Vulnerability Note VU#243144

Linux kernel memory subsystem copy on write mechanism contains a race condition vulnerability

Original Release date: 21 Oct 2016 | Last revised: 17 Nov 2016

Overview

The Linux kernel since version 2.6.22 contains a race condition in the way the copy on write mechanism is handled by the memory subsystem, which may be leveraged locally to gain root privileges.

Description

CWE-362: Concurrent Execution using Shared Resource with Improper Synchonization ('Race Condition') - CVE-2016-5195

The Linux kernel since version 2.6.22 contains a race condition in the way the copy on write mechanism is handled by the memory subsystem. A local attacker may leverage this vulnerability in affected systems to gain root privileges. For more information, including proofs of concept, refer to the Dirty COW disclosure page.

Note that this vulnerability is reported as being actively exploited in the wild.

Impact

A local, unprivileged attacker can escalate privileges to root.

Solution

Apply an update

Linux kernel versions 4.8.3, 4.7.9, and 4.4.26 address this vulnerability. Red Hat, Debian, and Ubuntu have released patches. Users should apply patches through their Linux distributions' normal update process.

Vendor Information (Learn More)

VendorStatusDate NotifiedDate Updated
CentOSAffected21 Oct 201627 Oct 2016
CoreOSAffected21 Oct 201624 Oct 2016
Debian GNU/LinuxAffected21 Oct 201624 Oct 2016
Red Hat, Inc.Affected21 Oct 201621 Oct 2016
SUSE LinuxAffected21 Oct 201624 Oct 2016
UbuntuAffected21 Oct 201624 Oct 2016
Arista Networks, Inc.Not Affected21 Oct 201624 Oct 2016
PeplinkNot Affected-17 Nov 2016
Arch LinuxUnknown21 Oct 201621 Oct 2016
Fedora ProjectUnknown21 Oct 201621 Oct 2016
Gentoo LinuxUnknown21 Oct 201621 Oct 2016
openSUSE projectUnknown21 Oct 201621 Oct 2016
Openwall GNU/*/LinuxUnknown21 Oct 201621 Oct 2016
Slackware Linux Inc.Unknown21 Oct 201621 Oct 2016
TizenUnknown21 Oct 201621 Oct 2016
If you are a vendor and your product is affected, let us know.View More »

CVSS Metrics (Learn More)

Group Score Vector
Base 6.8 AV:L/AC:L/Au:S/C:C/I:C/A:C
Temporal 5.6 E:F/RL:OF/RC:C
Environmental 5.6 CDP:ND/TD:H/CR:ND/IR:ND/AR:ND

References

Credit

Red Hat credits Phil Oester with reporting this vulnerability.

This document was written by Joel Land.

Other Information

  • CVE IDs: CVE-2016-5195
  • Date Public: 20 Oct 2016
  • Date First Published: 21 Oct 2016
  • Date Last Updated: 17 Nov 2016
  • Document Revision: 14

Feedback

If you have feedback, comments, or additional information about this vulnerability, please send us email.