation.html"
},
{
"name": "SUSE-SU-2016:2632",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00052.html"
},
{
"name": "20170310 [security bulletin] HPESBGN03707 rev.1 - HPE ConvergedSystem 700 2.0 VMware Kit, Remote Increase of Privilege",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/archive/1/540252/100/0/threaded"
},
{
"name": "USN-3105-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-3105-1"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/139286/DirtyCow-Linux-Kernel-Race-Condition.html"
},
{
"name": "SUSE-SU-2016:2630",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00050.html"
},
{
"name": "FEDORA-2016-db4b75b352",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/E7M62SRP6CZLJ4ZXCRZKV4WPLQBSR7DT/"
},
{
"name": "FEDORA-2016-c8a0c7eece",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NWMDLBWMGZKFHMRJ7QUQVCERP5QHDB6W/"
},
{
"name": "[oss-security] 20161103 Re: CVE-2016-5195 \"Dirty COW\" Linux kernel privilege escalation vulnerability",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2016/11/03/7"
},
{
"name": "SUSE-SU-2016:2636",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00056.html"
},
{
"name": "SUSE-SU-2016:3069",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00033.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10222"
},
{
"name": "DSA-3696",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2016/dsa-3696"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/139287/DirtyCow-Local-Root-Proof-Of-Concept.html"
},
{
"name": "SUSE-SU-2016:2592",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00038.html"
},
{
"name": "20170331 [security bulletin] HPESBGN03722 rev.1 - HPE Operations Agent, Local Escalation of Privilege",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/archive/1/540344/100/0/threaded"
},
{
"name": "20161020 [CVE-2016-5195] \"Dirty COW\" Linux privilege escalation vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/archive/1/539611/100/0/threaded"
},
{
"name": "USN-3104-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-3104-1"
},
{
"name": "20170615 [security bulletin] HPESBGN03761 rev.1 - HPE Virtualization Performance Viewer (VPV)/ Cloud Optimizer using Linux, Remote Escalation of Privilege",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/540736/100/0/threaded"
},
{
"name": "SUSE-SU-2016:2593",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00039.html"
},
{
"name": "SUSE-SU-2016:3304",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00100.html"
},
{
"name": "[oss-security] 20161021 CVE-2016-5195 \"Dirty COW\" Linux kernel privilege escalation vulnerability",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2016/10/21/1"
},
{
"name": "20170310 [security bulletin] HPESBGN03707 rev.1 - HPE ConvergedSystem 700 2.0 VMware Kit, Remote Increase of Privilege",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/540252/100/0/threaded"
},
{
"name": "SUSE-SU-2016:2585",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00036.html"
},
{
"name": "openSUSE-SU-2016:2649",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00063.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://security.paloaltonetworks.com/CVE-2016-5195"
},
{
"name": "openSUSE-SU-2020:0554",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00041.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.arista.com/en/support/advisories-notices/security-advisories/1753-security-advisory-0026"
},
{
"name": "[oss-security] 20220307 CVE-2022-0847: Linux kernel: overwriting read-only files",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2022/03/07/1"
},
{
"name": "[oss-security] 20220808 Re: CVE-2022-2590: Linux kernel: Modifying shmem/tmpfs files without write permissions",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2022/08/08/2"
},
{
"name": "[oss-security] 20220808 CVE-2022-2590: Linux kernel: Modifying shmem/tmpfs files without write permissions",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2022/08/08/1"
},
{
"name": "[oss-security] 20220808 Re: CVE-2022-2590: Linux kernel: Modifying shmem/tmpfs files without write permissions",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2022/08/08/7"
},
{
"name": "[oss-security] 20220808 Re: CVE-2022-2590: Linux kernel: Modifying shmem/tmpfs files without write permissions",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2022/08/08/8"
},
{
"name": "[oss-security] 20220809 Re: CVE-2022-2590: Linux kernel: Modifying shmem/tmpfs files without write permissions",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2022/08/09/4"
},
{
"name": "[oss-security] 20220815 Re: CVE-2022-2590: Linux kernel: Modifying shmem/tmpfs files without write permissions",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2022/08/15/1"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2016-5195",
"options": [
{
"Exploitation": "active"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-29T17:18:38.253279Z",
"version": "2.0.3"
},
"type": "ssvc"
}
},
{
"other": {
"content": {
"dateAdded": "2022-03-03",
"reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2016-5195"
},
"type": "kev"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-362",
"description": "CWE-362 Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-07-30T01:46:34.193Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"timeline": [
{
"lang": "en",
"time": "2022-03-03T00:00:00+00:00",
"value": "CVE-2016-5195 added to CISA KEV"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-10-20T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Race condition in mm/gup.c in the Linux kernel 2.x through 4.x before 4.8.3 allows local users to gain privileges by leveraging incorrect handling of a copy-on-write (COW) feature to write to a read-only memory mapping, as exploited in the wild in October 2016, aka \"Dirty COW.\""
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-08-15T11:06:10.000Z",
"orgId": "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28",
"shortName": "Chrome"
},
"references": [
{
"name": "RHSA-2016:2107",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-2107.html"
},
{
"name": "40616",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/40616/"
},
{
"name": "RHSA-2017:0372",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:0372"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bto.bluecoat.com/security-advisory/sa134"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05352241"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html"
},
{
"name": "40839",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/40839/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://dirtycow.ninja"
},
{
"name": "40847",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/40847/"
},
{
"name": "RHSA-2016:2118",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-2118.html"
},
{
"name": "RHSA-2016:2128",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-2128.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://source.android.com/security/bulletin/2016-12-01.html"
},
{
"name": "RHSA-2016:2120",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-2120.html"
},
{
"name": "[oss-security] 20161026 Re: CVE-2016-5195 \"Dirty COW\" Linux kernel privilege escalation vulnerability",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2016/10/26/7"
},
{
"name": "RHSA-2016:2133",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-2133.html"
},
{
"name": "RHSA-2016:2098",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-2098.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbgn03761en_us"
},
{
"name": "VU#243144",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "https://www.kb.cert.org/vuls/id/243144"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.suse.com/show_bug.cgi?id=1004418"
},
{
"name": "1037078",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1037078"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://people.canonical.com/~ubuntu-security/cve/2016/CVE-2016-5195.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbgn03722en_us"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://security.netapp.com/advisory/ntap-20161025-0001/"
},
{
"name": "93793",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/93793"
},
{
"name": "RHSA-2016:2127",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-2127.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://security-tracker.debian.org/tracker/CVE-2016-5195"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/dirtycow/dirtycow.github.io/wiki/PoCs"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbgn03742en_us"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/torvalds/linux/commit/19be0eaffa3ac7d8eb6784ad9bdbc7d67ed8e619"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://help.ecostruxureit.com/display/public/UADCO8x/StruxureWare+Data+Center+Operation+Software+Vulnerability+Fixes"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/dirtycow/dirtycow.github.io/wiki/VulnerabilityDetails"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1384344"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://access.redhat.com/security/vulnerabilities/2706661"
},
{
"name": "RHSA-2016:2106",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-2106.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=19be0eaffa3ac7d8eb6784ad9bdbc7d67ed8e619"
},
{
"name": "40611",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/40611/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://access.redhat.com/security/cve/cve-2016-5195"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://source.android.com/security/bulletin/2016-11-01.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05347541"
},
{
"name": "RHSA-2016:2124",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-2124.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.8.3"
},
{
"name": "RHSA-2016:2105",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-2105.html"
},
{
"name": "RHSA-2016:2126",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-2126.html"
},
{
"name": "RHSA-2016:2132",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-2132.html"
},
{
"name": "RHSA-2016:2110",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-2110.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbgn03707en_us"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05341463"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10176"
},
{
"name": "SUSE-SU-2016:2635",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00055.html"
},
{
"name": "SUSE-SU-2016:2659",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00067.html"
},
{
"name": "[oss-security] 20161027 CVE-2016-5195 test case",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2016/10/27/13"
},
{
"name": "USN-3106-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-3106-2"
},
{
"name": "openSUSE-SU-2016:2583",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00034.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/139277/Kernel-Live-Patch-Security-Notice-LSN-0012-1.html"
},
{
"name": "SUSE-SU-2016:2633",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00053.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20161207-01-dirtycow-en"
},
{
"name": "SUSE-SU-2016:2638",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00058.html"
},
{
"name": "openSUSE-SU-2016:2584",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00035.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/142151/Kernel-Live-Patch-Security-Notice-LSN-0021-1.html"
},
{
"name": "SUSE-SU-2016:2658",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00066.html"
},
{
"name": "SUSE-SU-2016:2631",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00051.html"
},
{
"name": "USN-3106-3",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-3106-3"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-c05352241"
},
{
"name": "SUSE-SU-2016:2655",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00064.html"
},
{
"name": "FEDORA-2016-c3558808cd",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/W3APRVDVPDBXLH4DC5UKZVCR742MJIM3/"
},
{
"name": "20170615 [security bulletin] HPESBGN03761 rev.1 - HPE Virtualization Performance Viewer (VPV)/ Cloud Optimizer using Linux, Remote Escalation of Privilege",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/archive/1/540736/100/0/threaded"
},
{
"name": "SUSE-SU-2016:2637",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00057.html"
},
{
"name": "SUSE-SU-2016:2596",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00040.html"
},
{
"name": "SUSE-SU-2016:2634",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00054.html"
},
{
"name": "20181107 Cisco TelePresence Video Communication Server Test Validation Script Issue",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20181107-vcsd"
},
{
"name": "20161026 Vulnerability in Linux Kernel Affecting Cisco Products: October 2016",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161026-linux"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10770"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10177"
},
{
"name": "SUSE-SU-2016:2657",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00065.html"
},
{
"name": "SUSE-SU-2016:2614",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00045.html"
},
{
"name": "USN-3105-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-3105-2"
},
{
"name": "USN-3107-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-3107-1"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10774"
},
{
"name": "USN-3107-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-3107-2"
},
{
"name": "20170331 [security bulletin] HPESBGN03722 rev.1 - HPE Operations Agent, Local Escalation of Privilege",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/540344/100/0/threaded"
},
{
"name": "openSUSE-SU-2016:2625",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00048.html"
},
{
"name": "USN-3106-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-3106-1"
},
{
"name": "USN-3106-4",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-3106-4"
},
{
"name": "[oss-security] 20161030 Re: CVE-2016-5195 test case",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2016/10/30/1"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/139923/Linux-Kernel-Dirty-COW-PTRACE_POKEDATA-Privilege-Escalation.html"
},
{
"name": "SUSE-SU-2016:2673",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00072.html"
},
{
"name": "USN-3104-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-3104-2"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://fortiguard.com/advisory/FG-IR-16-063"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10807"
},
{
"name": "SUSE-SU-2016:2629",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00049.html"
},
{
"name": "20161020 [CVE-2016-5195] \"Dirty COW\" Linux privilege escalation vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/539611/100/0/threaded"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/139922/Linux-Kernel-Dirty-COW-PTRACE_POKEDATA-Privilege-Escalation.html"
},
{
"name": "SUSE-SU-2016:2632",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00052.html"
},
{
"name": "20170310 [security bulletin] HPESBGN03707 rev.1 - HPE ConvergedSystem 700 2.0 VMware Kit, Remote Increase of Privilege",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/archive/1/540252/100/0/threaded"
},
{
"name": "USN-3105-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-3105-1"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/139286/DirtyCow-Linux-Kernel-Race-Condition.html"
},
{
"name": "SUSE-SU-2016:2630",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00050.html"
},
{
"name": "FEDORA-2016-db4b75b352",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/E7M62SRP6CZLJ4ZXCRZKV4WPLQBSR7DT/"
},
{
"name": "FEDORA-2016-c8a0c7eece",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NWMDLBWMGZKFHMRJ7QUQVCERP5QHDB6W/"
},
{
"name": "[oss-security] 20161103 Re: CVE-2016-5195 \"Dirty COW\" Linux kernel privilege escalation vulnerability",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2016/11/03/7"
},
{
"name": "SUSE-SU-2016:2636",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00056.html"
},
{
"name": "SUSE-SU-2016:3069",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00033.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10222"
},
{
"name": "DSA-3696",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2016/dsa-3696"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/139287/DirtyCow-Local-Root-Proof-Of-Concept.html"
},
{
"name": "SUSE-SU-2016:2592",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00038.html"
},
{
"name": "20170331 [security bulletin] HPESBGN03722 rev.1 - HPE Operations Agent, Local Escalation of Privilege",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/archive/1/540344/100/0/threaded"
},
{
"name": "20161020 [CVE-2016-5195] \"Dirty COW\" Linux privilege escalation vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/archive/1/539611/100/0/threaded"
},
{
"name": "USN-3104-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-3104-1"
},
{
"name": "20170615 [security bulletin] HPESBGN03761 rev.1 - HPE Virtualization Performance Viewer (VPV)/ Cloud Optimizer using Linux, Remote Escalation of Privilege",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/540736/100/0/threaded"
},
{
"name": "SUSE-SU-2016:2593",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00039.html"
},
{
"name": "SUSE-SU-2016:3304",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00100.html"
},
{
"name": "[oss-security] 20161021 CVE-2016-5195 \"Dirty COW\" Linux kernel privilege escalation vulnerability",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2016/10/21/1"
},
{
"name": "20170310 [security bulletin] HPESBGN03707 rev.1 - HPE ConvergedSystem 700 2.0 VMware Kit, Remote Increase of Privilege",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/540252/100/0/threaded"
},
{
"name": "SUSE-SU-2016:2585",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00036.html"
},
{
"name": "openSUSE-SU-2016:2649",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00063.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://security.paloaltonetworks.com/CVE-2016-5195"
},
{
"name": "openSUSE-SU-2020:0554",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00041.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.arista.com/en/support/advisories-notices/security-advisories/1753-security-advisory-0026"
},
{
"name": "[oss-security] 20220307 CVE-2022-0847: Linux kernel: overwriting read-only files",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2022/03/07/1"
},
{
"name": "[oss-security] 20220808 Re: CVE-2022-2590: Linux kernel: Modifying shmem/tmpfs files without write permissions",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2022/08/08/2"
},
{
"name": "[oss-security] 20220808 CVE-2022-2590: Linux kernel: Modifying shmem/tmpfs files without write permissions",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2022/08/08/1"
},
{
"name": "[oss-security] 20220808 Re: CVE-2022-2590: Linux kernel: Modifying shmem/tmpfs files without write permissions",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2022/08/08/7"
},
{
"name": "[oss-security] 20220808 Re: CVE-2022-2590: Linux kernel: Modifying shmem/tmpfs files without write permissions",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2022/08/08/8"
},
{
"name": "[oss-security] 20220809 Re: CVE-2022-2590: Linux kernel: Modifying shmem/tmpfs files without write permissions",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2022/08/09/4"
},
{
"name": "[oss-security] 20220815 Re: CVE-2022-2590: Linux kernel: Modifying shmem/tmpfs files without write permissions",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2022/08/15/1"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "chrome-cve-admin@google.com",
"ID": "CVE-2016-5195",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Race condition in mm/gup.c in the Linux kernel 2.x through 4.x before 4.8.3 allows local users to gain privileges by leveraging incorrect handling of a copy-on-write (COW) feature to write to a read-only memory mapping, as exploited in the wild in October 2016, aka \"Dirty COW.\""
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "RHSA-2016:2107",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2016-2107.html"
},
{
"name": "40616",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/40616/"
},
{
"name": "RHSA-2017:0372",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:0372"
},
{
"name": "https://bto.bluecoat.com/security-advisory/sa134",
"refsource": "CONFIRM",
"url": "https://bto.bluecoat.com/security-advisory/sa134"
},
{
"name": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05352241",
"refsource": "CONFIRM",
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05352241"
},
{
"name": "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html"
},
{
"name": "40839",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/40839/"
},
{
"name": "https://dirtycow.ninja",
"refsource": "MISC",
"url": "https://dirtycow.ninja"
},
{
"name": "40847",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/40847/"
},
{
"name": "RHSA-2016:2118",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2016-2118.html"
},
{
"name": "RHSA-2016:2128",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2016-2128.html"
},
{
"name": "https://source.android.com/security/bulletin/2016-12-01.html",
"refsource": "CONFIRM",
"url": "https://source.android.com/security/bulletin/2016-12-01.html"
},
{
"name": "RHSA-2016:2120",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2016-2120.html"
},
{
"name": "[oss-security] 20161026 Re: CVE-2016-5195 \"Dirty COW\" Linux kernel privilege escalation vulnerability",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2016/10/26/7"
},
{
"name": "RHSA-2016:2133",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2016-2133.html"
},
{
"name": "RHSA-2016:2098",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2016-2098.html"
},
{
"name": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbgn03761en_us",
"refsource": "CONFIRM",
"url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbgn03761en_us"
},
{
"name": "VU#243144",
"refsource": "CERT-VN",
"url": "https://www.kb.cert.org/vuls/id/243144"
},
{
"name": "https://bugzilla.suse.com/show_bug.cgi?id=1004418",
"refsource": "CONFIRM",
"url": "https://bugzilla.suse.com/show_bug.cgi?id=1004418"
},
{
"name": "1037078",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1037078"
},
{
"name": "https://people.canonical.com/~ubuntu-security/cve/2016/CVE-2016-5195.html",
"refsource": "CONFIRM",
"url": "https://people.canonical.com/~ubuntu-security/cve/2016/CVE-2016-5195.html"
},
{
"name": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbgn03722en_us",
"refsource": "CONFIRM",
"url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbgn03722en_us"
},
{
"name": "https://security.netapp.com/advisory/ntap-20161025-0001/",
"refsource": "CONFIRM",
"url": "https://security.netapp.com/advisory/ntap-20161025-0001/"
},
{
"name": "93793",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/93793"
},
{
"name": "RHSA-2016:2127",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2016-2127.html"
},
{
"name": "https://security-tracker.debian.org/tracker/CVE-2016-5195",
"refsource": "CONFIRM",
"url": "https://security-tracker.debian.org/tracker/CVE-2016-5195"
},
{
"name": "https://github.com/dirtycow/dirtycow.github.io/wiki/PoCs",
"refsource": "MISC",
"url": "https://github.com/dirtycow/dirtycow.github.io/wiki/PoCs"
},
{
"name": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbgn03742en_us",
"refsource": "CONFIRM",
"url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbgn03742en_us"
},
{
"name": "https://github.com/torvalds/linux/commit/19be0eaffa3ac7d8eb6784ad9bdbc7d67ed8e619",
"refsource": "CONFIRM",
"url": "https://github.com/torvalds/linux/commit/19be0eaffa3ac7d8eb6784ad9bdbc7d67ed8e619"
},
{
"name": "https://help.ecostruxureit.com/display/public/UADCO8x/StruxureWare+Data+Center+Operation+Software+Vulnerability+Fixes",
"refsource": "CONFIRM",
"url": "https://help.ecostruxureit.com/display/public/UADCO8x/StruxureWare+Data+Center+Operation+Software+Vulnerability+Fixes"
},
{
"name": "https://github.com/dirtycow/dirtycow.github.io/wiki/VulnerabilityDetails",
"refsource": "MISC",
"url": "https://github.com/dirtycow/dirtycow.github.io/wiki/VulnerabilityDetails"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1384344",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1384344"
},
{
"name": "https://access.redhat.com/security/vulnerabilities/2706661",
"refsource": "CONFIRM",
"url": "https://access.redhat.com/security/vulnerabilities/2706661"
},
{
"name": "RHSA-2016:2106",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2016-2106.html"
},
{
"name": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=19be0eaffa3ac7d8eb6784ad9bdbc7d67ed8e619",
"refsource": "CONFIRM",
"url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=19be0eaffa3ac7d8eb6784ad9bdbc7d67ed8e619"
},
{
"name": "40611",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/40611/"
},
{
"name": "https://access.redhat.com/security/cve/cve-2016-5195",
"refsource": "CONFIRM",
"url": "https://access.redhat.com/security/cve/cve-2016-5195"
},
{
"name": "https://source.android.com/security/bulletin/2016-11-01.html",
"refsource": "CONFIRM",
"url": "https://source.android.com/security/bulletin/2016-11-01.html"
},
{
"name": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05347541",
"refsource": "CONFIRM",
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05347541"
},
{
"name": "RHSA-2016:2124",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2016-2124.html"
},
{
"name": "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.8.3",
"refsource": "CONFIRM",
"url": "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.8.3"
},
{
"name": "RHSA-2016:2105",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2016-2105.html"
},
{
"name": "RHSA-2016:2126",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2016-2126.html"
},
{
"name": "RHSA-2016:2132",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2016-2132.html"
},
{
"name": "RHSA-2016:2110",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2016-2110.html"
},
{
"name": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbgn03707en_us",
"refsource": "CONFIRM",
"url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbgn03707en_us"
},
{
"name": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05341463",
"refsource": "CONFIRM",
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05341463"
},
{
"name": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10176",
"refsource": "CONFIRM",
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10176"
},
{
"name": "SUSE-SU-2016:2635",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00055.html"
},
{
"name": "SUSE-SU-2016:2659",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00067.html"
},
{
"name": "[oss-security] 20161027 CVE-2016-5195 test case",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2016/10/27/13"
},
{
"name": "USN-3106-2",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-3106-2"
},
{
"name": "openSUSE-SU-2016:2583",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00034.html"
},
{
"name": "http://packetstormsecurity.com/files/139277/Kernel-Live-Patch-Security-Notice-LSN-0012-1.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/139277/Kernel-Live-Patch-Security-Notice-LSN-0012-1.html"
},
{
"name": "SUSE-SU-2016:2633",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00053.html"
},
{
"name": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20161207-01-dirtycow-en",
"refsource": "CONFIRM",
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20161207-01-dirtycow-en"
},
{
"name": "SUSE-SU-2016:2638",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00058.html"
},
{
"name": "openSUSE-SU-2016:2584",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00035.html"
},
{
"name": "http://packetstormsecurity.com/files/142151/Kernel-Live-Patch-Security-Notice-LSN-0021-1.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/142151/Kernel-Live-Patch-Security-Notice-LSN-0021-1.html"
},
{
"name": "SUSE-SU-2016:2658",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00066.html"
},
{
"name": "SUSE-SU-2016:2631",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00051.html"
},
{
"name": "USN-3106-3",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-3106-3"
},
{
"name": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-c05352241",
"refsource": "CONFIRM",
"url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-c05352241"
},
{
"name": "SUSE-SU-2016:2655",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00064.html"
},
{
"name": "FEDORA-2016-c3558808cd",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W3APRVDVPDBXLH4DC5UKZVCR742MJIM3/"
},
{
"name": "20170615 [security bulletin] HPESBGN03761 rev.1 - HPE Virtualization Performance Viewer (VPV)/ Cloud Optimizer using Linux, Remote Escalation of Privilege",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/archive/1/540736/100/0/threaded"
},
{
"name": "SUSE-SU-2016:2637",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00057.html"
},
{
"name": "SUSE-SU-2016:2596",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00040.html"
},
{
"name": "SUSE-SU-2016:2634",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00054.html"
},
{
"name": "20181107 Cisco TelePresence Video Communication Server Test Validation Script Issue",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20181107-vcsd"
},
{
"name": "20161026 Vulnerability in Linux Kernel Affecting Cisco Products: October 2016",
"refsource": "CISCO",
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161026-linux"
},
{
"name": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10770",
"refsource": "CONFIRM",
"url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10770"
},
{
"name": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10177",
"refsource": "CONFIRM",
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10177"
},
{
"name": "SUSE-SU-2016:2657",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00065.html"
},
{
"name": "SUSE-SU-2016:2614",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00045.html"
},
{
"name": "USN-3105-2",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-3105-2"
},
{
"name": "USN-3107-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-3107-1"
},
{
"name": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10774",
"refsource": "CONFIRM",
"url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10774"
},
{
"name": "USN-3107-2",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-3107-2"
},
{
"name": "20170331 [security bulletin] HPESBGN03722 rev.1 - HPE Operations Agent, Local Escalation of Privilege",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/540344/100/0/threaded"
},
{
"name": "openSUSE-SU-2016:2625",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00048.html"
},
{
"name": "USN-3106-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-3106-1"
},
{
"name": "USN-3106-4",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-3106-4"
},
{
"name": "[oss-security] 20161030 Re: CVE-2016-5195 test case",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2016/10/30/1"
},
{
"name": "http://packetstormsecurity.com/files/139923/Linux-Kernel-Dirty-COW-PTRACE_POKEDATA-Privilege-Escalation.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/139923/Linux-Kernel-Dirty-COW-PTRACE_POKEDATA-Privilege-Escalation.html"
},
{
"name": "SUSE-SU-2016:2673",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00072.html"
},
{
"name": "USN-3104-2",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-3104-2"
},
{
"name": "http://fortiguard.com/advisory/FG-IR-16-063",
"refsource": "CONFIRM",
"url": "http://fortiguard.com/advisory/FG-IR-16-063"
},
{
"name": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10807",
"refsource": "CONFIRM",
"url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10807"
},
{
"name": "SUSE-SU-2016:2629",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00049.html"
},
{
"name": "20161020 [CVE-2016-5195] \"Dirty COW\" Linux privilege escalation vulnerability",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/539611/100/0/threaded"
},
{
"name": "http://packetstormsecurity.com/files/139922/Linux-Kernel-Dirty-COW-PTRACE_POKEDATA-Privilege-Escalation.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/139922/Linux-Kernel-Dirty-COW-PTRACE_POKEDATA-Privilege-Escalation.html"
},
{
"name": "SUSE-SU-2016:2632",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00052.html"
},
{
"name": "20170310 [security bulletin] HPESBGN03707 rev.1 - HPE ConvergedSystem 700 2.0 VMware Kit, Remote Increase of Privilege",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/archive/1/540252/100/0/threaded"
},
{
"name": "USN-3105-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-3105-1"
},
{
"name": "http://packetstormsecurity.com/files/139286/DirtyCow-Linux-Kernel-Race-Condition.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/139286/DirtyCow-Linux-Kernel-Race-Condition.html"
},
{
"name": "SUSE-SU-2016:2630",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00050.html"
},
{
"name": "FEDORA-2016-db4b75b352",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/E7M62SRP6CZLJ4ZXCRZKV4WPLQBSR7DT/"
},
{
"name": "FEDORA-2016-c8a0c7eece",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NWMDLBWMGZKFHMRJ7QUQVCERP5QHDB6W/"
},
{
"name": "[oss-security] 20161103 Re: CVE-2016-5195 \"Dirty COW\" Linux kernel privilege escalation vulnerability",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2016/11/03/7"
},
{
"name": "SUSE-SU-2016:2636",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00056.html"
},
{
"name": "SUSE-SU-2016:3069",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00033.html"
},
{
"name": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10222",
"refsource": "CONFIRM",
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10222"
},
{
"name": "DSA-3696",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2016/dsa-3696"
},
{
"name": "http://packetstormsecurity.com/files/139287/DirtyCow-Local-Root-Proof-Of-Concept.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/139287/DirtyCow-Local-Root-Proof-Of-Concept.html"
},
{
"name": "SUSE-SU-2016:2592",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00038.html"
},
{
"name": "20170331 [security bulletin] HPESBGN03722 rev.1 - HPE Operations Agent, Local Escalation of Privilege",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/archive/1/540344/100/0/threaded"
},
{
"name": "20161020 [CVE-2016-5195] \"Dirty COW\" Linux privilege escalation vulnerability",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/archive/1/539611/100/0/threaded"
},
{
"name": "USN-3104-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-3104-1"
},
{
"name": "20170615 [security bulletin] HPESBGN03761 rev.1 - HPE Virtualization Performance Viewer (VPV)/ Cloud Optimizer using Linux, Remote Escalation of Privilege",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/540736/100/0/threaded"
},
{
"name": "SUSE-SU-2016:2593",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00039.html"
},
{
"name": "SUSE-SU-2016:3304",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00100.html"
},
{
"name": "[oss-security] 20161021 CVE-2016-5195 \"Dirty COW\" Linux kernel privilege escalation vulnerability",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2016/10/21/1"
},
{
"name": "20170310 [security bulletin] HPESBGN03707 rev.1 - HPE ConvergedSystem 700 2.0 VMware Kit, Remote Increase of Privilege",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/540252/100/0/threaded"
},
{
"name": "SUSE-SU-2016:2585",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00036.html"
},
{
"name": "openSUSE-SU-2016:2649",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00063.html"
},
{
"name": "https://security.paloaltonetworks.com/CVE-2016-5195",
"refsource": "CONFIRM",
"url": "https://security.paloaltonetworks.com/CVE-2016-5195"
},
{
"name": "openSUSE-SU-2020:0554",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00041.html"
},
{
"name": "https://www.arista.com/en/support/advisories-notices/security-advisories/1753-security-advisory-0026",
"refsource": "MISC",
"url": "https://www.arista.com/en/support/advisories-notices/security-advisories/1753-security-advisory-0026"
},
{
"name": "[oss-security] 20220307 CVE-2022-0847: Linux kernel: overwriting read-only files",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2022/03/07/1"
},
{
"name": "[oss-security] 20220808 Re: CVE-2022-2590: Linux kernel: Modifying shmem/tmpfs files without write permissions",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2022/08/08/2"
},
{
"name": "[oss-security] 20220808 CVE-2022-2590: Linux kernel: Modifying shmem/tmpfs files without write permissions",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2022/08/08/1"
},
{
"name": "[oss-security] 20220808 Re: CVE-2022-2590: Linux kernel: Modifying shmem/tmpfs files without write permissions",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2022/08/08/7"
},
{
"name": "[oss-security] 20220808 Re: CVE-2022-2590: Linux kernel: Modifying shmem/tmpfs files without write permissions",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2022/08/08/8"
},
{
"name": "[oss-security] 20220809 Re: CVE-2022-2590: Linux kernel: Modifying shmem/tmpfs files without write permissions",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2022/08/09/4"
},
{
"name": "[oss-security] 20220815 Re: CVE-2022-2590: Linux kernel: Modifying shmem/tmpfs files without write permissions",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2022/08/15/1"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28",
"assignerShortName": "Chrome",
"cveId": "CVE-2016-5195",
"datePublished": "2016-11-10T21:00:00.000Z",
"dateReserved": "2016-05-31T00:00:00.000Z",
"dateUpdated": "2025-07-30T01:46:34.193Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-4997 (GCVE-0-2016-4997)
Vulnerability from cvelistv5
Published
2016-07-03 21:00
Modified
2024-08-06 00:46
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The compat IPT_SO_SET_REPLACE and IP6T_SO_SET_REPLACE setsockopt implementations in the netfilter subsystem in the Linux kernel before 4.6.3 allow local users to gain privileges or cause a denial of service (memory corruption) by leveraging in-container root access to provide a crafted offset value that triggers an unintended decrement.
References
| ► | URL | Tags | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T00:46:40.226Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "SUSE-SU-2016:2180",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00053.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html"
},
{
"name": "SUSE-SU-2016:1709",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00060.html"
},
{
"name": "USN-3017-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-3017-1"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2016-3090545.html"
},
{
"name": "SUSE-SU-2016:1985",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00007.html"
},
{
"name": "USN-3017-3",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-3017-3"
},
{
"name": "RHSA-2016:1847",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-1847.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1349722"
},
{
"name": "openSUSE-SU-2016:2184",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00055.html"
},
{
"name": "USN-3018-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-3018-2"
},
{
"name": "SUSE-SU-2016:2174",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00048.html"
},
{
"name": "USN-3017-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-3017-2"
},
{
"name": "RHSA-2016:1875",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-1875.html"
},
{
"name": "USN-3019-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-3019-1"
},
{
"name": "SUSE-SU-2016:2018",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00027.html"
},
{
"name": "DSA-3607",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2016/dsa-3607"
},
{
"name": "USN-3016-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-3016-2"
},
{
"name": "USN-3016-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-3016-1"
},
{
"name": "[oss-security] 20160624 Linux CVE-2016-4997 (local privilege escalation) and CVE-2016-4998 (out of bounds memory access)",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2016/06/24/5"
},
{
"name": "SUSE-SU-2016:2181",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00054.html"
},
{
"name": "SUSE-SU-2016:2178",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00051.html"
},
{
"name": "40435",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/40435/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/torvalds/linux/commit/ce683e5f9d045e5d67d1312a42b359cb2ab2a13c"
},
{
"name": "USN-3018-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-3018-1"
},
{
"name": "1036171",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1036171"
},
{
"name": "40489",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/40489/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05347541"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/topics/security/ovmbulletinoct2016-3090547.html"
},
{
"name": "SUSE-SU-2016:2177",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00050.html"
},
{
"name": "RHSA-2016:1883",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-1883.html"
},
{
"name": "SUSE-SU-2016:2179",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00052.html"
},
{
"name": "SUSE-SU-2016:2105",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00044.html"
},
{
"name": "USN-3016-3",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-3016-3"
},
{
"name": "SUSE-SU-2016:1710",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00061.html"
},
{
"name": "[oss-security] 20160929 CVE request - Linux kernel through 4.6.2 allows escalade privileges via IP6T_SO_SET_REPLACE compat setsockopt call",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2016/09/29/10"
},
{
"name": "USN-3016-4",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-3016-4"
},
{
"name": "91451",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/91451"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.6.3"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=ce683e5f9d045e5d67d1312a42b359cb2ab2a13c"
},
{
"name": "USN-3020-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-3020-1"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/nccgroup/TriforceLinuxSyscallFuzzer/tree/master/crash_reports/report_compatIpt"
},
{
"name": "SUSE-SU-2016:1937",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00000.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-06-24T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The compat IPT_SO_SET_REPLACE and IP6T_SO_SET_REPLACE setsockopt implementations in the netfilter subsystem in the Linux kernel before 4.6.3 allow local users to gain privileges or cause a denial of service (memory corruption) by leveraging in-container root access to provide a crafted offset value that triggers an unintended decrement."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-01-04T19:57:01",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "SUSE-SU-2016:2180",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00053.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html"
},
{
"name": "SUSE-SU-2016:1709",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00060.html"
},
{
"name": "USN-3017-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-3017-1"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2016-3090545.html"
},
{
"name": "SUSE-SU-2016:1985",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00007.html"
},
{
"name": "USN-3017-3",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-3017-3"
},
{
"name": "RHSA-2016:1847",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-1847.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1349722"
},
{
"name": "openSUSE-SU-2016:2184",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00055.html"
},
{
"name": "USN-3018-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-3018-2"
},
{
"name": "SUSE-SU-2016:2174",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00048.html"
},
{
"name": "USN-3017-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-3017-2"
},
{
"name": "RHSA-2016:1875",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-1875.html"
},
{
"name": "USN-3019-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-3019-1"
},
{
"name": "SUSE-SU-2016:2018",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00027.html"
},
{
"name": "DSA-3607",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2016/dsa-3607"
},
{
"name": "USN-3016-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-3016-2"
},
{
"name": "USN-3016-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-3016-1"
},
{
"name": "[oss-security] 20160624 Linux CVE-2016-4997 (local privilege escalation) and CVE-2016-4998 (out of bounds memory access)",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2016/06/24/5"
},
{
"name": "SUSE-SU-2016:2181",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00054.html"
},
{
"name": "SUSE-SU-2016:2178",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00051.html"
},
{
"name": "40435",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/40435/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/torvalds/linux/commit/ce683e5f9d045e5d67d1312a42b359cb2ab2a13c"
},
{
"name": "USN-3018-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-3018-1"
},
{
"name": "1036171",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1036171"
},
{
"name": "40489",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/40489/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05347541"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/topics/security/ovmbulletinoct2016-3090547.html"
},
{
"name": "SUSE-SU-2016:2177",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00050.html"
},
{
"name": "RHSA-2016:1883",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-1883.html"
},
{
"name": "SUSE-SU-2016:2179",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00052.html"
},
{
"name": "SUSE-SU-2016:2105",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00044.html"
},
{
"name": "USN-3016-3",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-3016-3"
},
{
"name": "SUSE-SU-2016:1710",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00061.html"
},
{
"name": "[oss-security] 20160929 CVE request - Linux kernel through 4.6.2 allows escalade privileges via IP6T_SO_SET_REPLACE compat setsockopt call",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2016/09/29/10"
},
{
"name": "USN-3016-4",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-3016-4"
},
{
"name": "91451",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/91451"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.6.3"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=ce683e5f9d045e5d67d1312a42b359cb2ab2a13c"
},
{
"name": "USN-3020-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-3020-1"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/nccgroup/TriforceLinuxSyscallFuzzer/tree/master/crash_reports/report_compatIpt"
},
{
"name": "SUSE-SU-2016:1937",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00000.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2016-4997",
"datePublished": "2016-07-03T21:00:00",
"dateReserved": "2016-05-24T00:00:00",
"dateUpdated": "2024-08-06T00:46:40.226Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…