Race condition in mm/gup.c in the Linux kernel 2.x through 4.x before 4.8.3 allows local users to gain privileges by leveraging incorrect handling of a copy-on-write (COW) feature to write to a read-only memory mapping, as exploited in the wild in October 2016, aka "Dirty COW."
Fixes

Solution

No solution given by the vendor.


Workaround

No workaround given by the vendor.

References
Link Providers
http://fortiguard.com/advisory/FG-IR-16-063 cve-icon cve-icon
http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=19be0eaffa3ac7d8eb6784ad9bdbc7d67ed8e619 cve-icon cve-icon
http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10770 cve-icon cve-icon
http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10774 cve-icon cve-icon
http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10807 cve-icon cve-icon
http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00034.html cve-icon cve-icon
http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00035.html cve-icon cve-icon
http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00036.html cve-icon cve-icon
http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00038.html cve-icon cve-icon
http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00039.html cve-icon cve-icon
http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00040.html cve-icon cve-icon
http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00045.html cve-icon cve-icon
http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00048.html cve-icon cve-icon
http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00049.html cve-icon cve-icon
http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00050.html cve-icon cve-icon
http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00051.html cve-icon cve-icon
http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00052.html cve-icon cve-icon
http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00053.html cve-icon cve-icon
http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00054.html cve-icon cve-icon
http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00055.html cve-icon cve-icon
http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00056.html cve-icon cve-icon
http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00057.html cve-icon cve-icon
http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00058.html cve-icon cve-icon
http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00063.html cve-icon cve-icon
http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00064.html cve-icon cve-icon
http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00065.html cve-icon cve-icon
http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00066.html cve-icon cve-icon
http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00067.html cve-icon cve-icon
http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00072.html cve-icon cve-icon
http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00033.html cve-icon cve-icon
http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00100.html cve-icon cve-icon
http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00041.html cve-icon cve-icon
http://packetstormsecurity.com/files/139277/Kernel-Live-Patch-Security-Notice-LSN-0012-1.html cve-icon cve-icon
http://packetstormsecurity.com/files/139286/DirtyCow-Linux-Kernel-Race-Condition.html cve-icon cve-icon
http://packetstormsecurity.com/files/139287/DirtyCow-Local-Root-Proof-Of-Concept.html cve-icon cve-icon
http://packetstormsecurity.com/files/139922/Linux-Kernel-Dirty-COW-PTRACE_POKEDATA-Privilege-Escalation.html cve-icon cve-icon
http://packetstormsecurity.com/files/139923/Linux-Kernel-Dirty-COW-PTRACE_POKEDATA-Privilege-Escalation.html cve-icon cve-icon
http://packetstormsecurity.com/files/142151/Kernel-Live-Patch-Security-Notice-LSN-0021-1.html cve-icon cve-icon
http://rhn.redhat.com/errata/RHSA-2016-2098.html cve-icon cve-icon
http://rhn.redhat.com/errata/RHSA-2016-2105.html cve-icon cve-icon
http://rhn.redhat.com/errata/RHSA-2016-2106.html cve-icon cve-icon
http://rhn.redhat.com/errata/RHSA-2016-2107.html cve-icon cve-icon
http://rhn.redhat.com/errata/RHSA-2016-2110.html cve-icon cve-icon
http://rhn.redhat.com/errata/RHSA-2016-2118.html cve-icon cve-icon
http://rhn.redhat.com/errata/RHSA-2016-2120.html cve-icon cve-icon
http://rhn.redhat.com/errata/RHSA-2016-2124.html cve-icon cve-icon
http://rhn.redhat.com/errata/RHSA-2016-2126.html cve-icon cve-icon
http://rhn.redhat.com/errata/RHSA-2016-2127.html cve-icon cve-icon
http://rhn.redhat.com/errata/RHSA-2016-2128.html cve-icon cve-icon
http://rhn.redhat.com/errata/RHSA-2016-2132.html cve-icon cve-icon
http://rhn.redhat.com/errata/RHSA-2016-2133.html cve-icon cve-icon
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161026-linux cve-icon cve-icon
http://www.debian.org/security/2016/dsa-3696 cve-icon cve-icon
http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20161207-01-dirtycow-en cve-icon cve-icon
http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.8.3 cve-icon cve-icon
http://www.openwall.com/lists/oss-security/2016/10/21/1 cve-icon cve-icon
http://www.openwall.com/lists/oss-security/2016/10/26/7 cve-icon cve-icon
http://www.openwall.com/lists/oss-security/2016/10/27/13 cve-icon cve-icon
http://www.openwall.com/lists/oss-security/2016/10/30/1 cve-icon cve-icon
http://www.openwall.com/lists/oss-security/2016/11/03/7 cve-icon cve-icon
http://www.openwall.com/lists/oss-security/2022/03/07/1 cve-icon cve-icon
http://www.openwall.com/lists/oss-security/2022/08/08/1 cve-icon cve-icon
http://www.openwall.com/lists/oss-security/2022/08/08/2 cve-icon cve-icon
http://www.openwall.com/lists/oss-security/2022/08/08/7 cve-icon cve-icon
http://www.openwall.com/lists/oss-security/2022/08/08/8 cve-icon cve-icon
http://www.openwall.com/lists/oss-security/2022/08/09/4 cve-icon cve-icon
http://www.openwall.com/lists/oss-security/2022/08/15/1 cve-icon cve-icon
http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html cve-icon cve-icon
http://www.securityfocus.com/archive/1/539611/100/0/threaded cve-icon cve-icon
http://www.securityfocus.com/archive/1/540252/100/0/threaded cve-icon cve-icon
http://www.securityfocus.com/archive/1/540344/100/0/threaded cve-icon cve-icon
http://www.securityfocus.com/archive/1/540736/100/0/threaded cve-icon cve-icon
http://www.securityfocus.com/archive/1/archive/1/539611/100/0/threaded cve-icon cve-icon
http://www.securityfocus.com/archive/1/archive/1/540252/100/0/threaded cve-icon cve-icon
http://www.securityfocus.com/archive/1/archive/1/540344/100/0/threaded cve-icon cve-icon
http://www.securityfocus.com/archive/1/archive/1/540736/100/0/threaded cve-icon cve-icon
http://www.securityfocus.com/bid/93793 cve-icon cve-icon
http://www.securitytracker.com/id/1037078 cve-icon cve-icon
http://www.ubuntu.com/usn/USN-3104-1 cve-icon cve-icon
http://www.ubuntu.com/usn/USN-3104-2 cve-icon cve-icon
http://www.ubuntu.com/usn/USN-3105-1 cve-icon cve-icon
http://www.ubuntu.com/usn/USN-3105-2 cve-icon cve-icon
http://www.ubuntu.com/usn/USN-3106-1 cve-icon cve-icon
http://www.ubuntu.com/usn/USN-3106-2 cve-icon cve-icon
http://www.ubuntu.com/usn/USN-3106-3 cve-icon cve-icon
http://www.ubuntu.com/usn/USN-3106-4 cve-icon cve-icon
http://www.ubuntu.com/usn/USN-3107-1 cve-icon cve-icon
http://www.ubuntu.com/usn/USN-3107-2 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2017:0372 cve-icon cve-icon
https://access.redhat.com/security/cve/cve-2016-5195 cve-icon cve-icon
https://access.redhat.com/security/vulnerabilities/2706661 cve-icon cve-icon
https://bto.bluecoat.com/security-advisory/sa134 cve-icon cve-icon
https://bugzilla.redhat.com/show_bug.cgi?id=1384344 cve-icon cve-icon
https://bugzilla.suse.com/show_bug.cgi?id=1004418 cve-icon cve-icon
https://dirtycow.ninja cve-icon cve-icon
https://github.com/dirtycow/dirtycow.github.io/wiki/PoCs cve-icon cve-icon
https://github.com/dirtycow/dirtycow.github.io/wiki/VulnerabilityDetails cve-icon cve-icon
https://github.com/torvalds/linux/commit/19be0eaffa3ac7d8eb6784ad9bdbc7d67ed8e619 cve-icon cve-icon
https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-c05352241 cve-icon cve-icon
https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbgn03707en_us cve-icon cve-icon
https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbgn03722en_us cve-icon cve-icon
https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbgn03742en_us cve-icon cve-icon
https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbgn03761en_us cve-icon cve-icon
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05341463 cve-icon cve-icon
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05347541 cve-icon cve-icon
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05352241 cve-icon cve-icon
https://help.ecostruxureit.com/display/public/UADCO8x/StruxureWare+Data+Center+Operation+Software+Vulnerability+Fixes cve-icon cve-icon
https://kc.mcafee.com/corporate/index?page=content&id=SB10176 cve-icon cve-icon
https://kc.mcafee.com/corporate/index?page=content&id=SB10177 cve-icon cve-icon
https://kc.mcafee.com/corporate/index?page=content&id=SB10222 cve-icon cve-icon
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/E7M62SRP6CZLJ4ZXCRZKV4WPLQBSR7DT/ cve-icon cve-icon
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NWMDLBWMGZKFHMRJ7QUQVCERP5QHDB6W/ cve-icon cve-icon
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/W3APRVDVPDBXLH4DC5UKZVCR742MJIM3/ cve-icon cve-icon
https://nvd.nist.gov/vuln/detail/CVE-2016-5195 cve-icon
https://people.canonical.com/~ubuntu-security/cve/2016/CVE-2016-5195.html cve-icon cve-icon
https://security-tracker.debian.org/tracker/CVE-2016-5195 cve-icon cve-icon
https://security.netapp.com/advisory/ntap-20161025-0001/ cve-icon cve-icon
https://security.paloaltonetworks.com/CVE-2016-5195 cve-icon cve-icon
https://source.android.com/security/bulletin/2016-11-01.html cve-icon cve-icon
https://source.android.com/security/bulletin/2016-12-01.html cve-icon cve-icon
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20181107-vcsd cve-icon cve-icon
https://www.arista.com/en/support/advisories-notices/security-advisories/1753-security-advisory-0026 cve-icon cve-icon
https://www.cisa.gov/known-exploited-vulnerabilities-catalog cve-icon
https://www.cve.org/CVERecord?id=CVE-2016-5195 cve-icon
https://www.exploit-db.com/exploits/40611/ cve-icon cve-icon
https://www.exploit-db.com/exploits/40616/ cve-icon cve-icon
https://www.exploit-db.com/exploits/40839/ cve-icon cve-icon
https://www.exploit-db.com/exploits/40847/ cve-icon cve-icon
https://www.kb.cert.org/vuls/id/243144 cve-icon cve-icon
History

Wed, 29 Jan 2025 18:15:00 +0000

Type Values Removed Values Added
Metrics kev

{'dateAdded': '2022-03-03'}

ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'active', 'Technical Impact': 'total'}, 'version': '2.0.3'}


Wed, 14 Aug 2024 00:00:00 +0000

Type Values Removed Values Added
References

cve-icon MITRE

Status: PUBLISHED

Assigner: Chrome

Published:

Updated: 2025-07-30T01:46:34.193Z

Reserved: 2016-05-31T00:00:00.000Z

Link: CVE-2016-5195

cve-icon Vulnrichment

Updated: 2024-08-06T00:53:48.930Z

cve-icon NVD

Status : Deferred

Published: 2016-11-10T21:59:00.197

Modified: 2025-04-12T10:46:40.837

Link: CVE-2016-5195

cve-icon Redhat

Severity : Important

Publid Date: 2016-10-19T00:00:00Z

Links: CVE-2016-5195 - Bugzilla

cve-icon OpenCVE Enrichment

No data.