{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2016-10-20T00:00:00", "descriptions": [{"lang": "en", "value": "Race condition in mm/gup.c in the Linux kernel 2.x through 4.x before 4.8.3 allows local users to gain privileges by leveraging incorrect handling of a copy-on-write (COW) feature to write to a read-only memory mapping, as exploited in the wild in October 2016, aka \"Dirty COW.\""}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2022-08-15T11:06:10", "orgId": "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28", "shortName": "Chrome"}, "references": [{"name": "RHSA-2016:2107", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "http://rhn.redhat.com/errata/RHSA-2016-2107.html"}, {"name": "40616", "tags": ["exploit", "x_refsource_EXPLOIT-DB"], "url": "https://www.exploit-db.com/exploits/40616/"}, {"name": "RHSA-2017:0372", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "https://access.redhat.com/errata/RHSA-2017:0372"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://bto.bluecoat.com/security-advisory/sa134"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05352241"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html"}, {"name": "40839", "tags": ["exploit", "x_refsource_EXPLOIT-DB"], "url": "https://www.exploit-db.com/exploits/40839/"}, {"tags": ["x_refsource_MISC"], "url": "https://dirtycow.ninja"}, {"name": "40847", "tags": ["exploit", "x_refsource_EXPLOIT-DB"], "url": "https://www.exploit-db.com/exploits/40847/"}, {"name": "RHSA-2016:2118", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "http://rhn.redhat.com/errata/RHSA-2016-2118.html"}, {"name": "RHSA-2016:2128", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "http://rhn.redhat.com/errata/RHSA-2016-2128.html"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://source.android.com/security/bulletin/2016-12-01.html"}, {"name": "RHSA-2016:2120", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "http://rhn.redhat.com/errata/RHSA-2016-2120.html"}, {"name": "[oss-security] 20161026 Re: CVE-2016-5195 \"Dirty COW\" Linux kernel privilege escalation vulnerability", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://www.openwall.com/lists/oss-security/2016/10/26/7"}, {"name": "RHSA-2016:2133", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "http://rhn.redhat.com/errata/RHSA-2016-2133.html"}, {"name": "RHSA-2016:2098", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "http://rhn.redhat.com/errata/RHSA-2016-2098.html"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbgn03761en_us"}, {"name": "VU#243144", "tags": ["third-party-advisory", "x_refsource_CERT-VN"], "url": "https://www.kb.cert.org/vuls/id/243144"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://bugzilla.suse.com/show_bug.cgi?id=1004418"}, {"name": "1037078", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://www.securitytracker.com/id/1037078"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://people.canonical.com/~ubuntu-security/cve/2016/CVE-2016-5195.html"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbgn03722en_us"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://security.netapp.com/advisory/ntap-20161025-0001/"}, {"name": "93793", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/93793"}, {"name": "RHSA-2016:2127", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "http://rhn.redhat.com/errata/RHSA-2016-2127.html"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://security-tracker.debian.org/tracker/CVE-2016-5195"}, {"tags": ["x_refsource_MISC"], "url": "https://github.com/dirtycow/dirtycow.github.io/wiki/PoCs"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbgn03742en_us"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://github.com/torvalds/linux/commit/19be0eaffa3ac7d8eb6784ad9bdbc7d67ed8e619"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://help.ecostruxureit.com/display/public/UADCO8x/StruxureWare+Data+Center+Operation+Software+Vulnerability+Fixes"}, {"tags": ["x_refsource_MISC"], "url": "https://github.com/dirtycow/dirtycow.github.io/wiki/VulnerabilityDetails"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1384344"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://access.redhat.com/security/vulnerabilities/2706661"}, {"name": "RHSA-2016:2106", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "http://rhn.redhat.com/errata/RHSA-2016-2106.html"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=19be0eaffa3ac7d8eb6784ad9bdbc7d67ed8e619"}, {"name": "40611", "tags": ["exploit", "x_refsource_EXPLOIT-DB"], "url": "https://www.exploit-db.com/exploits/40611/"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://access.redhat.com/security/cve/cve-2016-5195"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://source.android.com/security/bulletin/2016-11-01.html"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05347541"}, {"name": "RHSA-2016:2124", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "http://rhn.redhat.com/errata/RHSA-2016-2124.html"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.8.3"}, {"name": "RHSA-2016:2105", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "http://rhn.redhat.com/errata/RHSA-2016-2105.html"}, {"name": "RHSA-2016:2126", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "http://rhn.redhat.com/errata/RHSA-2016-2126.html"}, {"name": "RHSA-2016:2132", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "http://rhn.redhat.com/errata/RHSA-2016-2132.html"}, {"name": "RHSA-2016:2110", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "http://rhn.redhat.com/errata/RHSA-2016-2110.html"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbgn03707en_us"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05341463"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://kc.mcafee.com/corporate/index?page=content&id=SB10176"}, {"name": "SUSE-SU-2016:2635", "tags": ["vendor-advisory", "x_refsource_SUSE"], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00055.html"}, {"name": "SUSE-SU-2016:2659", "tags": ["vendor-advisory", "x_refsource_SUSE"], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00067.html"}, {"name": "[oss-security] 20161027 CVE-2016-5195 test case", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://www.openwall.com/lists/oss-security/2016/10/27/13"}, {"name": "USN-3106-2", "tags": ["vendor-advisory", "x_refsource_UBUNTU"], "url": "http://www.ubuntu.com/usn/USN-3106-2"}, {"name": "openSUSE-SU-2016:2583", "tags": ["vendor-advisory", "x_refsource_SUSE"], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00034.html"}, {"tags": ["x_refsource_MISC"], "url": "http://packetstormsecurity.com/files/139277/Kernel-Live-Patch-Security-Notice-LSN-0012-1.html"}, {"name": "SUSE-SU-2016:2633", "tags": ["vendor-advisory", "x_refsource_SUSE"], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00053.html"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20161207-01-dirtycow-en"}, {"name": "SUSE-SU-2016:2638", "tags": ["vendor-advisory", "x_refsource_SUSE"], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00058.html"}, {"name": "openSUSE-SU-2016:2584", "tags": ["vendor-advisory", "x_refsource_SUSE"], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00035.html"}, {"tags": ["x_refsource_MISC"], "url": "http://packetstormsecurity.com/files/142151/Kernel-Live-Patch-Security-Notice-LSN-0021-1.html"}, {"name": "SUSE-SU-2016:2658", "tags": ["vendor-advisory", "x_refsource_SUSE"], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00066.html"}, {"name": "SUSE-SU-2016:2631", "tags": ["vendor-advisory", "x_refsource_SUSE"], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00051.html"}, {"name": "USN-3106-3", "tags": ["vendor-advisory", "x_refsource_UBUNTU"], "url": "http://www.ubuntu.com/usn/USN-3106-3"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-c05352241"}, {"name": "SUSE-SU-2016:2655", "tags": ["vendor-advisory", "x_refsource_SUSE"], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00064.html"}, {"name": "FEDORA-2016-c3558808cd", "tags": ["vendor-advisory", "x_refsource_FEDORA"], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/W3APRVDVPDBXLH4DC5UKZVCR742MJIM3/"}, {"name": "20170615 [security bulletin] HPESBGN03761 rev.1 - HPE Virtualization Performance Viewer (VPV)/ Cloud Optimizer using Linux, Remote Escalation of Privilege", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://www.securityfocus.com/archive/1/archive/1/540736/100/0/threaded"}, {"name": "SUSE-SU-2016:2637", "tags": ["vendor-advisory", "x_refsource_SUSE"], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00057.html"}, {"name": "SUSE-SU-2016:2596", "tags": ["vendor-advisory", "x_refsource_SUSE"], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00040.html"}, {"name": "SUSE-SU-2016:2634", "tags": ["vendor-advisory", "x_refsource_SUSE"], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00054.html"}, {"name": "20181107 Cisco TelePresence Video Communication Server Test Validation Script Issue", "tags": ["vendor-advisory", "x_refsource_CISCO"], "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20181107-vcsd"}, {"name": "20161026 Vulnerability in Linux Kernel Affecting Cisco Products: October 2016", "tags": ["vendor-advisory", "x_refsource_CISCO"], "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161026-linux"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10770"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://kc.mcafee.com/corporate/index?page=content&id=SB10177"}, {"name": "SUSE-SU-2016:2657", "tags": ["vendor-advisory", "x_refsource_SUSE"], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00065.html"}, {"name": "SUSE-SU-2016:2614", "tags": ["vendor-advisory", "x_refsource_SUSE"], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00045.html"}, {"name": "USN-3105-2", "tags": ["vendor-advisory", "x_refsource_UBUNTU"], "url": "http://www.ubuntu.com/usn/USN-3105-2"}, {"name": "USN-3107-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU"], "url": "http://www.ubuntu.com/usn/USN-3107-1"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10774"}, {"name": "USN-3107-2", "tags": ["vendor-advisory", "x_refsource_UBUNTU"], "url": "http://www.ubuntu.com/usn/USN-3107-2"}, {"name": "20170331 [security bulletin] HPESBGN03722 rev.1 - HPE Operations Agent, Local Escalation of Privilege", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://www.securityfocus.com/archive/1/540344/100/0/threaded"}, {"name": "openSUSE-SU-2016:2625", "tags": ["vendor-advisory", "x_refsource_SUSE"], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00048.html"}, {"name": "USN-3106-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU"], "url": "http://www.ubuntu.com/usn/USN-3106-1"}, {"name": "USN-3106-4", "tags": ["vendor-advisory", "x_refsource_UBUNTU"], "url": "http://www.ubuntu.com/usn/USN-3106-4"}, {"name": "[oss-security] 20161030 Re: CVE-2016-5195 test case", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://www.openwall.com/lists/oss-security/2016/10/30/1"}, {"tags": ["x_refsource_MISC"], "url": "http://packetstormsecurity.com/files/139923/Linux-Kernel-Dirty-COW-PTRACE_POKEDATA-Privilege-Escalation.html"}, {"name": "SUSE-SU-2016:2673", "tags": ["vendor-advisory", "x_refsource_SUSE"], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00072.html"}, {"name": "USN-3104-2", "tags": ["vendor-advisory", "x_refsource_UBUNTU"], "url": "http://www.ubuntu.com/usn/USN-3104-2"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://fortiguard.com/advisory/FG-IR-16-063"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10807"}, {"name": "SUSE-SU-2016:2629", "tags": ["vendor-advisory", "x_refsource_SUSE"], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00049.html"}, {"name": "20161020 [CVE-2016-5195] \"Dirty COW\" Linux privilege escalation vulnerability", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://www.securityfocus.com/archive/1/539611/100/0/threaded"}, {"tags": ["x_refsource_MISC"], "url": "http://packetstormsecurity.com/files/139922/Linux-Kernel-Dirty-COW-PTRACE_POKEDATA-Privilege-Escalation.html"}, {"name": "SUSE-SU-2016:2632", "tags": ["vendor-advisory", "x_refsource_SUSE"], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00052.html"}, {"name": "20170310 [security bulletin] HPESBGN03707 rev.1 - HPE ConvergedSystem 700 2.0 VMware Kit, Remote Increase of Privilege", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://www.securityfocus.com/archive/1/archive/1/540252/100/0/threaded"}, {"name": "USN-3105-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU"], "url": "http://www.ubuntu.com/usn/USN-3105-1"}, {"tags": ["x_refsource_MISC"], "url": "http://packetstormsecurity.com/files/139286/DirtyCow-Linux-Kernel-Race-Condition.html"}, {"name": "SUSE-SU-2016:2630", "tags": ["vendor-advisory", "x_refsource_SUSE"], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00050.html"}, {"name": "FEDORA-2016-db4b75b352", "tags": ["vendor-advisory", "x_refsource_FEDORA"], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/E7M62SRP6CZLJ4ZXCRZKV4WPLQBSR7DT/"}, {"name": "FEDORA-2016-c8a0c7eece", "tags": ["vendor-advisory", "x_refsource_FEDORA"], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NWMDLBWMGZKFHMRJ7QUQVCERP5QHDB6W/"}, {"name": "[oss-security] 20161103 Re: CVE-2016-5195 \"Dirty COW\" Linux kernel privilege escalation vulnerability", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://www.openwall.com/lists/oss-security/2016/11/03/7"}, {"name": "SUSE-SU-2016:2636", "tags": ["vendor-advisory", "x_refsource_SUSE"], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00056.html"}, {"name": "SUSE-SU-2016:3069", "tags": ["vendor-advisory", "x_refsource_SUSE"], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00033.html"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://kc.mcafee.com/corporate/index?page=content&id=SB10222"}, {"name": "DSA-3696", "tags": ["vendor-advisory", "x_refsource_DEBIAN"], "url": "http://www.debian.org/security/2016/dsa-3696"}, {"tags": ["x_refsource_MISC"], "url": "http://packetstormsecurity.com/files/139287/DirtyCow-Local-Root-Proof-Of-Concept.html"}, {"name": "SUSE-SU-2016:2592", "tags": ["vendor-advisory", "x_refsource_SUSE"], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00038.html"}, {"name": "20170331 [security bulletin] HPESBGN03722 rev.1 - HPE Operations Agent, Local Escalation of Privilege", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://www.securityfocus.com/archive/1/archive/1/540344/100/0/threaded"}, {"name": "20161020 [CVE-2016-5195] \"Dirty COW\" Linux privilege escalation vulnerability", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://www.securityfocus.com/archive/1/archive/1/539611/100/0/threaded"}, {"name": "USN-3104-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU"], "url": "http://www.ubuntu.com/usn/USN-3104-1"}, {"name": "20170615 [security bulletin] HPESBGN03761 rev.1 - HPE Virtualization Performance Viewer (VPV)/ Cloud Optimizer using Linux, Remote Escalation of Privilege", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://www.securityfocus.com/archive/1/540736/100/0/threaded"}, {"name": "SUSE-SU-2016:2593", "tags": ["vendor-advisory", "x_refsource_SUSE"], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00039.html"}, {"name": "SUSE-SU-2016:3304", "tags": ["vendor-advisory", "x_refsource_SUSE"], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00100.html"}, {"name": "[oss-security] 20161021 CVE-2016-5195 \"Dirty COW\" Linux kernel privilege escalation vulnerability", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://www.openwall.com/lists/oss-security/2016/10/21/1"}, {"name": "20170310 [security bulletin] HPESBGN03707 rev.1 - HPE ConvergedSystem 700 2.0 VMware Kit, Remote Increase of Privilege", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://www.securityfocus.com/archive/1/540252/100/0/threaded"}, {"name": "SUSE-SU-2016:2585", "tags": ["vendor-advisory", "x_refsource_SUSE"], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00036.html"}, {"name": "openSUSE-SU-2016:2649", "tags": ["vendor-advisory", "x_refsource_SUSE"], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00063.html"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://security.paloaltonetworks.com/CVE-2016-5195"}, {"name": "openSUSE-SU-2020:0554", "tags": ["vendor-advisory", "x_refsource_SUSE"], "url": "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00041.html"}, {"tags": ["x_refsource_MISC"], "url": "https://www.arista.com/en/support/advisories-notices/security-advisories/1753-security-advisory-0026"}, {"name": "[oss-security] 20220307 CVE-2022-0847: Linux kernel: overwriting read-only files", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://www.openwall.com/lists/oss-security/2022/03/07/1"}, {"name": "[oss-security] 20220808 Re: CVE-2022-2590: Linux kernel: Modifying shmem/tmpfs files without write permissions", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://www.openwall.com/lists/oss-security/2022/08/08/2"}, {"name": "[oss-security] 20220808 CVE-2022-2590: Linux kernel: Modifying shmem/tmpfs files without write permissions", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://www.openwall.com/lists/oss-security/2022/08/08/1"}, {"name": "[oss-security] 20220808 Re: CVE-2022-2590: Linux kernel: Modifying shmem/tmpfs files without write permissions", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://www.openwall.com/lists/oss-security/2022/08/08/7"}, {"name": "[oss-security] 20220808 Re: CVE-2022-2590: Linux kernel: Modifying shmem/tmpfs files without write permissions", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://www.openwall.com/lists/oss-security/2022/08/08/8"}, {"name": "[oss-security] 20220809 Re: CVE-2022-2590: Linux kernel: Modifying shmem/tmpfs files without write permissions", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://www.openwall.com/lists/oss-security/2022/08/09/4"}, {"name": "[oss-security] 20220815 Re: CVE-2022-2590: Linux kernel: Modifying shmem/tmpfs files without write permissions", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://www.openwall.com/lists/oss-security/2022/08/15/1"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "chrome-cve-admin@google.com", "ID": "CVE-2016-5195", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Race condition in mm/gup.c in the Linux kernel 2.x through 4.x before 4.8.3 allows local users to gain privileges by leveraging incorrect handling of a copy-on-write (COW) feature to write to a read-only memory mapping, as exploited in the wild in October 2016, aka \"Dirty COW.\""}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "RHSA-2016:2107", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2016-2107.html"}, {"name": "40616", "refsource": "EXPLOIT-DB", "url": "https://www.exploit-db.com/exploits/40616/"}, {"name": "RHSA-2017:0372", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2017:0372"}, {"name": "https://bto.bluecoat.com/security-advisory/sa134", "refsource": "CONFIRM", "url": "https://bto.bluecoat.com/security-advisory/sa134"}, {"name": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05352241", "refsource": "CONFIRM", "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05352241"}, {"name": "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html", "refsource": "CONFIRM", "url": "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html"}, {"name": "40839", "refsource": "EXPLOIT-DB", "url": "https://www.exploit-db.com/exploits/40839/"}, {"name": "https://dirtycow.ninja", "refsource": "MISC", "url": "https://dirtycow.ninja"}, {"name": "40847", "refsource": "EXPLOIT-DB", "url": "https://www.exploit-db.com/exploits/40847/"}, {"name": "RHSA-2016:2118", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2016-2118.html"}, {"name": "RHSA-2016:2128", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2016-2128.html"}, {"name": "https://source.android.com/security/bulletin/2016-12-01.html", "refsource": "CONFIRM", "url": "https://source.android.com/security/bulletin/2016-12-01.html"}, {"name": "RHSA-2016:2120", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2016-2120.html"}, {"name": "[oss-security] 20161026 Re: CVE-2016-5195 \"Dirty COW\" Linux kernel privilege escalation vulnerability", "refsource": "MLIST", "url": "http://www.openwall.com/lists/oss-security/2016/10/26/7"}, {"name": "RHSA-2016:2133", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2016-2133.html"}, {"name": "RHSA-2016:2098", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2016-2098.html"}, {"name": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbgn03761en_us", "refsource": "CONFIRM", "url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbgn03761en_us"}, {"name": "VU#243144", "refsource": "CERT-VN", "url": "https://www.kb.cert.org/vuls/id/243144"}, {"name": "https://bugzilla.suse.com/show_bug.cgi?id=1004418", "refsource": "CONFIRM", "url": "https://bugzilla.suse.com/show_bug.cgi?id=1004418"}, {"name": "1037078", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1037078"}, {"name": "https://people.canonical.com/~ubuntu-security/cve/2016/CVE-2016-5195.html", "refsource": "CONFIRM", "url": "https://people.canonical.com/~ubuntu-security/cve/2016/CVE-2016-5195.html"}, {"name": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbgn03722en_us", "refsource": "CONFIRM", "url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbgn03722en_us"}, {"name": "https://security.netapp.com/advisory/ntap-20161025-0001/", "refsource": "CONFIRM", "url": "https://security.netapp.com/advisory/ntap-20161025-0001/"}, {"name": "93793", "refsource": "BID", "url": "http://www.securityfocus.com/bid/93793"}, {"name": "RHSA-2016:2127", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2016-2127.html"}, {"name": "https://security-tracker.debian.org/tracker/CVE-2016-5195", "refsource": "CONFIRM", "url": "https://security-tracker.debian.org/tracker/CVE-2016-5195"}, {"name": "https://github.com/dirtycow/dirtycow.github.io/wiki/PoCs", "refsource": "MISC", "url": "https://github.com/dirtycow/dirtycow.github.io/wiki/PoCs"}, {"name": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbgn03742en_us", "refsource": "CONFIRM", "url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbgn03742en_us"}, {"name": "https://github.com/torvalds/linux/commit/19be0eaffa3ac7d8eb6784ad9bdbc7d67ed8e619", "refsource": "CONFIRM", "url": "https://github.com/torvalds/linux/commit/19be0eaffa3ac7d8eb6784ad9bdbc7d67ed8e619"}, {"name": "https://help.ecostruxureit.com/display/public/UADCO8x/StruxureWare+Data+Center+Operation+Software+Vulnerability+Fixes", "refsource": "CONFIRM", "url": "https://help.ecostruxureit.com/display/public/UADCO8x/StruxureWare+Data+Center+Operation+Software+Vulnerability+Fixes"}, {"name": "https://github.com/dirtycow/dirtycow.github.io/wiki/VulnerabilityDetails", "refsource": "MISC", "url": "https://github.com/dirtycow/dirtycow.github.io/wiki/VulnerabilityDetails"}, {"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1384344", "refsource": "CONFIRM", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1384344"}, {"name": "https://access.redhat.com/security/vulnerabilities/2706661", "refsource": "CONFIRM", "url": "https://access.redhat.com/security/vulnerabilities/2706661"}, {"name": "RHSA-2016:2106", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2016-2106.html"}, {"name": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=19be0eaffa3ac7d8eb6784ad9bdbc7d67ed8e619", "refsource": "CONFIRM", "url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=19be0eaffa3ac7d8eb6784ad9bdbc7d67ed8e619"}, {"name": "40611", "refsource": "EXPLOIT-DB", "url": "https://www.exploit-db.com/exploits/40611/"}, {"name": "https://access.redhat.com/security/cve/cve-2016-5195", "refsource": "CONFIRM", "url": "https://access.redhat.com/security/cve/cve-2016-5195"}, {"name": "https://source.android.com/security/bulletin/2016-11-01.html", "refsource": "CONFIRM", "url": "https://source.android.com/security/bulletin/2016-11-01.html"}, {"name": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05347541", "refsource": "CONFIRM", "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05347541"}, {"name": "RHSA-2016:2124", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2016-2124.html"}, {"name": "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.8.3", "refsource": "CONFIRM", "url": "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.8.3"}, {"name": "RHSA-2016:2105", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2016-2105.html"}, {"name": "RHSA-2016:2126", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2016-2126.html"}, {"name": "RHSA-2016:2132", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2016-2132.html"}, {"name": "RHSA-2016:2110", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2016-2110.html"}, {"name": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbgn03707en_us", "refsource": "CONFIRM", "url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbgn03707en_us"}, {"name": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05341463", "refsource": "CONFIRM", "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05341463"}, {"name": "https://kc.mcafee.com/corporate/index?page=content&id=SB10176", "refsource": "CONFIRM", "url": "https://kc.mcafee.com/corporate/index?page=content&id=SB10176"}, {"name": "SUSE-SU-2016:2635", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00055.html"}, {"name": "SUSE-SU-2016:2659", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00067.html"}, {"name": "[oss-security] 20161027 CVE-2016-5195 test case", "refsource": "MLIST", "url": "http://www.openwall.com/lists/oss-security/2016/10/27/13"}, {"name": "USN-3106-2", "refsource": "UBUNTU", "url": "http://www.ubuntu.com/usn/USN-3106-2"}, {"name": "openSUSE-SU-2016:2583", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00034.html"}, {"name": "http://packetstormsecurity.com/files/139277/Kernel-Live-Patch-Security-Notice-LSN-0012-1.html", "refsource": "MISC", "url": "http://packetstormsecurity.com/files/139277/Kernel-Live-Patch-Security-Notice-LSN-0012-1.html"}, {"name": "SUSE-SU-2016:2633", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00053.html"}, {"name": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20161207-01-dirtycow-en", "refsource": "CONFIRM", "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20161207-01-dirtycow-en"}, {"name": "SUSE-SU-2016:2638", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00058.html"}, {"name": "openSUSE-SU-2016:2584", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00035.html"}, {"name": "http://packetstormsecurity.com/files/142151/Kernel-Live-Patch-Security-Notice-LSN-0021-1.html", "refsource": "MISC", "url": "http://packetstormsecurity.com/files/142151/Kernel-Live-Patch-Security-Notice-LSN-0021-1.html"}, {"name": "SUSE-SU-2016:2658", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00066.html"}, {"name": "SUSE-SU-2016:2631", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00051.html"}, {"name": "USN-3106-3", "refsource": "UBUNTU", "url": "http://www.ubuntu.com/usn/USN-3106-3"}, {"name": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-c05352241", "refsource": "CONFIRM", "url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-c05352241"}, {"name": "SUSE-SU-2016:2655", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00064.html"}, {"name": "FEDORA-2016-c3558808cd", "refsource": "FEDORA", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W3APRVDVPDBXLH4DC5UKZVCR742MJIM3/"}, {"name": "20170615 [security bulletin] HPESBGN03761 rev.1 - HPE Virtualization Performance Viewer (VPV)/ Cloud Optimizer using Linux, Remote Escalation of Privilege", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/archive/1/540736/100/0/threaded"}, {"name": "SUSE-SU-2016:2637", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00057.html"}, {"name": "SUSE-SU-2016:2596", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00040.html"}, {"name": "SUSE-SU-2016:2634", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00054.html"}, {"name": "20181107 Cisco TelePresence Video Communication Server Test Validation Script Issue", "refsource": "CISCO", "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20181107-vcsd"}, {"name": "20161026 Vulnerability in Linux Kernel Affecting Cisco Products: October 2016", "refsource": "CISCO", "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161026-linux"}, {"name": "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10770", "refsource": "CONFIRM", "url": "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10770"}, {"name": "https://kc.mcafee.com/corporate/index?page=content&id=SB10177", "refsource": "CONFIRM", "url": "https://kc.mcafee.com/corporate/index?page=content&id=SB10177"}, {"name": "SUSE-SU-2016:2657", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00065.html"}, {"name": "SUSE-SU-2016:2614", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00045.html"}, {"name": "USN-3105-2", "refsource": "UBUNTU", "url": "http://www.ubuntu.com/usn/USN-3105-2"}, {"name": "USN-3107-1", "refsource": "UBUNTU", "url": "http://www.ubuntu.com/usn/USN-3107-1"}, {"name": "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10774", "refsource": "CONFIRM", "url": "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10774"}, {"name": "USN-3107-2", "refsource": "UBUNTU", "url": "http://www.ubuntu.com/usn/USN-3107-2"}, {"name": "20170331 [security bulletin] HPESBGN03722 rev.1 - HPE Operations Agent, Local Escalation of Privilege", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/540344/100/0/threaded"}, {"name": "openSUSE-SU-2016:2625", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00048.html"}, {"name": "USN-3106-1", "refsource": "UBUNTU", "url": "http://www.ubuntu.com/usn/USN-3106-1"}, {"name": "USN-3106-4", "refsource": "UBUNTU", "url": "http://www.ubuntu.com/usn/USN-3106-4"}, {"name": "[oss-security] 20161030 Re: CVE-2016-5195 test case", "refsource": "MLIST", "url": "http://www.openwall.com/lists/oss-security/2016/10/30/1"}, {"name": "http://packetstormsecurity.com/files/139923/Linux-Kernel-Dirty-COW-PTRACE_POKEDATA-Privilege-Escalation.html", "refsource": "MISC", "url": "http://packetstormsecurity.com/files/139923/Linux-Kernel-Dirty-COW-PTRACE_POKEDATA-Privilege-Escalation.html"}, {"name": "SUSE-SU-2016:2673", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00072.html"}, {"name": "USN-3104-2", "refsource": "UBUNTU", "url": "http://www.ubuntu.com/usn/USN-3104-2"}, {"name": "http://fortiguard.com/advisory/FG-IR-16-063", "refsource": "CONFIRM", "url": "http://fortiguard.com/advisory/FG-IR-16-063"}, {"name": "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10807", "refsource": "CONFIRM", "url": "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10807"}, {"name": "SUSE-SU-2016:2629", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00049.html"}, {"name": "20161020 [CVE-2016-5195] \"Dirty COW\" Linux privilege escalation vulnerability", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/539611/100/0/threaded"}, {"name": "http://packetstormsecurity.com/files/139922/Linux-Kernel-Dirty-COW-PTRACE_POKEDATA-Privilege-Escalation.html", "refsource": "MISC", "url": "http://packetstormsecurity.com/files/139922/Linux-Kernel-Dirty-COW-PTRACE_POKEDATA-Privilege-Escalation.html"}, {"name": "SUSE-SU-2016:2632", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00052.html"}, {"name": "20170310 [security bulletin] HPESBGN03707 rev.1 - HPE ConvergedSystem 700 2.0 VMware Kit, Remote Increase of Privilege", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/archive/1/540252/100/0/threaded"}, {"name": "USN-3105-1", "refsource": "UBUNTU", "url": "http://www.ubuntu.com/usn/USN-3105-1"}, {"name": "http://packetstormsecurity.com/files/139286/DirtyCow-Linux-Kernel-Race-Condition.html", "refsource": "MISC", "url": "http://packetstormsecurity.com/files/139286/DirtyCow-Linux-Kernel-Race-Condition.html"}, {"name": "SUSE-SU-2016:2630", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00050.html"}, {"name": "FEDORA-2016-db4b75b352", "refsource": "FEDORA", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/E7M62SRP6CZLJ4ZXCRZKV4WPLQBSR7DT/"}, {"name": "FEDORA-2016-c8a0c7eece", "refsource": "FEDORA", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NWMDLBWMGZKFHMRJ7QUQVCERP5QHDB6W/"}, {"name": "[oss-security] 20161103 Re: CVE-2016-5195 \"Dirty COW\" Linux kernel privilege escalation vulnerability", "refsource": "MLIST", "url": "http://www.openwall.com/lists/oss-security/2016/11/03/7"}, {"name": "SUSE-SU-2016:2636", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00056.html"}, {"name": "SUSE-SU-2016:3069", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00033.html"}, {"name": "https://kc.mcafee.com/corporate/index?page=content&id=SB10222", "refsource": "CONFIRM", "url": "https://kc.mcafee.com/corporate/index?page=content&id=SB10222"}, {"name": "DSA-3696", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2016/dsa-3696"}, {"name": "http://packetstormsecurity.com/files/139287/DirtyCow-Local-Root-Proof-Of-Concept.html", "refsource": "MISC", "url": "http://packetstormsecurity.com/files/139287/DirtyCow-Local-Root-Proof-Of-Concept.html"}, {"name": "SUSE-SU-2016:2592", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00038.html"}, {"name": "20170331 [security bulletin] HPESBGN03722 rev.1 - HPE Operations Agent, Local Escalation of Privilege", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/archive/1/540344/100/0/threaded"}, {"name": "20161020 [CVE-2016-5195] \"Dirty COW\" Linux privilege escalation vulnerability", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/archive/1/539611/100/0/threaded"}, {"name": "USN-3104-1", "refsource": "UBUNTU", "url": "http://www.ubuntu.com/usn/USN-3104-1"}, {"name": "20170615 [security bulletin] HPESBGN03761 rev.1 - HPE Virtualization Performance Viewer (VPV)/ Cloud Optimizer using Linux, Remote Escalation of Privilege", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/540736/100/0/threaded"}, {"name": "SUSE-SU-2016:2593", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00039.html"}, {"name": "SUSE-SU-2016:3304", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00100.html"}, {"name": "[oss-security] 20161021 CVE-2016-5195 \"Dirty COW\" Linux kernel privilege escalation vulnerability", "refsource": "MLIST", "url": "http://www.openwall.com/lists/oss-security/2016/10/21/1"}, {"name": "20170310 [security bulletin] HPESBGN03707 rev.1 - HPE ConvergedSystem 700 2.0 VMware Kit, Remote Increase of Privilege", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/540252/100/0/threaded"}, {"name": "SUSE-SU-2016:2585", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00036.html"}, {"name": "openSUSE-SU-2016:2649", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00063.html"}, {"name": "https://security.paloaltonetworks.com/CVE-2016-5195", "refsource": "CONFIRM", "url": "https://security.paloaltonetworks.com/CVE-2016-5195"}, {"name": "openSUSE-SU-2020:0554", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00041.html"}, {"name": "https://www.arista.com/en/support/advisories-notices/security-advisories/1753-security-advisory-0026", "refsource": "MISC", "url": "https://www.arista.com/en/support/advisories-notices/security-advisories/1753-security-advisory-0026"}, {"name": "[oss-security] 20220307 CVE-2022-0847: Linux kernel: overwriting read-only files", "refsource": "MLIST", "url": "http://www.openwall.com/lists/oss-security/2022/03/07/1"}, {"name": "[oss-security] 20220808 Re: CVE-2022-2590: Linux kernel: Modifying shmem/tmpfs files without write permissions", "refsource": "MLIST", "url": "http://www.openwall.com/lists/oss-security/2022/08/08/2"}, {"name": "[oss-security] 20220808 CVE-2022-2590: Linux kernel: Modifying shmem/tmpfs files without write permissions", "refsource": "MLIST", "url": "http://www.openwall.com/lists/oss-security/2022/08/08/1"}, {"name": "[oss-security] 20220808 Re: CVE-2022-2590: Linux kernel: Modifying shmem/tmpfs files without write permissions", "refsource": "MLIST", "url": "http://www.openwall.com/lists/oss-security/2022/08/08/7"}, {"name": "[oss-security] 20220808 Re: CVE-2022-2590: Linux kernel: Modifying shmem/tmpfs files without write permissions", "refsource": "MLIST", "url": "http://www.openwall.com/lists/oss-security/2022/08/08/8"}, {"name": "[oss-security] 20220809 Re: CVE-2022-2590: Linux kernel: Modifying shmem/tmpfs files without write permissions", "refsource": "MLIST", "url": "http://www.openwall.com/lists/oss-security/2022/08/09/4"}, {"name": "[oss-security] 20220815 Re: CVE-2022-2590: Linux kernel: Modifying shmem/tmpfs files without write permissions", "refsource": "MLIST", "url": "http://www.openwall.com/lists/oss-security/2022/08/15/1"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-06T00:53:48.930Z"}, "title": "CVE Program Container", "references": [{"name": "RHSA-2016:2107", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "http://rhn.redhat.com/errata/RHSA-2016-2107.html"}, {"name": "40616", "tags": ["exploit", "x_refsource_EXPLOIT-DB", "x_transferred"], "url": "https://www.exploit-db.com/exploits/40616/"}, {"name": "RHSA-2017:0372", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "https://access.redhat.com/errata/RHSA-2017:0372"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://bto.bluecoat.com/security-advisory/sa134"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05352241"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html"}, {"name": "40839", "tags": ["exploit", "x_refsource_EXPLOIT-DB", "x_transferred"], "url": "https://www.exploit-db.com/exploits/40839/"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://dirtycow.ninja"}, {"name": "40847", "tags": ["exploit", "x_refsource_EXPLOIT-DB", "x_transferred"], "url": "https://www.exploit-db.com/exploits/40847/"}, {"name": "RHSA-2016:2118", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "http://rhn.redhat.com/errata/RHSA-2016-2118.html"}, {"name": "RHSA-2016:2128", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "http://rhn.redhat.com/errata/RHSA-2016-2128.html"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://source.android.com/security/bulletin/2016-12-01.html"}, {"name": "RHSA-2016:2120", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "http://rhn.redhat.com/errata/RHSA-2016-2120.html"}, {"name": "[oss-security] 20161026 Re: CVE-2016-5195 \"Dirty COW\" Linux kernel privilege escalation vulnerability", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "http://www.openwall.com/lists/oss-security/2016/10/26/7"}, {"name": "RHSA-2016:2133", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "http://rhn.redhat.com/errata/RHSA-2016-2133.html"}, {"name": "RHSA-2016:2098", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "http://rhn.redhat.com/errata/RHSA-2016-2098.html"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbgn03761en_us"}, {"name": "VU#243144", "tags": ["third-party-advisory", "x_refsource_CERT-VN", "x_transferred"], "url": "https://www.kb.cert.org/vuls/id/243144"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://bugzilla.suse.com/show_bug.cgi?id=1004418"}, {"name": "1037078", "tags": ["vdb-entry", "x_refsource_SECTRACK", "x_transferred"], "url": "http://www.securitytracker.com/id/1037078"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://people.canonical.com/~ubuntu-security/cve/2016/CVE-2016-5195.html"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbgn03722en_us"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://security.netapp.com/advisory/ntap-20161025-0001/"}, {"name": "93793", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/93793"}, {"name": "RHSA-2016:2127", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "http://rhn.redhat.com/errata/RHSA-2016-2127.html"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://security-tracker.debian.org/tracker/CVE-2016-5195"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://github.com/dirtycow/dirtycow.github.io/wiki/PoCs"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbgn03742en_us"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://github.com/torvalds/linux/commit/19be0eaffa3ac7d8eb6784ad9bdbc7d67ed8e619"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://help.ecostruxureit.com/display/public/UADCO8x/StruxureWare+Data+Center+Operation+Software+Vulnerability+Fixes"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://github.com/dirtycow/dirtycow.github.io/wiki/VulnerabilityDetails"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1384344"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://access.redhat.com/security/vulnerabilities/2706661"}, {"name": "RHSA-2016:2106", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "http://rhn.redhat.com/errata/RHSA-2016-2106.html"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=19be0eaffa3ac7d8eb6784ad9bdbc7d67ed8e619"}, {"name": "40611", "tags": ["exploit", "x_refsource_EXPLOIT-DB", "x_transferred"], "url": "https://www.exploit-db.com/exploits/40611/"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://access.redhat.com/security/cve/cve-2016-5195"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://source.android.com/security/bulletin/2016-11-01.html"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05347541"}, {"name": "RHSA-2016:2124", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "http://rhn.redhat.com/errata/RHSA-2016-2124.html"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.8.3"}, {"name": "RHSA-2016:2105", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "http://rhn.redhat.com/errata/RHSA-2016-2105.html"}, {"name": "RHSA-2016:2126", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "http://rhn.redhat.com/errata/RHSA-2016-2126.html"}, {"name": "RHSA-2016:2132", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "http://rhn.redhat.com/errata/RHSA-2016-2132.html"}, {"name": "RHSA-2016:2110", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "http://rhn.redhat.com/errata/RHSA-2016-2110.html"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbgn03707en_us"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05341463"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://kc.mcafee.com/corporate/index?page=content&id=SB10176"}, {"name": "SUSE-SU-2016:2635", "tags": ["vendor-advisory", "x_refsource_SUSE", "x_transferred"], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00055.html"}, {"name": "SUSE-SU-2016:2659", "tags": ["vendor-advisory", "x_refsource_SUSE", "x_transferred"], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00067.html"}, {"name": "[oss-security] 20161027 CVE-2016-5195 test case", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "http://www.openwall.com/lists/oss-security/2016/10/27/13"}, {"name": "USN-3106-2", "tags": ["vendor-advisory", "x_refsource_UBUNTU", "x_transferred"], "url": "http://www.ubuntu.com/usn/USN-3106-2"}, {"name": "openSUSE-SU-2016:2583", "tags": ["vendor-advisory", "x_refsource_SUSE", "x_transferred"], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00034.html"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://packetstormsecurity.com/files/139277/Kernel-Live-Patch-Security-Notice-LSN-0012-1.html"}, {"name": "SUSE-SU-2016:2633", "tags": ["vendor-advisory", "x_refsource_SUSE", "x_transferred"], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00053.html"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20161207-01-dirtycow-en"}, {"name": "SUSE-SU-2016:2638", "tags": ["vendor-advisory", "x_refsource_SUSE", "x_transferred"], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00058.html"}, {"name": "openSUSE-SU-2016:2584", "tags": ["vendor-advisory", "x_refsource_SUSE", "x_transferred"], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00035.html"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://packetstormsecurity.com/files/142151/Kernel-Live-Patch-Security-Notice-LSN-0021-1.html"}, {"name": "SUSE-SU-2016:2658", "tags": ["vendor-advisory", "x_refsource_SUSE", "x_transferred"], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00066.html"}, {"name": "SUSE-SU-2016:2631", "tags": ["vendor-advisory", "x_refsource_SUSE", "x_transferred"], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00051.html"}, {"name": "USN-3106-3", "tags": ["vendor-advisory", "x_refsource_UBUNTU", "x_transferred"], "url": "http://www.ubuntu.com/usn/USN-3106-3"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-c05352241"}, {"name": "SUSE-SU-2016:2655", "tags": ["vendor-advisory", "x_refsource_SUSE", "x_transferred"], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00064.html"}, {"name": "FEDORA-2016-c3558808cd", "tags": ["vendor-advisory", "x_refsource_FEDORA", "x_transferred"], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/W3APRVDVPDBXLH4DC5UKZVCR742MJIM3/"}, {"name": "20170615 [security bulletin] HPESBGN03761 rev.1 - HPE Virtualization Performance Viewer (VPV)/ Cloud Optimizer using Linux, Remote Escalation of Privilege", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"], "url": "http://www.securityfocus.com/archive/1/archive/1/540736/100/0/threaded"}, {"name": "SUSE-SU-2016:2637", "tags": ["vendor-advisory", "x_refsource_SUSE", "x_transferred"], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00057.html"}, {"name": "SUSE-SU-2016:2596", "tags": ["vendor-advisory", "x_refsource_SUSE", "x_transferred"], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00040.html"}, {"name": "SUSE-SU-2016:2634", "tags": ["vendor-advisory", "x_refsource_SUSE", "x_transferred"], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00054.html"}, {"name": "20181107 Cisco TelePresence Video Communication Server Test Validation Script Issue", "tags": ["vendor-advisory", "x_refsource_CISCO", "x_transferred"], "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20181107-vcsd"}, {"name": "20161026 Vulnerability in Linux Kernel Affecting Cisco Products: October 2016", "tags": ["vendor-advisory", "x_refsource_CISCO", "x_transferred"], "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161026-linux"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10770"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://kc.mcafee.com/corporate/index?page=content&id=SB10177"}, {"name": "SUSE-SU-2016:2657", "tags": ["vendor-advisory", "x_refsource_SUSE", "x_transferred"], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00065.html"}, {"name": "SUSE-SU-2016:2614", "tags": ["vendor-advisory", "x_refsource_SUSE", "x_transferred"], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00045.html"}, {"name": "USN-3105-2", "tags": ["vendor-advisory", "x_refsource_UBUNTU", "x_transferred"], "url": "http://www.ubuntu.com/usn/USN-3105-2"}, {"name": "USN-3107-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU", "x_transferred"], "url": "http://www.ubuntu.com/usn/USN-3107-1"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10774"}, {"name": "USN-3107-2", "tags": ["vendor-advisory", "x_refsource_UBUNTU", "x_transferred"], "url": "http://www.ubuntu.com/usn/USN-3107-2"}, {"name": "20170331 [security bulletin] HPESBGN03722 rev.1 - HPE Operations Agent, Local Escalation of Privilege", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"], "url": "http://www.securityfocus.com/archive/1/540344/100/0/threaded"}, {"name": "openSUSE-SU-2016:2625", "tags": ["vendor-advisory", "x_refsource_SUSE", "x_transferred"], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00048.html"}, {"name": "USN-3106-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU", "x_transferred"], "url": "http://www.ubuntu.com/usn/USN-3106-1"}, {"name": "USN-3106-4", "tags": ["vendor-advisory", "x_refsource_UBUNTU", "x_transferred"], "url": "http://www.ubuntu.com/usn/USN-3106-4"}, {"name": "[oss-security] 20161030 Re: CVE-2016-5195 test case", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "http://www.openwall.com/lists/oss-security/2016/10/30/1"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://packetstormsecurity.com/files/139923/Linux-Kernel-Dirty-COW-PTRACE_POKEDATA-Privilege-Escalation.html"}, {"name": "SUSE-SU-2016:2673", "tags": ["vendor-advisory", "x_refsource_SUSE", "x_transferred"], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00072.html"}, {"name": "USN-3104-2", "tags": ["vendor-advisory", "x_refsource_UBUNTU", "x_transferred"], "url": "http://www.ubuntu.com/usn/USN-3104-2"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://fortiguard.com/advisory/FG-IR-16-063"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10807"}, {"name": "SUSE-SU-2016:2629", "tags": ["vendor-advisory", "x_refsource_SUSE", "x_transferred"], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00049.html"}, {"name": "20161020 [CVE-2016-5195] \"Dirty COW\" Linux privilege escalation vulnerability", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"], "url": "http://www.securityfocus.com/archive/1/539611/100/0/threaded"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://packetstormsecurity.com/files/139922/Linux-Kernel-Dirty-COW-PTRACE_POKEDATA-Privilege-Escalation.html"}, {"name": "SUSE-SU-2016:2632", "tags": ["vendor-advisory", "x_refsource_SUSE", "x_transferred"], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00052.html"}, {"name": "20170310 [security bulletin] HPESBGN03707 rev.1 - HPE ConvergedSystem 700 2.0 VMware Kit, Remote Increase of Privilege", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"], "url": "http://www.securityfocus.com/archive/1/archive/1/540252/100/0/threaded"}, {"name": "USN-3105-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU", "x_transferred"], "url": "http://www.ubuntu.com/usn/USN-3105-1"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://packetstormsecurity.com/files/139286/DirtyCow-Linux-Kernel-Race-Condition.html"}, {"name": "SUSE-SU-2016:2630", "tags": ["vendor-advisory", "x_refsource_SUSE", "x_transferred"], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00050.html"}, {"name": "FEDORA-2016-db4b75b352", "tags": ["vendor-advisory", "x_refsource_FEDORA", "x_transferred"], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/E7M62SRP6CZLJ4ZXCRZKV4WPLQBSR7DT/"}, {"name": "FEDORA-2016-c8a0c7eece", "tags": ["vendor-advisory", "x_refsource_FEDORA", "x_transferred"], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NWMDLBWMGZKFHMRJ7QUQVCERP5QHDB6W/"}, {"name": "[oss-security] 20161103 Re: CVE-2016-5195 \"Dirty COW\" Linux kernel privilege escalation vulnerability", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "http://www.openwall.com/lists/oss-security/2016/11/03/7"}, {"name": "SUSE-SU-2016:2636", "tags": ["vendor-advisory", "x_refsource_SUSE", "x_transferred"], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00056.html"}, {"name": "SUSE-SU-2016:3069", "tags": ["vendor-advisory", "x_refsource_SUSE", "x_transferred"], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00033.html"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://kc.mcafee.com/corporate/index?page=content&id=SB10222"}, {"name": "DSA-3696", "tags": ["vendor-advisory", "x_refsource_DEBIAN", "x_transferred"], "url": "http://www.debian.org/security/2016/dsa-3696"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://packetstormsecurity.com/files/139287/DirtyCow-Local-Root-Proof-Of-Concept.html"}, {"name": "SUSE-SU-2016:2592", "tags": ["vendor-advisory", "x_refsource_SUSE", "x_transferred"], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00038.html"}, {"name": "20170331 [security bulletin] HPESBGN03722 rev.1 - HPE Operations Agent, Local Escalation of Privilege", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"], "url": "http://www.securityfocus.com/archive/1/archive/1/540344/100/0/threaded"}, {"name": "20161020 [CVE-2016-5195] \"Dirty COW\" Linux privilege escalation vulnerability", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"], "url": "http://www.securityfocus.com/archive/1/archive/1/539611/100/0/threaded"}, {"name": "USN-3104-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU", "x_transferred"], "url": "http://www.ubuntu.com/usn/USN-3104-1"}, {"name": "20170615 [security bulletin] HPESBGN03761 rev.1 - HPE Virtualization Performance Viewer (VPV)/ Cloud Optimizer using Linux, Remote Escalation of Privilege", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"], "url": "http://www.securityfocus.com/archive/1/540736/100/0/threaded"}, {"name": "SUSE-SU-2016:2593", "tags": ["vendor-advisory", "x_refsource_SUSE", "x_transferred"], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00039.html"}, {"name": "SUSE-SU-2016:3304", "tags": ["vendor-advisory", "x_refsource_SUSE", "x_transferred"], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00100.html"}, {"name": "[oss-security] 20161021 CVE-2016-5195 \"Dirty COW\" Linux kernel privilege escalation vulnerability", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "http://www.openwall.com/lists/oss-security/2016/10/21/1"}, {"name": "20170310 [security bulletin] HPESBGN03707 rev.1 - HPE ConvergedSystem 700 2.0 VMware Kit, Remote Increase of Privilege", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"], "url": "http://www.securityfocus.com/archive/1/540252/100/0/threaded"}, {"name": "SUSE-SU-2016:2585", "tags": ["vendor-advisory", "x_refsource_SUSE", "x_transferred"], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00036.html"}, {"name": "openSUSE-SU-2016:2649", "tags": ["vendor-advisory", "x_refsource_SUSE", "x_transferred"], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00063.html"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://security.paloaltonetworks.com/CVE-2016-5195"}, {"name": "openSUSE-SU-2020:0554", "tags": ["vendor-advisory", "x_refsource_SUSE", "x_transferred"], "url": "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00041.html"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://www.arista.com/en/support/advisories-notices/security-advisories/1753-security-advisory-0026"}, {"name": "[oss-security] 20220307 CVE-2022-0847: Linux kernel: overwriting read-only files", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "http://www.openwall.com/lists/oss-security/2022/03/07/1"}, {"name": "[oss-security] 20220808 Re: CVE-2022-2590: Linux kernel: Modifying shmem/tmpfs files without write permissions", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "http://www.openwall.com/lists/oss-security/2022/08/08/2"}, {"name": "[oss-security] 20220808 CVE-2022-2590: Linux kernel: Modifying shmem/tmpfs files without write permissions", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "http://www.openwall.com/lists/oss-security/2022/08/08/1"}, {"name": "[oss-security] 20220808 Re: CVE-2022-2590: Linux kernel: Modifying shmem/tmpfs files without write permissions", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "http://www.openwall.com/lists/oss-security/2022/08/08/7"}, {"name": "[oss-security] 20220808 Re: CVE-2022-2590: Linux kernel: Modifying shmem/tmpfs files without write permissions", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "http://www.openwall.com/lists/oss-security/2022/08/08/8"}, {"name": "[oss-security] 20220809 Re: CVE-2022-2590: Linux kernel: Modifying shmem/tmpfs files without write permissions", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "http://www.openwall.com/lists/oss-security/2022/08/09/4"}, {"name": "[oss-security] 20220815 Re: CVE-2022-2590: Linux kernel: Modifying shmem/tmpfs files without write permissions", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "http://www.openwall.com/lists/oss-security/2022/08/15/1"}]}]}, "cveMetadata": {"assignerOrgId": "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28", "assignerShortName": "Chrome", "cveId": "CVE-2016-5195", "datePublished": "2016-11-10T21:00:00", "dateReserved": "2016-05-31T00:00:00", "dateUpdated": "2024-08-06T00:53:48.930Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"cisaActionDue": "2022-03-24", "cisaExploitAdd": "2022-03-03", "cisaRequiredAction": "Apply updates per vendor instructions.", "cisaVulnerabilityName": "Linux Kernel Race Condition Vulnerability", "configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:-:*:*:*", "matchCriteriaId": "CB66DB75-2B16-4EBF-9B93-CE49D8086E41", "vulnerable": true}, {"criteria": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*", "matchCriteriaId": "815D70A8-47D3-459C-A32C-9FEACA0659D1", "vulnerable": true}, {"criteria": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*", "matchCriteriaId": "7A5301BF-1402-4BE0-A0F8-69FBE79BC6D6", "vulnerable": true}, {"criteria": "cpe:2.3:o:canonical:ubuntu_linux:16.10:*:*:*:*:*:*:*", "matchCriteriaId": "1AFB20FA-CB00-4729-AB3A-816454C6D096", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "6C039170-F1A6-48B9-8A16-AEBFD9924804", "versionEndExcluding": "3.2.83", "versionStartIncluding": "2.6.22", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "9A93F019-B0C0-4723-869E-C715F15E11C9", "versionEndExcluding": "3.4.113", "versionStartIncluding": "3.3", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "B3B44636-A1EC-47C9-BE92-BC761CBB1B7B", "versionEndExcluding": "3.10.104", "versionStartIncluding": "3.5", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "1E7C6515-C636-45C4-9766-BA26B89F1424", "versionEndExcluding": "3.12.66", "versionStartIncluding": "3.11", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "8B1131A4-6EEF-4A1F-B706-1A61A471D632", "versionEndExcluding": "3.16.38", "versionStartIncluding": "3.13", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "EBC11DAF-1AA0-4B60-A20C-6276BDBF3BC4", "versionEndExcluding": "3.18.44", "versionStartIncluding": "3.17", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "98821D4F-193B-44AB-8AA9-6F767F25F5E8", "versionEndExcluding": "4.1.35", "versionStartIncluding": "3.19", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "905253FB-85D4-4961-8C57-5A1B36741C18", "versionEndExcluding": "4.4.26", "versionStartIncluding": "4.2", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "72401FBF-CEB9-47FD-BAC0-EFC49B634BAA", "versionEndExcluding": "4.7.9", "versionStartIncluding": "4.5", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "0F5B9915-B0CF-4BDA-A889-14834175FDE0", "versionEndExcluding": "4.8.3", "versionStartIncluding": "4.8", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:redhat:enterprise_linux:5:*:*:*:*:*:*:*", "matchCriteriaId": "AA9B3CC0-DF1C-4A86-B2A3-A9D428A5A6E6", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "2F6AB192-9D7D-4A9A-8995-E53A9DE9EAFC", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "142AD0DD-4CF3-4D74-9442-459CE3347E3A", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_aus:6.2:*:*:*:*:*:*:*", "matchCriteriaId": "D68FB2BB-D103-4CA6-A51E-83DB349DDDE5", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_aus:6.4:*:*:*:*:*:*:*", "matchCriteriaId": "512237D6-2B4B-4057-8F7C-F11639304028", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_aus:6.5:*:*:*:*:*:*:*", "matchCriteriaId": "79191794-6151-46E9-AAFD-3EC0C05B03B1", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:6.6:*:*:*:*:*:*:*", "matchCriteriaId": "319EC0C6-94C5-494A-9C5D-DC5124DFC8E1", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:6.7:*:*:*:*:*:*:*", "matchCriteriaId": "967EC28A-607F-48F4-AD64-5E3041C768F0", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:7.1:*:*:*:*:*:*:*", "matchCriteriaId": "A67A7B7A-998D-4B8C-8831-6E58406565FE", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_long_life:5.6:*:*:*:*:*:*:*", "matchCriteriaId": "84A82ED6-976A-43F1-8820-F5DCB9DDABD9", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_long_life:5.9:*:*:*:*:*:*:*", "matchCriteriaId": "5DBE05B8-17F9-4CC7-9579-1C1D57FEFD9B", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_tus:6.5:*:*:*:*:*:*:*", "matchCriteriaId": "7F4DE47C-0A23-4BCE-BCA1-425F7C1450E5", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "16F59A04-14CF-49E2-9973-645477EA09DA", "vulnerable": true}, {"criteria": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "matchCriteriaId": "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:fedoraproject:fedora:23:*:*:*:*:*:*:*", "matchCriteriaId": "E79AB8DD-C907-4038-A931-1A5A4CFB6A5B", "vulnerable": true}, {"criteria": "cpe:2.3:o:fedoraproject:fedora:24:*:*:*:*:*:*:*", "matchCriteriaId": "C729D5D1-ED95-443A-9F53-5D7C2FD9B80C", "vulnerable": true}, {"criteria": "cpe:2.3:o:fedoraproject:fedora:25:*:*:*:*:*:*:*", "matchCriteriaId": "772E9557-A371-4664-AE2D-4135AAEB89AA", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:paloaltonetworks:pan-os:*:*:*:*:*:*:*:*", "matchCriteriaId": "EA10748B-5F96-4A9B-B673-8E7C87F852D4", "versionEndExcluding": "7.0.14", "versionStartIncluding": "5.1", "vulnerable": true}, {"criteria": "cpe:2.3:o:paloaltonetworks:pan-os:*:*:*:*:*:*:*:*", "matchCriteriaId": "214A410F-7160-4E3A-BCCE-378FF0D962EA", "versionEndExcluding": "7.1.8", "versionStartIncluding": "7.1.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:netapp:cloud_backup:-:*:*:*:*:*:*:*", "matchCriteriaId": "5C2089EE-5D7F-47EC-8EA5-0F69790564C4", "vulnerable": true}, {"criteria": "cpe:2.3:a:netapp:hci_storage_nodes:-:*:*:*:*:*:*:*", "matchCriteriaId": "855D6A52-F96F-4CA0-A59C-4D42173F22E1", "vulnerable": true}, {"criteria": "cpe:2.3:a:netapp:oncommand_balance:-:*:*:*:*:*:*:*", "matchCriteriaId": "7DCBCC5D-C396-47A8-ADF4-D3A2C4377FB1", "vulnerable": true}, {"criteria": "cpe:2.3:a:netapp:oncommand_performance_manager:-:*:*:*:*:*:*:*", "matchCriteriaId": "212E1878-1B9A-4CB4-A1CE-EAD60B867161", "vulnerable": true}, {"criteria": "cpe:2.3:a:netapp:oncommand_unified_manager_for_clustered_data_ontap:-:*:*:*:*:*:*:*", "matchCriteriaId": "392D82A3-21BC-4CE1-A0AC-62A90468F0A5", "vulnerable": true}, {"criteria": "cpe:2.3:a:netapp:ontap_select_deploy_administration_utility:-:*:*:*:*:*:*:*", "matchCriteriaId": "E7CF3019-975D-40BB-A8A4-894E62BD3797", "vulnerable": true}, {"criteria": "cpe:2.3:a:netapp:snapprotect:-:*:*:*:*:*:*:*", "matchCriteriaId": "F74F467A-0C81-40D9-BA06-40FB8EF02C04", "vulnerable": true}, {"criteria": "cpe:2.3:a:netapp:solidfire:-:*:*:*:*:*:*:*", "matchCriteriaId": "A6E9EF0C-AFA8-4F7B-9FDC-1E0F7C26E737", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Race condition in mm/gup.c in the Linux kernel 2.x through 4.x before 4.8.3 allows local users to gain privileges by leveraging incorrect handling of a copy-on-write (COW) feature to write to a read-only memory mapping, as exploited in the wild in October 2016, aka \"Dirty COW.\""}, {"lang": "es", "value": "La condici\u00f3n de carrera en mm / gup.c en el kernel de Linux 2.x a 4.x antes de 4.8.3 permite a los usuarios locales obtener privilegios aprovechando el manejo incorrecto de una funci\u00f3n copy-on-write (COW) para escribir en un read- only la cartograf\u00eda de la memoria, como explotados en la naturaleza en octubre de 2016, vulnerabilidad tambi\u00e9n conocida como \"Dirty COW\"."}], "id": "CVE-2016-5195", "lastModified": "2024-07-24T14:27:14.490", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 7.2, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 3.9, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.0, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.0, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2016-11-10T21:59:00.197", "references": [{"source": "chrome-cve-admin@google.com", "tags": ["Third Party Advisory"], "url": "http://fortiguard.com/advisory/FG-IR-16-063"}, {"source": "chrome-cve-admin@google.com", "tags": ["Issue Tracking", "Patch", "Vendor Advisory"], "url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=19be0eaffa3ac7d8eb6784ad9bdbc7d67ed8e619"}, {"source": "chrome-cve-admin@google.com", "tags": ["Third Party Advisory"], "url": "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10770"}, {"source": "chrome-cve-admin@google.com", "tags": ["Third Party Advisory"], "url": "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10774"}, {"source": "chrome-cve-admin@google.com", "tags": ["Third Party Advisory"], "url": "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10807"}, {"source": "chrome-cve-admin@google.com", "tags": ["Mailing List"], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00034.html"}, {"source": "chrome-cve-admin@google.com", "tags": ["Mailing List"], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00035.html"}, {"source": "chrome-cve-admin@google.com", "tags": ["Mailing List"], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00036.html"}, {"source": "chrome-cve-admin@google.com", "tags": ["Mailing List"], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00038.html"}, {"source": "chrome-cve-admin@google.com", "tags": ["Mailing List"], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00039.html"}, {"source": "chrome-cve-admin@google.com", "tags": ["Mailing List"], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00040.html"}, {"source": "chrome-cve-admin@google.com", "tags": ["Mailing List"], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00045.html"}, {"source": "chrome-cve-admin@google.com", "tags": ["Mailing List"], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00048.html"}, {"source": "chrome-cve-admin@google.com", "tags": ["Mailing List"], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00049.html"}, {"source": "chrome-cve-admin@google.com", "tags": ["Mailing List"], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00050.html"}, {"source": "chrome-cve-admin@google.com", "tags": ["Mailing List"], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00051.html"}, {"source": "chrome-cve-admin@google.com", "tags": ["Mailing List"], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00052.html"}, {"source": "chrome-cve-admin@google.com", "tags": ["Mailing List"], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00053.html"}, {"source": "chrome-cve-admin@google.com", "tags": ["Mailing List"], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00054.html"}, {"source": "chrome-cve-admin@google.com", "tags": ["Mailing List"], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00055.html"}, {"source": "chrome-cve-admin@google.com", "tags": ["Mailing List"], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00056.html"}, {"source": "chrome-cve-admin@google.com", "tags": ["Mailing List"], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00057.html"}, {"source": "chrome-cve-admin@google.com", "tags": ["Mailing List"], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00058.html"}, {"source": "chrome-cve-admin@google.com", "tags": ["Mailing List"], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00063.html"}, {"source": "chrome-cve-admin@google.com", "tags": ["Mailing List"], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00064.html"}, {"source": "chrome-cve-admin@google.com", "tags": ["Mailing List"], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00065.html"}, {"source": "chrome-cve-admin@google.com", "tags": ["Mailing List"], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00066.html"}, {"source": "chrome-cve-admin@google.com", "tags": ["Mailing List"], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00067.html"}, {"source": "chrome-cve-admin@google.com", "tags": ["Mailing List"], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00072.html"}, {"source": "chrome-cve-admin@google.com", "tags": ["Mailing List"], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00033.html"}, {"source": "chrome-cve-admin@google.com", "tags": ["Mailing List"], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00100.html"}, {"source": "chrome-cve-admin@google.com", "tags": ["Third Party Advisory"], "url": "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00041.html"}, {"source": "chrome-cve-admin@google.com", "tags": ["Exploit", "Third Party Advisory", "VDB Entry"], "url": "http://packetstormsecurity.com/files/139277/Kernel-Live-Patch-Security-Notice-LSN-0012-1.html"}, {"source": "chrome-cve-admin@google.com", "tags": ["Exploit", "Third Party Advisory", "VDB Entry"], "url": "http://packetstormsecurity.com/files/139286/DirtyCow-Linux-Kernel-Race-Condition.html"}, {"source": "chrome-cve-admin@google.com", "tags": ["Exploit", "Third Party Advisory", "VDB Entry"], "url": "http://packetstormsecurity.com/files/139287/DirtyCow-Local-Root-Proof-Of-Concept.html"}, {"source": "chrome-cve-admin@google.com", "tags": ["Exploit", "Third Party Advisory", "VDB Entry"], "url": "http://packetstormsecurity.com/files/139922/Linux-Kernel-Dirty-COW-PTRACE_POKEDATA-Privilege-Escalation.html"}, {"source": "chrome-cve-admin@google.com", "tags": ["Exploit", "Third Party Advisory", "VDB Entry"], "url": "http://packetstormsecurity.com/files/139923/Linux-Kernel-Dirty-COW-PTRACE_POKEDATA-Privilege-Escalation.html"}, {"source": "chrome-cve-admin@google.com", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://packetstormsecurity.com/files/142151/Kernel-Live-Patch-Security-Notice-LSN-0021-1.html"}, {"source": "chrome-cve-admin@google.com", "tags": ["Third Party Advisory"], "url": "http://rhn.redhat.com/errata/RHSA-2016-2098.html"}, {"source": "chrome-cve-admin@google.com", "tags": ["Third Party Advisory"], "url": "http://rhn.redhat.com/errata/RHSA-2016-2105.html"}, {"source": "chrome-cve-admin@google.com", "tags": ["Third Party Advisory"], "url": "http://rhn.redhat.com/errata/RHSA-2016-2106.html"}, {"source": "chrome-cve-admin@google.com", "tags": ["Third Party Advisory"], "url": "http://rhn.redhat.com/errata/RHSA-2016-2107.html"}, {"source": "chrome-cve-admin@google.com", "tags": ["Third Party Advisory"], "url": "http://rhn.redhat.com/errata/RHSA-2016-2110.html"}, {"source": "chrome-cve-admin@google.com", "tags": ["Third Party Advisory"], "url": "http://rhn.redhat.com/errata/RHSA-2016-2118.html"}, {"source": "chrome-cve-admin@google.com", "tags": ["Third Party Advisory"], "url": "http://rhn.redhat.com/errata/RHSA-2016-2120.html"}, {"source": "chrome-cve-admin@google.com", "tags": ["Third Party Advisory"], "url": "http://rhn.redhat.com/errata/RHSA-2016-2124.html"}, {"source": "chrome-cve-admin@google.com", "tags": ["Third Party Advisory"], "url": "http://rhn.redhat.com/errata/RHSA-2016-2126.html"}, {"source": "chrome-cve-admin@google.com", "tags": ["Third Party Advisory"], "url": "http://rhn.redhat.com/errata/RHSA-2016-2127.html"}, {"source": "chrome-cve-admin@google.com", "tags": ["Third Party Advisory"], "url": "http://rhn.redhat.com/errata/RHSA-2016-2128.html"}, {"source": "chrome-cve-admin@google.com", "tags": ["Third Party Advisory"], "url": "http://rhn.redhat.com/errata/RHSA-2016-2132.html"}, {"source": "chrome-cve-admin@google.com", "tags": ["Third Party Advisory"], "url": "http://rhn.redhat.com/errata/RHSA-2016-2133.html"}, {"source": "chrome-cve-admin@google.com", "tags": ["Third Party Advisory"], "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161026-linux"}, {"source": "chrome-cve-admin@google.com", "tags": ["Third Party Advisory"], "url": "http://www.debian.org/security/2016/dsa-3696"}, {"source": "chrome-cve-admin@google.com", "tags": ["Third Party Advisory"], "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20161207-01-dirtycow-en"}, {"source": "chrome-cve-admin@google.com", "tags": ["Release Notes"], "url": "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.8.3"}, {"source": "chrome-cve-admin@google.com", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://www.openwall.com/lists/oss-security/2016/10/21/1"}, {"source": "chrome-cve-admin@google.com", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://www.openwall.com/lists/oss-security/2016/10/26/7"}, {"source": "chrome-cve-admin@google.com", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://www.openwall.com/lists/oss-security/2016/10/27/13"}, {"source": "chrome-cve-admin@google.com", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://www.openwall.com/lists/oss-security/2016/10/30/1"}, {"source": "chrome-cve-admin@google.com", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://www.openwall.com/lists/oss-security/2016/11/03/7"}, {"source": "chrome-cve-admin@google.com", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://www.openwall.com/lists/oss-security/2022/03/07/1"}, {"source": "chrome-cve-admin@google.com", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://www.openwall.com/lists/oss-security/2022/08/08/1"}, {"source": "chrome-cve-admin@google.com", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://www.openwall.com/lists/oss-security/2022/08/08/2"}, {"source": "chrome-cve-admin@google.com", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://www.openwall.com/lists/oss-security/2022/08/08/7"}, {"source": "chrome-cve-admin@google.com", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://www.openwall.com/lists/oss-security/2022/08/08/8"}, {"source": "chrome-cve-admin@google.com", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://www.openwall.com/lists/oss-security/2022/08/09/4"}, {"source": "chrome-cve-admin@google.com", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://www.openwall.com/lists/oss-security/2022/08/15/1"}, {"source": "chrome-cve-admin@google.com", "tags": ["Patch", "Third Party Advisory"], "url": "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html"}, {"source": "chrome-cve-admin@google.com", "tags": ["Broken Link", "Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/archive/1/539611/100/0/threaded"}, {"source": "chrome-cve-admin@google.com", "tags": ["Broken Link", "Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/archive/1/540252/100/0/threaded"}, {"source": "chrome-cve-admin@google.com", "tags": ["Broken Link", "Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/archive/1/540344/100/0/threaded"}, {"source": "chrome-cve-admin@google.com", "tags": ["Broken Link", "Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/archive/1/540736/100/0/threaded"}, {"source": "chrome-cve-admin@google.com", "tags": ["Broken Link", "Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/archive/1/archive/1/539611/100/0/threaded"}, {"source": "chrome-cve-admin@google.com", "tags": ["Broken Link", "Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/archive/1/archive/1/540252/100/0/threaded"}, {"source": "chrome-cve-admin@google.com", "tags": ["Broken Link", "Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/archive/1/archive/1/540344/100/0/threaded"}, {"source": "chrome-cve-admin@google.com", "tags": ["Broken Link", "Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/archive/1/archive/1/540736/100/0/threaded"}, {"source": "chrome-cve-admin@google.com", "tags": ["Broken Link", "Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/bid/93793"}, {"source": "chrome-cve-admin@google.com", "tags": ["Broken Link", "Third Party Advisory", "VDB Entry"], "url": "http://www.securitytracker.com/id/1037078"}, {"source": "chrome-cve-admin@google.com", "tags": ["Third Party Advisory"], "url": "http://www.ubuntu.com/usn/USN-3104-1"}, {"source": "chrome-cve-admin@google.com", "tags": ["Third Party Advisory"], "url": "http://www.ubuntu.com/usn/USN-3104-2"}, {"source": "chrome-cve-admin@google.com", "tags": ["Third Party Advisory"], "url": "http://www.ubuntu.com/usn/USN-3105-1"}, {"source": "chrome-cve-admin@google.com", "tags": ["Third Party Advisory"], "url": "http://www.ubuntu.com/usn/USN-3105-2"}, {"source": "chrome-cve-admin@google.com", "tags": ["Third Party Advisory"], "url": "http://www.ubuntu.com/usn/USN-3106-1"}, {"source": "chrome-cve-admin@google.com", "tags": ["Third Party Advisory"], "url": "http://www.ubuntu.com/usn/USN-3106-2"}, {"source": "chrome-cve-admin@google.com", "tags": ["Third Party Advisory"], "url": "http://www.ubuntu.com/usn/USN-3106-3"}, {"source": "chrome-cve-admin@google.com", "tags": ["Third Party Advisory"], "url": "http://www.ubuntu.com/usn/USN-3106-4"}, {"source": "chrome-cve-admin@google.com", "tags": ["Third Party Advisory"], "url": "http://www.ubuntu.com/usn/USN-3107-1"}, {"source": "chrome-cve-admin@google.com", "tags": ["Third Party Advisory"], "url": "http://www.ubuntu.com/usn/USN-3107-2"}, {"source": "chrome-cve-admin@google.com", "tags": ["Broken Link", "Third Party Advisory"], "url": "https://access.redhat.com/errata/RHSA-2017:0372"}, {"source": "chrome-cve-admin@google.com", "tags": ["Third Party Advisory"], "url": "https://access.redhat.com/security/cve/cve-2016-5195"}, {"source": "chrome-cve-admin@google.com", "tags": ["Third Party Advisory"], "url": "https://access.redhat.com/security/vulnerabilities/2706661"}, {"source": "chrome-cve-admin@google.com", "tags": ["Permissions Required", "Third Party Advisory"], "url": "https://bto.bluecoat.com/security-advisory/sa134"}, {"source": "chrome-cve-admin@google.com", "tags": ["Exploit", "Issue Tracking"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1384344"}, {"source": "chrome-cve-admin@google.com", "tags": ["Issue Tracking"], "url": "https://bugzilla.suse.com/show_bug.cgi?id=1004418"}, {"source": "chrome-cve-admin@google.com", "tags": ["Third Party Advisory"], "url": "https://dirtycow.ninja"}, {"source": "chrome-cve-admin@google.com", "tags": ["Third Party Advisory"], "url": "https://github.com/dirtycow/dirtycow.github.io/wiki/PoCs"}, {"source": "chrome-cve-admin@google.com", "tags": ["Exploit", "Third Party Advisory"], "url": "https://github.com/dirtycow/dirtycow.github.io/wiki/VulnerabilityDetails"}, {"source": "chrome-cve-admin@google.com", "tags": ["Issue Tracking", "Patch"], "url": "https://github.com/torvalds/linux/commit/19be0eaffa3ac7d8eb6784ad9bdbc7d67ed8e619"}, {"source": "chrome-cve-admin@google.com", "tags": ["Third Party Advisory"], "url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-c05352241"}, {"source": "chrome-cve-admin@google.com", "tags": ["Third Party Advisory"], "url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbgn03707en_us"}, {"source": "chrome-cve-admin@google.com", "tags": ["Third Party Advisory"], "url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbgn03722en_us"}, {"source": "chrome-cve-admin@google.com", "tags": ["Third Party Advisory"], "url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbgn03742en_us"}, {"source": "chrome-cve-admin@google.com", "tags": ["Third Party Advisory"], "url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbgn03761en_us"}, {"source": "chrome-cve-admin@google.com", "tags": ["Third Party Advisory"], "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05341463"}, {"source": "chrome-cve-admin@google.com", "tags": ["Third Party Advisory"], "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05347541"}, {"source": "chrome-cve-admin@google.com", "tags": ["Third Party Advisory"], "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05352241"}, {"source": "chrome-cve-admin@google.com", "tags": ["Broken Link", "Third Party Advisory"], "url": "https://help.ecostruxureit.com/display/public/UADCO8x/StruxureWare+Data+Center+Operation+Software+Vulnerability+Fixes"}, {"source": "chrome-cve-admin@google.com", "tags": ["Broken Link", "Third Party Advisory"], "url": "https://kc.mcafee.com/corporate/index?page=content&id=SB10176"}, {"source": "chrome-cve-admin@google.com", "tags": ["Broken Link", "Third Party Advisory"], "url": "https://kc.mcafee.com/corporate/index?page=content&id=SB10177"}, {"source": "chrome-cve-admin@google.com", "tags": ["Broken Link", "Third Party Advisory"], "url": "https://kc.mcafee.com/corporate/index?page=content&id=SB10222"}, {"source": "chrome-cve-admin@google.com", "tags": ["Release Notes"], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/E7M62SRP6CZLJ4ZXCRZKV4WPLQBSR7DT/"}, {"source": "chrome-cve-admin@google.com", "tags": ["Release Notes"], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NWMDLBWMGZKFHMRJ7QUQVCERP5QHDB6W/"}, {"source": "chrome-cve-admin@google.com", "tags": ["Release Notes"], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/W3APRVDVPDBXLH4DC5UKZVCR742MJIM3/"}, {"source": "chrome-cve-admin@google.com", "tags": ["Third Party Advisory"], "url": "https://people.canonical.com/~ubuntu-security/cve/2016/CVE-2016-5195.html"}, {"source": "chrome-cve-admin@google.com", "tags": ["Issue Tracking", "Third Party Advisory"], "url": "https://security-tracker.debian.org/tracker/CVE-2016-5195"}, {"source": "chrome-cve-admin@google.com", "tags": ["Third Party Advisory"], "url": "https://security.netapp.com/advisory/ntap-20161025-0001/"}, {"source": "chrome-cve-admin@google.com", "tags": ["Third Party Advisory"], "url": "https://security.paloaltonetworks.com/CVE-2016-5195"}, {"source": "chrome-cve-admin@google.com", "tags": ["Third Party Advisory"], "url": "https://source.android.com/security/bulletin/2016-11-01.html"}, {"source": "chrome-cve-admin@google.com", "tags": ["Third Party Advisory"], "url": "https://source.android.com/security/bulletin/2016-12-01.html"}, {"source": "chrome-cve-admin@google.com", "tags": ["Third Party Advisory"], "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20181107-vcsd"}, {"source": "chrome-cve-admin@google.com", "tags": ["Third Party Advisory"], "url": "https://www.arista.com/en/support/advisories-notices/security-advisories/1753-security-advisory-0026"}, {"source": "chrome-cve-admin@google.com", "tags": ["Exploit", "Third Party Advisory", "VDB Entry"], "url": "https://www.exploit-db.com/exploits/40611/"}, {"source": "chrome-cve-admin@google.com", "tags": ["Exploit", "Third Party Advisory", "VDB Entry"], "url": "https://www.exploit-db.com/exploits/40616/"}, {"source": "chrome-cve-admin@google.com", "tags": ["Exploit", "Third Party Advisory", "VDB Entry"], "url": "https://www.exploit-db.com/exploits/40839/"}, {"source": "chrome-cve-admin@google.com", "tags": ["Third Party Advisory", "VDB Entry"], "url": "https://www.exploit-db.com/exploits/40847/"}, {"source": "chrome-cve-admin@google.com", "tags": ["Third Party Advisory", "US Government Resource"], "url": "https://www.kb.cert.org/vuls/id/243144"}], "sourceIdentifier": "chrome-cve-admin@google.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-362"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"acknowledgement": "Red Hat would like to thank Phil Oester for reporting this issue.", "affected_release": [{"advisory": "RHSA-2016:2124", "cpe": "cpe:/o:redhat:enterprise_linux:5", "package": "kernel-0:2.6.18-416.el5", "product_name": "Red Hat Enterprise Linux 5", "release_date": "2016-10-28T00:00:00Z"}, {"advisory": "RHSA-2016:2127", "cpe": "cpe:/o:redhat:rhel_mission_critical:5.6", "package": "kernel-0:2.6.18-238.57.1.el5", "product_name": "Red Hat Enterprise Linux 5.6 Long Life", "release_date": "2016-10-31T00:00:00Z"}, {"advisory": "RHSA-2016:2126", "cpe": "cpe:/o:redhat:rhel_aus:5.9", "package": "kernel-0:2.6.18-348.32.1.el5", "product_name": "Red Hat Enterprise Linux 5.9 Long Life", "release_date": "2016-10-31T00:00:00Z"}, {"advisory": "RHSA-2016:2105", "cpe": "cpe:/o:redhat:enterprise_linux:6", "package": "kernel-0:2.6.32-642.6.2.el6", "product_name": "Red Hat Enterprise Linux 6", "release_date": "2016-10-26T00:00:00Z"}, {"advisory": "RHSA-2016:2132", "cpe": "cpe:/o:redhat:rhel_mission_critical:6.2", "package": "kernel-0:2.6.32-220.68.1.el6", "product_name": "Red Hat Enterprise Linux 6.2 Advanced Update Support", "release_date": "2016-11-01T00:00:00Z"}, {"advisory": "RHSA-2016:2133", "cpe": "cpe:/o:redhat:rhel_aus:6.4", "package": "kernel-0:2.6.32-358.75.1.el6", "product_name": "Red Hat Enterprise Linux 6.4 Advanced Update Support", "release_date": "2016-11-01T00:00:00Z"}, {"advisory": "RHSA-2016:2120", "cpe": "cpe:/o:redhat:rhel_aus:6.5", "package": "kernel-0:2.6.32-431.75.1.el6", "product_name": "Red Hat Enterprise Linux 6.5 Advanced Update Support", "release_date": "2016-10-27T00:00:00Z"}, {"advisory": "RHSA-2016:2120", "cpe": "cpe:/o:redhat:rhel_tus:6.5", "package": "kernel-0:2.6.32-431.75.1.el6", "product_name": "Red Hat Enterprise Linux 6.5 Telco Extended Update Support", "release_date": "2016-10-27T00:00:00Z"}, {"advisory": "RHSA-2016:2128", "cpe": "cpe:/o:redhat:rhel_eus:6.6", "package": "kernel-0:2.6.32-504.54.1.el6", "product_name": "Red Hat Enterprise Linux 6.6 Extended Update Support", "release_date": "2016-10-31T00:00:00Z"}, {"advisory": "RHSA-2016:2106", "cpe": "cpe:/o:redhat:rhel_eus:6.7", "package": "kernel-0:2.6.32-573.35.2.el6", "product_name": "Red Hat Enterprise Linux 6.7 Extended Update Support", "release_date": "2016-10-26T00:00:00Z"}, {"advisory": "RHSA-2016:2110", "cpe": "cpe:/a:redhat:rhel_extras_rt:7", "package": "kernel-rt-0:3.10.0-327.36.3.rt56.238.el7", "product_name": "Red Hat Enterprise Linux 7", "release_date": "2016-10-26T00:00:00Z"}, {"advisory": "RHSA-2016:2098", "cpe": "cpe:/o:redhat:enterprise_linux:7", "package": "kernel-0:3.10.0-327.36.3.el7", "product_name": "Red Hat Enterprise Linux 7", "release_date": "2016-10-24T00:00:00Z"}, {"advisory": "RHSA-2017:0372", "cpe": "cpe:/o:redhat:enterprise_linux:7", "package": "kernel-aarch64-0:4.5.0-15.2.1.el7", "product_name": "Red Hat Enterprise Linux 7", "release_date": "2017-03-02T00:00:00Z"}, {"advisory": "RHSA-2016:2118", "cpe": "cpe:/o:redhat:rhel_eus:7.1", "package": "kernel-0:3.10.0-229.42.2.ael7b", "product_name": "Red Hat Enterprise Linux 7.1 Extended Update Support", "release_date": "2016-10-26T00:00:00Z"}, {"advisory": "RHSA-2016:2107", "cpe": "cpe:/a:redhat:enterprise_mrg:2:server:el6", "package": "kernel-rt-1:3.10.0-327.rt56.198.el6rt", "product_name": "Red Hat Enterprise MRG 2", "release_date": "2016-10-26T00:00:00Z"}], "bugzilla": {"description": "kernel: mm: privilege escalation via MAP_PRIVATE COW breakage", "id": "1384344", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1384344"}, "csaw": true, "cvss": {"cvss_base_score": "6.9", "cvss_scoring_vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C", "status": "verified"}, "cvss3": {"cvss3_base_score": "7.8", "cvss3_scoring_vector": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "status": "verified"}, "details": ["Race condition in mm/gup.c in the Linux kernel 2.x through 4.x before 4.8.3 allows local users to gain privileges by leveraging incorrect handling of a copy-on-write (COW) feature to write to a read-only memory mapping, as exploited in the wild in October 2016, aka \"Dirty COW.\"", "A race condition was found in the way the Linux kernel's memory subsystem handled the copy-on-write (COW) breakage of private read-only memory mappings. An unprivileged, local user could use this flaw to gain write access to otherwise read-only memory mappings and thus increase their privileges on the system."], "mitigation": {"lang": "en:us", "value": "Please see bug 1384344 comment #13 (https://bugzilla.redhat.com/show_bug.cgi?id=1384344#c13) for details on how to mitigate this issue."}, "name": "CVE-2016-5195", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:4", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 4"}, {"cpe": "cpe:/o:redhat:rhel_eus:5.6", "fix_state": "Affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux Extended Update Support 5.6"}], "public_date": "2016-10-19T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2016-5195\nhttps://nvd.nist.gov/vuln/detail/CVE-2016-5195\nhttps://www.cisa.gov/known-exploited-vulnerabilities-catalog"], "statement": "This issue affects the Linux kernel packages as shipped with Red Hat Enterprise Linux 5, 6, 7 and MRG 2.x. This issue has been rated as having Important security impact. Updates for each affected version are in progress and will be released as soon as possible.\nShipping versions of Fedora are affected and Fedora is aware of this flaw.\nFor additional information about this flaw, please see https://access.redhat.com/security/vulnerabilities/2706661", "threat_severity": "Important"}