CVE-2016-5195 : Race condition in mm/gup.c in the Linux kernel 2.x through 4.x before 4.8.3 allo

Race condition in mm/gup.c in the Linux kernel 2.x through 4.x before 4.8.3 allows local users to gain privileges by leveraging incorrect handling of a copy-on-write (COW) feature to write to a read-only memory mapping, as exploited in the wild in October 2016, aka "Dirty COW."

Published 2016-11-10 21:59:00

Updated 2025-04-12 10:46:41

Source Chrome

View at NVD, CVE.org

Products affected by CVE-2016-5195

Debian » Debian Linux » Version: 7.0
cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*
Matching versions
Debian » Debian Linux » Version: 8.0
cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
Matching versions
Redhat » Enterprise Linux » Version: 6.0
cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*
Matching versions
Redhat » Enterprise Linux » Version: 7.0
cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*
Matching versions
Redhat » Enterprise Linux » Version: 5
cpe:2.3:o:redhat:enterprise_linux:5:*:*:*:*:*:*:*
Matching versions
Redhat » Enterprise Linux Eus » Version: 6.6
cpe:2.3:o:redhat:enterprise_linux_eus:6.6:*:*:*:*:*:*:*
Matching versions
Redhat » Enterprise Linux Eus » Version: 7.1
cpe:2.3:o:redhat:enterprise_linux_eus:7.1:*:*:*:*:*:*:*
Matching versions
Redhat » Enterprise Linux Eus » Version: 6.7
cpe:2.3:o:redhat:enterprise_linux_eus:6.7:*:*:*:*:*:*:*
Matching versions
Redhat » Enterprise Linux Long Life » Version: 5.6
cpe:2.3:o:redhat:enterprise_linux_long_life:5.6:*:*:*:*:*:*:*
Matching versions
Redhat » Enterprise Linux Long Life » Version: 5.9
cpe:2.3:o:redhat:enterprise_linux_long_life:5.9:*:*:*:*:*:*:*
Matching versions
Redhat » Enterprise Linux Aus » Version: 6.2
cpe:2.3:o:redhat:enterprise_linux_aus:6.2:*:*:*:*:*:*:*
Matching versions
Redhat » Enterprise Linux Aus » Version: 6.4
cpe:2.3:o:redhat:enterprise_linux_aus:6.4:*:*:*:*:*:*:*
Matching versions
Redhat » Enterprise Linux Aus » Version: 6.5
cpe:2.3:o:redhat:enterprise_linux_aus:6.5:*:*:*:*:*:*:*
Matching versions
Redhat » Enterprise Linux Tus » Version: 6.5
cpe:2.3:o:redhat:enterprise_linux_tus:6.5:*:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel
Versions from including (>=) 3.17 and before (<) 3.18.44
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel
Versions from including (>=) 4.2 and before (<) 4.4.26
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel
Versions from including (>=) 3.13 and before (<) 3.16.38
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel
Versions from including (>=) 3.19 and before (<) 4.1.35
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel
Versions from including (>=) 4.8 and before (<) 4.8.3
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel
Versions from including (>=) 3.3 and before (<) 3.4.113
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel
Versions from including (>=) 3.11 and before (<) 3.12.66
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel
Versions from including (>=) 4.5 and before (<) 4.7.9
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel
Versions from including (>=) 2.6.22 and before (<) 3.2.83
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel
Versions from including (>=) 3.5 and before (<) 3.10.104
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Matching versions
Canonical » Ubuntu Linux » Version: 12.04
cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:-:*:*:*
Matching versions
Canonical » Ubuntu Linux » Version: 14.04 ESM Edition
cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*
Matching versions
Canonical » Ubuntu Linux » Version: 16.10
cpe:2.3:o:canonical:ubuntu_linux:16.10:*:*:*:*:*:*:*
Matching versions
Canonical » Ubuntu Linux » Version: 16.04 ESM Edition
cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*
Matching versions
Fedoraproject » Fedora » Version: 24
cpe:2.3:o:fedoraproject:fedora:24:*:*:*:*:*:*:*
Matching versions
Fedoraproject » Fedora » Version: 25
cpe:2.3:o:fedoraproject:fedora:25:*:*:*:*:*:*:*
Matching versions
Fedoraproject » Fedora » Version: 23
cpe:2.3:o:fedoraproject:fedora:23:*:*:*:*:*:*:*
Matching versions
Netapp » Oncommand Balance » Version: N/A
cpe:2.3:a:netapp:oncommand_balance:-:*:*:*:*:*:*:*
Matching versions
Netapp » Oncommand Unified Manager For Clustered Data Ontap » Version: N/A
cpe:2.3:a:netapp:oncommand_unified_manager_for_clustered_data_ontap:-:*:*:*:*:*:*:*
Matching versions
Netapp » Cloud Backup » Version: N/A
cpe:2.3:a:netapp:cloud_backup:-:*:*:*:*:*:*:*
Matching versions
Netapp » Ontap Select Deploy Administration Utility » Version: N/A
cpe:2.3:a:netapp:ontap_select_deploy_administration_utility:-:*:*:*:*:*:*:*
Matching versions
Netapp » Hci Storage Nodes » Version: N/A
cpe:2.3:a:netapp:hci_storage_nodes:-:*:*:*:*:*:*:*
Matching versions
Netapp » Solidfire » Version: N/A
cpe:2.3:a:netapp:solidfire:-:*:*:*:*:*:*:*
Matching versions
Netapp » Oncommand Performance Manager » Version: N/A
cpe:2.3:a:netapp:oncommand_performance_manager:-:*:*:*:*:*:*:*
Matching versions
Netapp » Snapprotect » Version: N/A
cpe:2.3:a:netapp:snapprotect:-:*:*:*:*:*:*:*
Matching versions
Paloaltonetworks » Pan-os
Versions from including (>=) 7.1.0 and before (<) 7.1.8
cpe:2.3:o:paloaltonetworks:pan-os:*:*:*:*:*:*:*:*
Matching versions
Paloaltonetworks » Pan-os
Versions from including (>=) 5.1 and before (<) 7.0.14
cpe:2.3:o:paloaltonetworks:pan-os:*:*:*:*:*:*:*:*
Matching versions

Threat overview for CVE-2016-5195

Top countries where our scanners detected CVE-2016-5195

Top open port discovered on systems with this issue 80

IPs affected by CVE-2016-5195 97,930

Threat actors abusing to this issue? Yes

Find out if you^* are affected by CVE-2016-5195!

^*Directly or indirectly through your vendors, service providers and 3rd parties. Powered by attack surface intelligence from SecurityScorecard.

CVE-2016-5195 is in the CISA Known Exploited Vulnerabilities Catalog

CISA vulnerability name:

Linux Kernel Race Condition Vulnerability

CISA required action:

Apply updates per vendor instructions.

CISA description:

Race condition in mm/gup.c in the Linux kernel allows local users to escalate privileges.

Notes:

https://nvd.nist.gov/vuln/detail/CVE-2016-5195

Added on 2022-03-03 Action due date 2022-03-24

Exploit prediction scoring system (EPSS) score for CVE-2016-5195

EPSS FAQ

94.18%

Probability of exploitation activity in the next 30 days EPSS Score History

~ 100 %

Percentile, the proportion of vulnerabilities that are scored at or less

CVSS scores for CVE-2016-5195

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source	First Seen
7.2	HIGH	AV:L/AC:L/Au:N/C:C/I:C/A:C	3.9	10.0	NIST
Access Vector: Local Access Complexity: Low Authentication: None Confidentiality Impact: Complete Integrity Impact: Complete Availability Impact: Complete
7.0	HIGH	CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H	1.0	5.9	134c704f-9b21-4f2e-91b3-4a467353bcc0	2025-01-29
Attack Vector: Local Attack Complexity: High Privileges Required: Low User Interaction: None Scope: Unchanged Confidentiality: High Integrity: High Availability: High
7.0	HIGH	CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H	1.0	5.9	NIST	2024-07-24
Attack Vector: Local Attack Complexity: High Privileges Required: Low User Interaction: None Scope: Unchanged Confidentiality: High Integrity: High Availability: High
7.8	HIGH	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H	1.8	5.9	NIST
Attack Vector: Local Attack Complexity: Low Privileges Required: Low User Interaction: None Scope: Unchanged Confidentiality: High Integrity: High Availability: High

CWE ids for CVE-2016-5195

CWE-362 Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')

The product contains a concurrent code sequence that requires temporary, exclusive access to a shared resource, but a timing window exists in which the shared resource can be modified by another code sequence operating concurrently.
Assigned by:
- 134c704f-9b21-4f2e-91b3-4a467353bcc0 (Secondary)
- nvd@nist.gov (Primary)

References for CVE-2016-5195

http://www.ubuntu.com/usn/USN-3106-4

USN-3106-4: Linux kernel (Qualcomm Snapdragon) vulnerability | Ubuntu security notices | Ubuntu
Third Party Advisory
http://www.debian.org/security/2016/dsa-3696

Debian -- Security Information -- DSA-3696-1 linux
Third Party Advisory
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/E7M62SRP6CZLJ4ZXCRZKV4WPLQBSR7DT/

[SECURITY] Fedora 24 Update: kernel-4.7.9-200.fc24 - package-announce - Fedora mailing-lists
Release Notes
http://www.securityfocus.com/bid/93793

Linux Kernel CVE-2016-5195 Local Privilege Escalation Vulnerability
Broken Link;Third Party Advisory;VDB Entry
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NWMDLBWMGZKFHMRJ7QUQVCERP5QHDB6W/

[SECURITY] Fedora 25 Update: kernel-4.8.3-300.fc25 - package-announce - Fedora mailing-lists
Release Notes
https://help.ecostruxureit.com/display/public/UADCO8x/StruxureWare+Data+Center+Operation+Software+Vulnerability+Fixes

StruxureWare Data Center Operation Software Vulnerability Fixes - User Assistance for StruxureWare Data Center Operation 8 - Help Center: Support for EcoStruxure IT, StruxureWare for Data Centers, and
Broken Link;Third Party Advisory

CVEs referencing this url
https://www.exploit-db.com/exploits/40847/

Linux Kernel 2.6.22 < 3.9 - 'Dirty COW /proc/self/mem' Race Condition Privilege Escalation (/etc/passwd Method)
Third Party Advisory;VDB Entry
http://www.securityfocus.com/archive/1/archive/1/540252/100/0/threaded

Bugtraq
Broken Link;Third Party Advisory;VDB Entry
https://source.android.com/security/bulletin/2016-12-01.html

Android Security Bulletin—December 2016 | Android Open Source Project
Third Party Advisory

CVEs referencing this url
http://www.securityfocus.com/archive/1/archive/1/539611/100/0/threaded

Bugtraq
Broken Link;Third Party Advisory;VDB Entry
https://www.arista.com/en/support/advisories-notices/security-advisories/1753-security-advisory-0026

Security Advisory 0026 - Arista
Third Party Advisory
http://www.openwall.com/lists/oss-security/2022/08/08/7

oss-security - Re: CVE-2022-2590: Linux kernel: Modifying shmem/tmpfs files without write permissions
Mailing List;Third Party Advisory
https://bto.bluecoat.com/security-advisory/sa134

SA134 : Linux Kernel Vulnerabilities Oct/Nov 2016
Permissions Required;Third Party Advisory

CVEs referencing this url
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05341463

HPSBHF03682 rev.1 - HPE Comware 7 Network Products using SSL/TLS, Local Gain Privileged Access
Third Party Advisory
http://www.openwall.com/lists/oss-security/2016/10/21/1

oss-security - CVE-2016-5195 "Dirty COW" Linux kernel privilege escalation vulnerability
Mailing List;Third Party Advisory
http://www.ubuntu.com/usn/USN-3105-1

USN-3105-1: Linux kernel vulnerability | Ubuntu security notices | Ubuntu
Third Party Advisory
https://security.paloaltonetworks.com/CVE-2016-5195

CVE-2016-5195 Kernel Vulnerability
Third Party Advisory
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05347541

Sorry
Third Party Advisory

CVEs referencing this url
https://access.redhat.com/security/cve/cve-2016-5195

CVE-2016-5195 - Red Hat Customer Portal
Third Party Advisory
http://rhn.redhat.com/errata/RHSA-2016-2126.html

RHSA-2016:2126 - Security Advisory - Red Hat Customer Portal
Third Party Advisory
http://www.openwall.com/lists/oss-security/2022/03/07/1

oss-security - CVE-2022-0847: Linux kernel: overwriting read-only files
Mailing List;Third Party Advisory
https://access.redhat.com/errata/RHSA-2017:0372

Red Hat Customer Portal
Broken Link;Third Party Advisory

CVEs referencing this url
http://www.ubuntu.com/usn/USN-3104-2

USN-3104-2: Linux kernel (OMAP4) vulnerability | Ubuntu security notices | Ubuntu
Third Party Advisory
http://www.ubuntu.com/usn/USN-3106-1

USN-3106-1: Linux kernel vulnerability | Ubuntu security notices | Ubuntu
Third Party Advisory
http://packetstormsecurity.com/files/139286/DirtyCow-Linux-Kernel-Race-Condition.html

DirtyCow Linux Kernel Race Condition ≈ Packet Storm
Exploit;Third Party Advisory;VDB Entry
http://www.securityfocus.com/archive/1/540736/100/0/threaded

Bugtraq
Broken Link;Third Party Advisory;VDB Entry
http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00041.html

[security-announce] openSUSE-SU-2020:0554-1: important: Security update
Third Party Advisory

CVEs referencing this url
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W3APRVDVPDBXLH4DC5UKZVCR742MJIM3/

[SECURITY] Fedora 23 Update: kernel-4.7.9-100.fc23 - package-announce - Fedora Mailing-Lists
Mailing List;Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00048.html

[security-announce] openSUSE-SU-2016:2625-1: important: Security update for the Linux Kernel - openSUSE Security Announce - openSUSE Mailing Lists
Mailing List
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05352241

HPSBGN03681 rev.1 - HPE Helion OpenStack (HOS) and HPE Helion CloudSystem using Linux kernel, Local Elevation of Privilege
Third Party Advisory
https://access.redhat.com/security/vulnerabilities/2706661

Kernel Local Privilege Escalation "Dirty COW" - CVE-2016-5195 - Red Hat Customer Portal
Third Party Advisory
http://www.openwall.com/lists/oss-security/2022/08/09/4

oss-security - Re: CVE-2022-2590: Linux kernel: Modifying shmem/tmpfs files without write permissions
Mailing List;Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00056.html

[security-announce] SUSE-SU-2016:2636-1: important: Security update for Linux Kernel Live Patch 9 for SLE 12 - openSUSE Security Announce - openSUSE Mailing Lists
Mailing List
http://www.openwall.com/lists/oss-security/2022/08/15/1

oss-security - Re: CVE-2022-2590: Linux kernel: Modifying shmem/tmpfs files without write permissions
Mailing List;Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00067.html

[security-announce] SUSE-SU-2016:2659-1: important: Security update for Linux Kernel Live Patch 13 for SLE 12 - openSUSE Security Announce - openSUSE Mailing Lists
Mailing List
http://www.ubuntu.com/usn/USN-3104-1

USN-3104-1: Linux kernel vulnerability | Ubuntu security notices | Ubuntu
Third Party Advisory
http://rhn.redhat.com/errata/RHSA-2016-2110.html

RHSA-2016:2110 - Security Advisory - Red Hat Customer Portal
Third Party Advisory

CVEs referencing this url
http://rhn.redhat.com/errata/RHSA-2016-2118.html

RHSA-2016:2118 - Security Advisory - Red Hat Customer Portal
Third Party Advisory
http://www.securitytracker.com/id/1037078

Linux Kernel Copy-on-Write Memory Management Race Condition Lets Local Users Obtain Elevated Privileges - SecurityTracker
Broken Link;Third Party Advisory;VDB Entry
http://rhn.redhat.com/errata/RHSA-2016-2105.html

RHSA-2016:2105 - Security Advisory - Red Hat Customer Portal
Third Party Advisory
http://www.securityfocus.com/archive/1/540252/100/0/threaded

Bugtraq
Broken Link;Third Party Advisory;VDB Entry
https://security-tracker.debian.org/tracker/CVE-2016-5195

CVE-2016-5195
Issue Tracking;Third Party Advisory
https://dirtycow.ninja

Dirty COW (CVE-2016-5195)
Third Party Advisory
http://www.openwall.com/lists/oss-security/2016/11/03/7

oss-security - Re: CVE-2016-5195 "Dirty COW" Linux kernel privilege escalation vulnerability
Mailing List;Third Party Advisory
http://www.ubuntu.com/usn/USN-3107-1

USN-3107-1: Linux kernel vulnerability | Ubuntu security notices | Ubuntu
Third Party Advisory
https://bugzilla.suse.com/show_bug.cgi?id=1004418

Access Gateway
Issue Tracking
http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.8.3

Release Notes
http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00063.html

[security-announce] openSUSE-SU-2016:2649-1: important: kernel update for Evergreen 11.4 - openSUSE Security Announce - openSUSE Mailing Lists
Mailing List
http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00040.html

[security-announce] SUSE-SU-2016:2596-1: important: Security update for the Linux Kernel - openSUSE Security Announce - openSUSE Mailing Lists
Mailing List
https://github.com/dirtycow/dirtycow.github.io/wiki/PoCs

PoCs · dirtycow/dirtycow.github.io Wiki · GitHub
Third Party Advisory
http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10770

2017-01 Security Bulletin: Junos Space: Multiple vulnerabilities resolved in 16.1R1 release. - Juniper Networks
Third Party Advisory
http://rhn.redhat.com/errata/RHSA-2016-2128.html

RHSA-2016:2128 - Security Advisory - Red Hat Customer Portal
Third Party Advisory

CVEs referencing this url
http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00035.html

Mailing List
http://www.openwall.com/lists/oss-security/2016/10/27/13

oss-security - CVE-2016-5195 test case
Mailing List;Third Party Advisory
https://kc.mcafee.com/corporate/index?page=content&id=SB10176

McAfee Security Bulletin: Fixes for privilege escalation via MAP_PRIVATE COW breakage (CVE-2016-5195)
Broken Link;Third Party Advisory
https://www.exploit-db.com/exploits/40611/

Linux Kernel 2.6.22 < 3.9 - 'Dirty COW' /proc/self/mem Race Condition (Write Access Method)
Exploit;Third Party Advisory;VDB Entry
http://rhn.redhat.com/errata/RHSA-2016-2107.html

RHSA-2016:2107 - Security Advisory - Red Hat Customer Portal
Third Party Advisory

CVEs referencing this url
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161026-linux

Vulnerability in Linux Kernel Affecting Cisco Products: October 2016
Third Party Advisory
http://www.ubuntu.com/usn/USN-3106-3

USN-3106-3: Linux kernel (Raspberry Pi 2) vulnerability | Ubuntu security notices | Ubuntu
Third Party Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=1384344

1384344 – (CVE-2016-5195, DirtyCow) CVE-2016-5195 kernel: mm: privilege escalation via MAP_PRIVATE COW breakage
Exploit;Issue Tracking
http://packetstormsecurity.com/files/139287/DirtyCow-Local-Root-Proof-Of-Concept.html

DirtyCow Local Root Proof Of Concept ≈ Packet Storm
Exploit;Third Party Advisory;VDB Entry
http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00050.html

[security-announce] SUSE-SU-2016:2630-1: important: Security update for Linux Kernel Live Patch 1 for SLE 12 SP1 - openSUSE Security Announce - openSUSE Mailing Lists
Mailing List
http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00055.html

[security-announce] SUSE-SU-2016:2635-1: important: Security update for Linux Kernel Live Patch 5 for SLE 12 SP1 - openSUSE Security Announce - openSUSE Mailing Lists
Mailing List
http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00065.html

[security-announce] SUSE-SU-2016:2657-1: important: Security update for Linux Kernel Live Patch 15 for SLE 12 - openSUSE Security Announce - openSUSE Mailing Lists
Mailing List
http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00034.html

[security-announce] openSUSE-SU-2016:2583-1: important: Security update for the Linux Kernel - openSUSE Security Announce - openSUSE Mailing Lists
Mailing List
http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00052.html

[security-announce] SUSE-SU-2016:2632-1: important: Security update for Linux Kernel Live Patch 10 for SLE 12 - openSUSE Security Announce - openSUSE Mailing Lists
Mailing List
http://rhn.redhat.com/errata/RHSA-2016-2127.html

RHSA-2016:2127 - Security Advisory - Red Hat Customer Portal
Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00053.html

[security-announce] SUSE-SU-2016:2633-1: important: Security update for Linux Kernel Live Patch 11 for SLE 12 - openSUSE Security Announce - openSUSE Mailing Lists
Mailing List
http://www.openwall.com/lists/oss-security/2016/10/30/1

oss-security - Re: CVE-2016-5195 test case
Mailing List;Third Party Advisory
http://www.securityfocus.com/archive/1/archive/1/540344/100/0/threaded

Bugtraq
Broken Link;Third Party Advisory;VDB Entry
http://rhn.redhat.com/errata/RHSA-2016-2124.html

RHSA-2016:2124 - Security Advisory - Red Hat Customer Portal
Third Party Advisory

CVEs referencing this url
http://www.openwall.com/lists/oss-security/2022/08/08/1

oss-security - CVE-2022-2590: Linux kernel: Modifying shmem/tmpfs files without write permissions
Mailing List;Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00054.html

[security-announce] SUSE-SU-2016:2634-1: important: Security update for Linux Kernel Live Patch 3 for SLE 12 SP1 - openSUSE Security Announce - openSUSE Mailing Lists
Mailing List
http://rhn.redhat.com/errata/RHSA-2016-2120.html

RHSA-2016:2120 - Security Advisory - Red Hat Customer Portal
Third Party Advisory
http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20161207-01-dirtycow-en

Security Advisory - Dirty COW Vulnerability in Huawei Products
Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00100.html

[security-announce] SUSE-SU-2016:3304-1: important: Security update for the Linux Kernel - openSUSE Security Announce - openSUSE Mailing Lists
Mailing List
https://github.com/dirtycow/dirtycow.github.io/wiki/VulnerabilityDetails

VulnerabilityDetails · dirtycow/dirtycow.github.io Wiki · GitHub
Exploit;Third Party Advisory
http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10774

2017-01 Security Bulletin: Network and Security Manager (NSM): Multiple OpenSSH and other third party software vulnerabilities affect NSM Appliance OS. - Juniper Networks
Third Party Advisory
http://www.ubuntu.com/usn/USN-3107-2

USN-3107-2: Linux kernel (Raspberry Pi 2) vulnerability | Ubuntu security notices | Ubuntu
Third Party Advisory
http://packetstormsecurity.com/files/139922/Linux-Kernel-Dirty-COW-PTRACE_POKEDATA-Privilege-Escalation.html

Linux Kernel Dirty COW PTRACE_POKEDATA Privilege Escalation ≈ Packet Storm
Exploit;Third Party Advisory;VDB Entry
http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00058.html

Mailing List
http://www.openwall.com/lists/oss-security/2022/08/08/8

oss-security - Re: CVE-2022-2590: Linux kernel: Modifying shmem/tmpfs files without write permissions
Mailing List;Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00038.html

[security-announce] SUSE-SU-2016:2592-1: important: Security update for the Linux Kernel - openSUSE Security Announce - openSUSE Mailing Lists
Mailing List
https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-c05352241

Document - HPSBGN03681 rev.1 - HPE Helion OpenStack (HOS) and HPE Helion CloudSystem using Linux kernel, Local Elevation of Privilege | HPE Support
Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00057.html

[security-announce] SUSE-SU-2016:2637-1: important: Security update for Linux Kernel Live Patch 6 for SLE 12 SP1 - openSUSE Security Announce - openSUSE Mailing Lists
Mailing List
http://www.ubuntu.com/usn/USN-3105-2

USN-3105-2: Linux kernel (Trusty HWE) vulnerability | Ubuntu security notices | Ubuntu
Third Party Advisory
http://packetstormsecurity.com/files/139277/Kernel-Live-Patch-Security-Notice-LSN-0012-1.html

Kernel Live Patch Security Notice LSN-0012-1 ≈ Packet Storm
Exploit;Third Party Advisory;VDB Entry
https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbgn03722en_us

HPESBGN03722 rev.2 - HPE Operations Agent Virtual Appliance, Local Escalation of Privilege
Third Party Advisory
https://people.canonical.com/~ubuntu-security/cve/2016/CVE-2016-5195.html

CVE-2016-5195 in Ubuntu
Third Party Advisory
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NWMDLBWMGZKFHMRJ7QUQVCERP5QHDB6W/

[SECURITY] Fedora 25 Update: kernel-4.8.3-300.fc25 - package-announce - Fedora Mailing-Lists
Mailing List;Third Party Advisory
http://packetstormsecurity.com/files/139923/Linux-Kernel-Dirty-COW-PTRACE_POKEDATA-Privilege-Escalation.html

Linux Kernel Dirty COW PTRACE_POKEDATA Privilege Escalation ≈ Packet Storm
Exploit;Third Party Advisory;VDB Entry
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/W3APRVDVPDBXLH4DC5UKZVCR742MJIM3/

[SECURITY] Fedora 23 Update: kernel-4.7.9-100.fc23 - package-announce - Fedora mailing-lists
Release Notes
http://rhn.redhat.com/errata/RHSA-2016-2133.html

RHSA-2016:2133 - Security Advisory - Red Hat Customer Portal
Third Party Advisory

CVEs referencing this url
http://packetstormsecurity.com/files/142151/Kernel-Live-Patch-Security-Notice-LSN-0021-1.html

Kernel Live Patch Security Notice LSN-0021-1 ≈ Packet Storm
Third Party Advisory;VDB Entry
http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00033.html

[security-announce] SUSE-SU-2016:3069-1: important: Security update for the Linux Kernel - openSUSE Security Announce - openSUSE Mailing Lists
Mailing List
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20181107-vcsd

Cisco TelePresence Video Communication Server Test Validation Script Issue
Third Party Advisory
http://rhn.redhat.com/errata/RHSA-2016-2132.html

RHSA-2016:2132 - Security Advisory - Red Hat Customer Portal
Third Party Advisory
https://www.exploit-db.com/exploits/40616/

Linux Kernel 2.6.22 < 3.9 (x86/x64) - 'Dirty COW /proc/self/mem' Race Condition Privilege Escalation (SUID Method)
Exploit;Third Party Advisory;VDB Entry
https://kc.mcafee.com/corporate/index?page=content&id=SB10177

Broken Link;Third Party Advisory
https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbgn03742en_us

HPESBGN03742 rev.1 - HP Operations Analytics using Linux, Local Escalation of Privilege
Third Party Advisory
https://github.com/torvalds/linux/commit/19be0eaffa3ac7d8eb6784ad9bdbc7d67ed8e619

mm: remove gup_flags FOLL_WRITE games from __get_user_pages() · torvalds/linux@19be0ea · GitHub
Issue Tracking;Patch
http://www.openwall.com/lists/oss-security/2016/10/26/7

oss-security - Re: CVE-2016-5195 "Dirty COW" Linux kernel privilege escalation vulnerability
Mailing List;Third Party Advisory
http://www.ubuntu.com/usn/USN-3106-2

USN-3106-2: Linux kernel (Xenial HWE) vulnerability | Ubuntu security notices | Ubuntu
Third Party Advisory
http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10807

2017-10 Security Bulletin: Multiple Products: "Dirty COW" Linux Kernel Local Privilege Escalation (CVE-2016-5195) - Juniper Networks
Third Party Advisory
http://www.openwall.com/lists/oss-security/2022/08/08/2

oss-security - Re: CVE-2022-2590: Linux kernel: Modifying shmem/tmpfs files without write permissions
Mailing List;Third Party Advisory
http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html

CPU July 2018
Patch;Third Party Advisory

CVEs referencing this url
http://rhn.redhat.com/errata/RHSA-2016-2098.html

RHSA-2016:2098 - Security Advisory - Red Hat Customer Portal
Third Party Advisory
https://security.netapp.com/advisory/ntap-20161025-0001/

CVE-2016-5195 Kernel Local Privilege Escalation Vulnerability in Multiple NetApp Products | NetApp Product Security
Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00049.html

[security-announce] SUSE-SU-2016:2629-1: important: Security update for Linux Kernel Live Patch 2 for SLE 12 SP1 - openSUSE Security Announce - openSUSE Mailing Lists
Mailing List
http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00066.html

[security-announce] SUSE-SU-2016:2658-1: important: Security update for Linux Kernel Live Patch 14 for SLE 12 - openSUSE Security Announce - openSUSE Mailing Lists
Mailing List
https://kc.mcafee.com/corporate/index?page=content&id=SB10222

McAfee Security Bulletin - Web Gateway update fixes the Huge Dirty Cow vulnerability (CVE-2017-1000405)
Broken Link;Third Party Advisory
https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbgn03761en_us

HPESBGN03761 rev.1 - HPE Virtualization Performance Viewer (VPV)/ Cloud Optimizer using Linux, Remote Escalation of Privilege
Third Party Advisory
http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=19be0eaffa3ac7d8eb6784ad9bdbc7d67ed8e619

kernel/git/torvalds/linux.git - Linux kernel source tree
Issue Tracking;Patch;Vendor Advisory
http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00039.html

[security-announce] SUSE-SU-2016:2593-1: important: Security update for the Linux Kernel - openSUSE Security Announce - openSUSE Mailing Lists
Mailing List
https://source.android.com/security/bulletin/2016-11-01.html

Android Security Bulletin—November 2016 | Android Open Source Project
Third Party Advisory

CVEs referencing this url
http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00036.html

[security-announce] SUSE-SU-2016:2585-1: important: Security update for the Linux Kernel - openSUSE Security Announce - openSUSE Mailing Lists
Mailing List
https://www.exploit-db.com/exploits/40839/

Linux Kernel 2.6.22 < 3.9 - 'Dirty COW' 'PTRACE_POKEDATA' Race Condition Privilege Escalation (/etc/passwd Method)
Exploit;Third Party Advisory;VDB Entry
http://fortiguard.com/advisory/FG-IR-16-063

PSIRT Advisories | FortiGuard
Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00051.html

[security-announce] SUSE-SU-2016:2631-1: important: Security update for Linux Kernel Live Patch 0 for SLE 12 SP1 - openSUSE Security Announce - openSUSE Mailing Lists
Mailing List
http://www.securityfocus.com/archive/1/539611/100/0/threaded

Bugtraq
Broken Link;Third Party Advisory;VDB Entry
http://www.securityfocus.com/archive/1/archive/1/540736/100/0/threaded

Bugtraq
Broken Link;Third Party Advisory;VDB Entry
http://rhn.redhat.com/errata/RHSA-2016-2106.html

RHSA-2016:2106 - Security Advisory - Red Hat Customer Portal
Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00072.html

[security-announce] SUSE-SU-2016:2673-1: important: Security update for Linux Kernel Live Patch 7 for SLE 12 SP1 - openSUSE Security Announce - openSUSE Mailing Lists
Mailing List
http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00064.html

[security-announce] SUSE-SU-2016:2655-1: important: Security update for Linux Kernel Live Patch 12 for SLE 12 - openSUSE Security Announce - openSUSE Mailing Lists
Mailing List
https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbgn03707en_us

HPESBGN03707 rev.1 - HPE ConvergedSystem 700 2.0 VMware Kit, Remote Increase of Privilege
Third Party Advisory

CVEs referencing this url
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/E7M62SRP6CZLJ4ZXCRZKV4WPLQBSR7DT/

[SECURITY] Fedora 24 Update: kernel-4.7.9-200.fc24 - package-announce - Fedora Mailing-Lists
Mailing List;Third Party Advisory
http://www.securityfocus.com/archive/1/540344/100/0/threaded

Bugtraq
Broken Link;Third Party Advisory;VDB Entry
https://www.kb.cert.org/vuls/id/243144

VU#243144 - Linux kernel memory subsystem copy on write mechanism contains a race condition vulnerability
Third Party Advisory;US Government Resource
http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00045.html

[security-announce] SUSE-SU-2016:2614-1: important: Security update for the Linux Kernel - openSUSE Security Announce - openSUSE Mailing Lists
Mailing List

Jump to