Race condition in mm/gup.c in the Linux kernel 2.x through 4.x before 4.8.3 allows local users to gain privileges by leveraging incorrect handling of a copy-on-write (COW) feature to write to a read-only memory mapping, as exploited in the wild in October 2016, aka "Dirty COW."

Metrics

No CVSS v4.0

Attack Vector Local

Attack Complexity High

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

Access Vector Local

Access Complexity Low

Authentication None

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

This CVE is in the KEV database since March 3, 2022.

Exploitation active

Automatable no

Technical Impact total

Affected Vendors & Products

Vendors Products
Canonical
  • Ubuntu Linux
Debian
  • Debian Linux
Fedoraproject
  • Fedora
Linux
  • Linux Kernel
Netapp
  • Cloud Backup
  • Hci Storage Nodes
  • Oncommand Balance
  • Oncommand Performance Manager
  • Oncommand Unified Manager For Clustered Data Ontap
  • Ontap Select Deploy Administration Utility
  • Snapprotect
  • Solidfire
Paloaltonetworks
  • Pan-os
Redhat
  • Enterprise Linux
  • Enterprise Linux Aus
  • Enterprise Linux Eus
  • Enterprise Linux Long Life
  • Enterprise Linux Tus
  • Enterprise Mrg
  • Rhel Aus
  • Rhel Eus
  • Rhel Extras Rt
  • Rhel Mission Critical
  • Rhel Tus

Configuration 1 [-]

OR cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:-:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:16.10:*:*:*:*:*:*:*

Configuration 2 [-]

OR cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*

Configuration 3 [-]

OR cpe:2.3:o:redhat:enterprise_linux:5:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_aus:6.2:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_aus:6.4:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_aus:6.5:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_eus:6.6:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_eus:6.7:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_eus:7.1:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_long_life:5.6:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_long_life:5.9:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_tus:6.5:*:*:*:*:*:*:*

Configuration 4 [-]

OR cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*

Configuration 5 [-]

OR cpe:2.3:o:fedoraproject:fedora:23:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:24:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:25:*:*:*:*:*:*:*

Configuration 6 [-]

OR cpe:2.3:o:paloaltonetworks:pan-os:*:*:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:*:*:*:*:*:*:*:*

Configuration 7 [-]

OR cpe:2.3:a:netapp:cloud_backup:-:*:*:*:*:*:*:*
cpe:2.3:a:netapp:hci_storage_nodes:-:*:*:*:*:*:*:*
cpe:2.3:a:netapp:oncommand_balance:-:*:*:*:*:*:*:*
cpe:2.3:a:netapp:oncommand_performance_manager:-:*:*:*:*:*:*:*
cpe:2.3:a:netapp:oncommand_unified_manager_for_clustered_data_ontap:-:*:*:*:*:*:*:*
cpe:2.3:a:netapp:ontap_select_deploy_administration_utility:-:*:*:*:*:*:*:*
cpe:2.3:a:netapp:snapprotect:-:*:*:*:*:*:*:*
cpe:2.3:a:netapp:solidfire:-:*:*:*:*:*:*:*
Package CPE Advisory Released Date
Red Hat Enterprise Linux 5
kernel-0:2.6.18-416.el5 cpe:/o:redhat:enterprise_linux:5 RHSA-2016:2124 2016-10-28T00:00:00Z
Red Hat Enterprise Linux 5.6 Long Life
kernel-0:2.6.18-238.57.1.el5 cpe:/o:redhat:rhel_mission_critical:5.6 RHSA-2016:2127 2016-10-31T00:00:00Z
Red Hat Enterprise Linux 5.9 Long Life
kernel-0:2.6.18-348.32.1.el5 cpe:/o:redhat:rhel_aus:5.9 RHSA-2016:2126 2016-10-31T00:00:00Z
Red Hat Enterprise Linux 6
kernel-0:2.6.32-642.6.2.el6 cpe:/o:redhat:enterprise_linux:6 RHSA-2016:2105 2016-10-26T00:00:00Z
Red Hat Enterprise Linux 6.2 Advanced Update Support
kernel-0:2.6.32-220.68.1.el6 cpe:/o:redhat:rhel_mission_critical:6.2 RHSA-2016:2132 2016-11-01T00:00:00Z
Red Hat Enterprise Linux 6.4 Advanced Update Support
kernel-0:2.6.32-358.75.1.el6 cpe:/o:redhat:rhel_aus:6.4 RHSA-2016:2133 2016-11-01T00:00:00Z
Red Hat Enterprise Linux 6.5 Advanced Update Support
kernel-0:2.6.32-431.75.1.el6 cpe:/o:redhat:rhel_aus:6.5 RHSA-2016:2120 2016-10-27T00:00:00Z
Red Hat Enterprise Linux 6.5 Telco Extended Update Support
kernel-0:2.6.32-431.75.1.el6 cpe:/o:redhat:rhel_tus:6.5 RHSA-2016:2120 2016-10-27T00:00:00Z
Red Hat Enterprise Linux 6.6 Extended Update Support
kernel-0:2.6.32-504.54.1.el6 cpe:/o:redhat:rhel_eus:6.6 RHSA-2016:2128 2016-10-31T00:00:00Z
Red Hat Enterprise Linux 6.7 Extended Update Support
kernel-0:2.6.32-573.35.2.el6 cpe:/o:redhat:rhel_eus:6.7 RHSA-2016:2106 2016-10-26T00:00:00Z
Red Hat Enterprise Linux 7
kernel-rt-0:3.10.0-327.36.3.rt56.238.el7 cpe:/a:redhat:rhel_extras_rt:7 RHSA-2016:2110 2016-10-26T00:00:00Z
kernel-0:3.10.0-327.36.3.el7 cpe:/o:redhat:enterprise_linux:7 RHSA-2016:2098 2016-10-24T00:00:00Z
kernel-aarch64-0:4.5.0-15.2.1.el7 cpe:/o:redhat:enterprise_linux:7 RHSA-2017:0372 2017-03-02T00:00:00Z
Red Hat Enterprise Linux 7.1 Extended Update Support
kernel-0:3.10.0-229.42.2.el7 cpe:/o:redhat:rhel_eus:7.1 RHSA-2016:2118 2016-10-26T00:00:00Z
Red Hat Enterprise MRG 2
kernel-rt-1:3.10.0-327.rt56.198.el6rt cpe:/a:redhat:enterprise_mrg:2:server:el6 RHSA-2016:2107 2016-10-26T00:00:00Z
References
Link Providers
http://fortiguard.com/advisory/FG-IR-16-063 cve-icon cve-icon
http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=19be0eaffa3ac7d8eb6784ad9bdbc7d67ed8e619 cve-icon cve-icon
http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10770 cve-icon cve-icon
http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10774 cve-icon cve-icon
http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10807 cve-icon cve-icon
http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00034.html cve-icon cve-icon
http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00035.html cve-icon cve-icon
http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00036.html cve-icon cve-icon
http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00038.html cve-icon cve-icon
http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00039.html cve-icon cve-icon
http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00040.html cve-icon cve-icon
http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00045.html cve-icon cve-icon
http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00048.html cve-icon cve-icon
http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00049.html cve-icon cve-icon
http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00050.html cve-icon cve-icon
http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00051.html cve-icon cve-icon
http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00052.html cve-icon cve-icon
http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00053.html cve-icon cve-icon
http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00054.html cve-icon cve-icon
http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00055.html cve-icon cve-icon
http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00056.html cve-icon cve-icon
http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00057.html cve-icon cve-icon
http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00058.html cve-icon cve-icon
http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00063.html cve-icon cve-icon
http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00064.html cve-icon cve-icon
http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00065.html cve-icon cve-icon
http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00066.html cve-icon cve-icon
http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00067.html cve-icon cve-icon
http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00072.html cve-icon cve-icon
http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00033.html cve-icon cve-icon
http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00100.html cve-icon cve-icon
http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00041.html cve-icon cve-icon
http://packetstormsecurity.com/files/139277/Kernel-Live-Patch-Security-Notice-LSN-0012-1.html cve-icon cve-icon
http://packetstormsecurity.com/files/139286/DirtyCow-Linux-Kernel-Race-Condition.html cve-icon cve-icon
http://packetstormsecurity.com/files/139287/DirtyCow-Local-Root-Proof-Of-Concept.html cve-icon cve-icon
http://packetstormsecurity.com/files/139922/Linux-Kernel-Dirty-COW-PTRACE_POKEDATA-Privilege-Escalation.html cve-icon cve-icon
http://packetstormsecurity.com/files/139923/Linux-Kernel-Dirty-COW-PTRACE_POKEDATA-Privilege-Escalation.html cve-icon cve-icon
http://packetstormsecurity.com/files/142151/Kernel-Live-Patch-Security-Notice-LSN-0021-1.html cve-icon cve-icon
http://rhn.redhat.com/errata/RHSA-2016-2098.html cve-icon cve-icon
http://rhn.redhat.com/errata/RHSA-2016-2105.html cve-icon cve-icon
http://rhn.redhat.com/errata/RHSA-2016-2106.html cve-icon cve-icon
http://rhn.redhat.com/errata/RHSA-2016-2107.html cve-icon cve-icon
http://rhn.redhat.com/errata/RHSA-2016-2110.html cve-icon cve-icon
http://rhn.redhat.com/errata/RHSA-2016-2118.html cve-icon cve-icon
http://rhn.redhat.com/errata/RHSA-2016-2120.html cve-icon cve-icon
http://rhn.redhat.com/errata/RHSA-2016-2124.html cve-icon cve-icon
http://rhn.redhat.com/errata/RHSA-2016-2126.html cve-icon cve-icon
http://rhn.redhat.com/errata/RHSA-2016-2127.html cve-icon cve-icon
http://rhn.redhat.com/errata/RHSA-2016-2128.html cve-icon cve-icon
http://rhn.redhat.com/errata/RHSA-2016-2132.html cve-icon cve-icon
http://rhn.redhat.com/errata/RHSA-2016-2133.html cve-icon cve-icon
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161026-linux cve-icon cve-icon
http://www.debian.org/security/2016/dsa-3696 cve-icon cve-icon
http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20161207-01-dirtycow-en cve-icon cve-icon
http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.8.3 cve-icon cve-icon
http://www.openwall.com/lists/oss-security/2016/10/21/1 cve-icon cve-icon
http://www.openwall.com/lists/oss-security/2016/10/26/7 cve-icon cve-icon
http://www.openwall.com/lists/oss-security/2016/10/27/13 cve-icon cve-icon
http://www.openwall.com/lists/oss-security/2016/10/30/1 cve-icon cve-icon
http://www.openwall.com/lists/oss-security/2016/11/03/7 cve-icon cve-icon
http://www.openwall.com/lists/oss-security/2022/03/07/1 cve-icon cve-icon
http://www.openwall.com/lists/oss-security/2022/08/08/1 cve-icon cve-icon
http://www.openwall.com/lists/oss-security/2022/08/08/2 cve-icon cve-icon
http://www.openwall.com/lists/oss-security/2022/08/08/7 cve-icon cve-icon
http://www.openwall.com/lists/oss-security/2022/08/08/8 cve-icon cve-icon
http://www.openwall.com/lists/oss-security/2022/08/09/4 cve-icon cve-icon
http://www.openwall.com/lists/oss-security/2022/08/15/1 cve-icon cve-icon
http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html cve-icon cve-icon
http://www.securityfocus.com/archive/1/539611/100/0/threaded cve-icon cve-icon
http://www.securityfocus.com/archive/1/540252/100/0/threaded cve-icon cve-icon
http://www.securityfocus.com/archive/1/540344/100/0/threaded cve-icon cve-icon
http://www.securityfocus.com/archive/1/540736/100/0/threaded cve-icon cve-icon
http://www.securityfocus.com/archive/1/archive/1/539611/100/0/threaded cve-icon cve-icon
http://www.securityfocus.com/archive/1/archive/1/540252/100/0/threaded cve-icon cve-icon
http://www.securityfocus.com/archive/1/archive/1/540344/100/0/threaded cve-icon cve-icon
http://www.securityfocus.com/archive/1/archive/1/540736/100/0/threaded cve-icon cve-icon
http://www.securityfocus.com/bid/93793 cve-icon cve-icon
http://www.securitytracker.com/id/1037078 cve-icon cve-icon
http://www.ubuntu.com/usn/USN-3104-1 cve-icon cve-icon
http://www.ubuntu.com/usn/USN-3104-2 cve-icon cve-icon
http://www.ubuntu.com/usn/USN-3105-1 cve-icon cve-icon
http://www.ubuntu.com/usn/USN-3105-2 cve-icon cve-icon
http://www.ubuntu.com/usn/USN-3106-1 cve-icon cve-icon
http://www.ubuntu.com/usn/USN-3106-2 cve-icon cve-icon
http://www.ubuntu.com/usn/USN-3106-3 cve-icon cve-icon
http://www.ubuntu.com/usn/USN-3106-4 cve-icon cve-icon
http://www.ubuntu.com/usn/USN-3107-1 cve-icon cve-icon
http://www.ubuntu.com/usn/USN-3107-2 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2017:0372 cve-icon cve-icon
https://access.redhat.com/security/cve/cve-2016-5195 cve-icon cve-icon
https://access.redhat.com/security/vulnerabilities/2706661 cve-icon cve-icon
https://bto.bluecoat.com/security-advisory/sa134 cve-icon cve-icon
https://bugzilla.redhat.com/show_bug.cgi?id=1384344 cve-icon cve-icon
https://bugzilla.suse.com/show_bug.cgi?id=1004418 cve-icon cve-icon
https://dirtycow.ninja cve-icon cve-icon
https://github.com/dirtycow/dirtycow.github.io/wiki/PoCs cve-icon cve-icon
https://github.com/dirtycow/dirtycow.github.io/wiki/VulnerabilityDetails cve-icon cve-icon
https://github.com/torvalds/linux/commit/19be0eaffa3ac7d8eb6784ad9bdbc7d67ed8e619 cve-icon cve-icon
https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-c05352241 cve-icon cve-icon
https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbgn03707en_us cve-icon cve-icon
https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbgn03722en_us cve-icon cve-icon
https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbgn03742en_us cve-icon cve-icon
https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbgn03761en_us cve-icon cve-icon
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05341463 cve-icon cve-icon
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05347541 cve-icon cve-icon
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05352241 cve-icon cve-icon
https://help.ecostruxureit.com/display/public/UADCO8x/StruxureWare+Data+Center+Operation+Software+Vulnerability+Fixes cve-icon cve-icon
https://kc.mcafee.com/corporate/index?page=content&id=SB10176 cve-icon cve-icon
https://kc.mcafee.com/corporate/index?page=content&id=SB10177 cve-icon cve-icon
https://kc.mcafee.com/corporate/index?page=content&id=SB10222 cve-icon cve-icon
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/E7M62SRP6CZLJ4ZXCRZKV4WPLQBSR7DT/ cve-icon cve-icon
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NWMDLBWMGZKFHMRJ7QUQVCERP5QHDB6W/ cve-icon cve-icon
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/W3APRVDVPDBXLH4DC5UKZVCR742MJIM3/ cve-icon cve-icon
https://nvd.nist.gov/vuln/detail/CVE-2016-5195 cve-icon
https://people.canonical.com/~ubuntu-security/cve/2016/CVE-2016-5195.html cve-icon cve-icon
https://security-tracker.debian.org/tracker/CVE-2016-5195 cve-icon cve-icon
https://security.netapp.com/advisory/ntap-20161025-0001/ cve-icon cve-icon
https://security.paloaltonetworks.com/CVE-2016-5195 cve-icon cve-icon
https://source.android.com/security/bulletin/2016-11-01.html cve-icon cve-icon
https://source.android.com/security/bulletin/2016-12-01.html cve-icon cve-icon
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20181107-vcsd cve-icon cve-icon
https://www.arista.com/en/support/advisories-notices/security-advisories/1753-security-advisory-0026 cve-icon cve-icon
https://www.cisa.gov/known-exploited-vulnerabilities-catalog cve-icon
https://www.cve.org/CVERecord?id=CVE-2016-5195 cve-icon
https://www.exploit-db.com/exploits/40611/ cve-icon cve-icon
https://www.exploit-db.com/exploits/40616/ cve-icon cve-icon
https://www.exploit-db.com/exploits/40839/ cve-icon cve-icon
https://www.exploit-db.com/exploits/40847/ cve-icon cve-icon
https://www.kb.cert.org/vuls/id/243144 cve-icon cve-icon
History

Wed, 29 Jan 2025 18:15:00 +0000

Type Values Removed Values Added
Metrics kev

{'dateAdded': '2022-03-03'}

ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'active', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Wed, 14 Aug 2024 00:00:00 +0000

Type Values Removed Values Added
References
cve-icon MITRE

Status: PUBLISHED

Assigner: Chrome

Published: 2016-11-10T21:00:00.000Z

Updated: 2025-01-29T17:18:43.067Z

Reserved: 2016-05-31T00:00:00.000Z

Link: CVE-2016-5195

cve-icon Vulnrichment

Updated: 2024-08-06T00:53:48.930Z

cve-icon NVD

Status : Modified

Published: 2016-11-10T21:59:00.197

Modified: 2025-01-29T18:15:28.220

Link: CVE-2016-5195

cve-icon Redhat

Severity : Important

Publid Date: 2016-10-19T00:00:00Z

Links: CVE-2016-5195 - Bugzilla