CVE-2016-5195
Linux Kernel Race Condition Vulnerability
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
32Exploited in Wild
YesDecision
Descriptions
Race condition in mm/gup.c in the Linux kernel 2.x through 4.x before 4.8.3 allows local users to gain privileges by leveraging incorrect handling of a copy-on-write (COW) feature to write to a read-only memory mapping, as exploited in the wild in October 2016, aka "Dirty COW."
La condición de carrera en mm / gup.c en el kernel de Linux 2.x a 4.x antes de 4.8.3 permite a los usuarios locales obtener privilegios aprovechando el manejo incorrecto de una función copy-on-write (COW) para escribir en un read- only la cartografía de la memoria, como explotados en la naturaleza en octubre de 2016, vulnerabilidad también conocida como "Dirty COW".
A race condition was found in the way the Linux kernel's memory subsystem handled the copy-on-write (COW) breakage of private read-only memory mappings. An unprivileged, local user could use this flaw to gain write access to otherwise read-only memory mappings and thus increase their privileges on the system.
Race condition in mm/gup.c in the Linux kernel allows local users to escalate privileges.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2016-05-31 CVE Reserved
- 2016-10-20 CVE Published
- 2016-10-21 First Exploit
- 2022-03-03 Exploited in Wild
- 2022-03-24 KEV Due Date
- 2024-07-25 EPSS Updated
- 2024-08-06 CVE Updated
CWE
- CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
CAPEC
References (147)
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Canonical Search vendor "Canonical" | Ubuntu Linux Search vendor "Canonical" for product "Ubuntu Linux" | 12.04 Search vendor "Canonical" for product "Ubuntu Linux" and version "12.04" | - |
Affected
| ||||||
Canonical Search vendor "Canonical" | Ubuntu Linux Search vendor "Canonical" for product "Ubuntu Linux" | 14.04 Search vendor "Canonical" for product "Ubuntu Linux" and version "14.04" | esm |
Affected
| ||||||
Canonical Search vendor "Canonical" | Ubuntu Linux Search vendor "Canonical" for product "Ubuntu Linux" | 16.04 Search vendor "Canonical" for product "Ubuntu Linux" and version "16.04" | esm |
Affected
| ||||||
Canonical Search vendor "Canonical" | Ubuntu Linux Search vendor "Canonical" for product "Ubuntu Linux" | 16.10 Search vendor "Canonical" for product "Ubuntu Linux" and version "16.10" | - |
Affected
| ||||||
Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 2.6.22 < 3.2.83 Search vendor "Linux" for product "Linux Kernel" and version " >= 2.6.22 < 3.2.83" | - |
Affected
| ||||||
Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 3.3 < 3.4.113 Search vendor "Linux" for product "Linux Kernel" and version " >= 3.3 < 3.4.113" | - |
Affected
| ||||||
Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 3.5 < 3.10.104 Search vendor "Linux" for product "Linux Kernel" and version " >= 3.5 < 3.10.104" | - |
Affected
| ||||||
Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 3.11 < 3.12.66 Search vendor "Linux" for product "Linux Kernel" and version " >= 3.11 < 3.12.66" | - |
Affected
| ||||||
Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 3.13 < 3.16.38 Search vendor "Linux" for product "Linux Kernel" and version " >= 3.13 < 3.16.38" | - |
Affected
| ||||||
Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 3.17 < 3.18.44 Search vendor "Linux" for product "Linux Kernel" and version " >= 3.17 < 3.18.44" | - |
Affected
| ||||||
Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 3.19 < 4.1.35 Search vendor "Linux" for product "Linux Kernel" and version " >= 3.19 < 4.1.35" | - |
Affected
| ||||||
Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 4.2 < 4.4.26 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.2 < 4.4.26" | - |
Affected
| ||||||
Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 4.5 < 4.7.9 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.5 < 4.7.9" | - |
Affected
| ||||||
Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 4.8 < 4.8.3 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.8 < 4.8.3" | - |
Affected
| ||||||
Redhat Search vendor "Redhat" | Enterprise Linux Search vendor "Redhat" for product "Enterprise Linux" | 5 Search vendor "Redhat" for product "Enterprise Linux" and version "5" | - |
Affected
| ||||||
Redhat Search vendor "Redhat" | Enterprise Linux Search vendor "Redhat" for product "Enterprise Linux" | 6.0 Search vendor "Redhat" for product "Enterprise Linux" and version "6.0" | - |
Affected
| ||||||
Redhat Search vendor "Redhat" | Enterprise Linux Search vendor "Redhat" for product "Enterprise Linux" | 7.0 Search vendor "Redhat" for product "Enterprise Linux" and version "7.0" | - |
Affected
| ||||||
Redhat Search vendor "Redhat" | Enterprise Linux Aus Search vendor "Redhat" for product "Enterprise Linux Aus" | 6.2 Search vendor "Redhat" for product "Enterprise Linux Aus" and version "6.2" | - |
Affected
| ||||||
Redhat Search vendor "Redhat" | Enterprise Linux Aus Search vendor "Redhat" for product "Enterprise Linux Aus" | 6.4 Search vendor "Redhat" for product "Enterprise Linux Aus" and version "6.4" | - |
Affected
| ||||||
Redhat Search vendor "Redhat" | Enterprise Linux Aus Search vendor "Redhat" for product "Enterprise Linux Aus" | 6.5 Search vendor "Redhat" for product "Enterprise Linux Aus" and version "6.5" | - |
Affected
| ||||||
Redhat Search vendor "Redhat" | Enterprise Linux Eus Search vendor "Redhat" for product "Enterprise Linux Eus" | 6.6 Search vendor "Redhat" for product "Enterprise Linux Eus" and version "6.6" | - |
Affected
| ||||||
Redhat Search vendor "Redhat" | Enterprise Linux Eus Search vendor "Redhat" for product "Enterprise Linux Eus" | 6.7 Search vendor "Redhat" for product "Enterprise Linux Eus" and version "6.7" | - |
Affected
| ||||||
Redhat Search vendor "Redhat" | Enterprise Linux Eus Search vendor "Redhat" for product "Enterprise Linux Eus" | 7.1 Search vendor "Redhat" for product "Enterprise Linux Eus" and version "7.1" | - |
Affected
| ||||||
Redhat Search vendor "Redhat" | Enterprise Linux Long Life Search vendor "Redhat" for product "Enterprise Linux Long Life" | 5.6 Search vendor "Redhat" for product "Enterprise Linux Long Life" and version "5.6" | - |
Affected
| ||||||
Redhat Search vendor "Redhat" | Enterprise Linux Long Life Search vendor "Redhat" for product "Enterprise Linux Long Life" | 5.9 Search vendor "Redhat" for product "Enterprise Linux Long Life" and version "5.9" | - |
Affected
| ||||||
Redhat Search vendor "Redhat" | Enterprise Linux Tus Search vendor "Redhat" for product "Enterprise Linux Tus" | 6.5 Search vendor "Redhat" for product "Enterprise Linux Tus" and version "6.5" | - |
Affected
| ||||||
Debian Search vendor "Debian" | Debian Linux Search vendor "Debian" for product "Debian Linux" | 7.0 Search vendor "Debian" for product "Debian Linux" and version "7.0" | - |
Affected
| ||||||
Debian Search vendor "Debian" | Debian Linux Search vendor "Debian" for product "Debian Linux" | 8.0 Search vendor "Debian" for product "Debian Linux" and version "8.0" | - |
Affected
| ||||||
Fedoraproject Search vendor "Fedoraproject" | Fedora Search vendor "Fedoraproject" for product "Fedora" | 23 Search vendor "Fedoraproject" for product "Fedora" and version "23" | - |
Affected
| ||||||
Fedoraproject Search vendor "Fedoraproject" | Fedora Search vendor "Fedoraproject" for product "Fedora" | 24 Search vendor "Fedoraproject" for product "Fedora" and version "24" | - |
Affected
| ||||||
Fedoraproject Search vendor "Fedoraproject" | Fedora Search vendor "Fedoraproject" for product "Fedora" | 25 Search vendor "Fedoraproject" for product "Fedora" and version "25" | - |
Affected
| ||||||
Paloaltonetworks Search vendor "Paloaltonetworks" | Pan-os Search vendor "Paloaltonetworks" for product "Pan-os" | >= 5.1 < 7.0.14 Search vendor "Paloaltonetworks" for product "Pan-os" and version " >= 5.1 < 7.0.14" | - |
Affected
| ||||||
Paloaltonetworks Search vendor "Paloaltonetworks" | Pan-os Search vendor "Paloaltonetworks" for product "Pan-os" | >= 7.1.0 < 7.1.8 Search vendor "Paloaltonetworks" for product "Pan-os" and version " >= 7.1.0 < 7.1.8" | - |
Affected
| ||||||
Netapp Search vendor "Netapp" | Cloud Backup Search vendor "Netapp" for product "Cloud Backup" | - | - |
Affected
| ||||||
Netapp Search vendor "Netapp" | Hci Storage Nodes Search vendor "Netapp" for product "Hci Storage Nodes" | - | - |
Affected
| ||||||
Netapp Search vendor "Netapp" | Oncommand Balance Search vendor "Netapp" for product "Oncommand Balance" | - | - |
Affected
| ||||||
Netapp Search vendor "Netapp" | Oncommand Performance Manager Search vendor "Netapp" for product "Oncommand Performance Manager" | - | - |
Affected
| ||||||
Netapp Search vendor "Netapp" | Oncommand Unified Manager For Clustered Data Ontap Search vendor "Netapp" for product "Oncommand Unified Manager For Clustered Data Ontap" | - | - |
Affected
| ||||||
Netapp Search vendor "Netapp" | Ontap Select Deploy Administration Utility Search vendor "Netapp" for product "Ontap Select Deploy Administration Utility" | - | - |
Affected
| ||||||
Netapp Search vendor "Netapp" | Snapprotect Search vendor "Netapp" for product "Snapprotect" | - | - |
Affected
| ||||||
Netapp Search vendor "Netapp" | Solidfire Search vendor "Netapp" for product "Solidfire" | - | - |
Affected
|