CVE-2016-5195

Published: Nov 10, 2016

Modified: Nov 4, 2025

PUBLISHED

Description

Race condition in mm/gup.c in the Linux kernel 2.x through 4.x before 4.8.3 allows local users to gain privileges by leveraging incorrect handling of a copy-on-write (COW) feature to write to a read-only memory mapping, as exploited in the wild in October 2016, aka "Dirty COW."

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

RHSA-2016:2107

vendor-advisory

x_refsource_REDHAT

40616

exploit

x_refsource_EXPLOIT-DB

RHSA-2017:0372

vendor-advisory

x_refsource_REDHAT

https://bto.bluecoat.com/security-advisory/sa134

x_refsource_CONFIRM

https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05352241

x_refsource_CONFIRM

http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html

x_refsource_CONFIRM

40839

exploit

x_refsource_EXPLOIT-DB

https://dirtycow.ninja

x_refsource_MISC

40847

exploit

x_refsource_EXPLOIT-DB

RHSA-2016:2118

vendor-advisory

x_refsource_REDHAT

RHSA-2016:2128

vendor-advisory

x_refsource_REDHAT

https://source.android.com/security/bulletin/2016-12-01.html

x_refsource_CONFIRM

RHSA-2016:2120

vendor-advisory

x_refsource_REDHAT

[oss-security] 20161026 Re: CVE-2016-5195 "Dirty COW" Linux kernel privilege escalation vulnerability

mailing-list

x_refsource_MLIST

RHSA-2016:2133

vendor-advisory

x_refsource_REDHAT

RHSA-2016:2098

vendor-advisory

x_refsource_REDHAT

https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbgn03761en_us

x_refsource_CONFIRM

VU#243144

third-party-advisory

x_refsource_CERT-VN

https://bugzilla.suse.com/show_bug.cgi?id=1004418

x_refsource_CONFIRM

1037078

vdb-entry

x_refsource_SECTRACK

https://people.canonical.com/~ubuntu-security/cve/2016/CVE-2016-5195.html

x_refsource_CONFIRM

https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbgn03722en_us

x_refsource_CONFIRM

https://security.netapp.com/advisory/ntap-20161025-0001/

x_refsource_CONFIRM

93793

vdb-entry

x_refsource_BID

RHSA-2016:2127

vendor-advisory

x_refsource_REDHAT

https://security-tracker.debian.org/tracker/CVE-2016-5195

x_refsource_CONFIRM

https://github.com/dirtycow/dirtycow.github.io/wiki/PoCs

x_refsource_MISC

https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbgn03742en_us

x_refsource_CONFIRM

https://github.com/torvalds/linux/commit/19be0eaffa3ac7d8eb6784ad9bdbc7d67ed8e619

x_refsource_CONFIRM

https://help.ecostruxureit.com/display/public/UADCO8x/StruxureWare+Data+Center+Operation+Software+Vulnerability+Fixes

x_refsource_CONFIRM

https://github.com/dirtycow/dirtycow.github.io/wiki/VulnerabilityDetails

x_refsource_MISC

https://bugzilla.redhat.com/show_bug.cgi?id=1384344

x_refsource_CONFIRM

https://access.redhat.com/security/vulnerabilities/2706661

x_refsource_CONFIRM

RHSA-2016:2106

vendor-advisory

x_refsource_REDHAT

http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=19be0eaffa3ac7d8eb6784ad9bdbc7d67ed8e619

x_refsource_CONFIRM

40611

exploit

x_refsource_EXPLOIT-DB

https://access.redhat.com/security/cve/cve-2016-5195

x_refsource_CONFIRM

https://source.android.com/security/bulletin/2016-11-01.html

x_refsource_CONFIRM

https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05347541

x_refsource_CONFIRM

RHSA-2016:2124

vendor-advisory

x_refsource_REDHAT

http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.8.3

x_refsource_CONFIRM

RHSA-2016:2105

vendor-advisory

x_refsource_REDHAT

RHSA-2016:2126

vendor-advisory

x_refsource_REDHAT

RHSA-2016:2132

vendor-advisory

x_refsource_REDHAT

RHSA-2016:2110

vendor-advisory

x_refsource_REDHAT

https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbgn03707en_us

x_refsource_CONFIRM

https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05341463

x_refsource_CONFIRM

https://kc.mcafee.com/corporate/index?page=content&id=SB10176

x_refsource_CONFIRM

SUSE-SU-2016:2635

vendor-advisory

x_refsource_SUSE

SUSE-SU-2016:2659

vendor-advisory

x_refsource_SUSE

[oss-security] 20161027 CVE-2016-5195 test case

mailing-list

x_refsource_MLIST

USN-3106-2

vendor-advisory

x_refsource_UBUNTU

openSUSE-SU-2016:2583

vendor-advisory

x_refsource_SUSE

http://packetstormsecurity.com/files/139277/Kernel-Live-Patch-Security-Notice-LSN-0012-1.html

x_refsource_MISC

SUSE-SU-2016:2633

vendor-advisory

x_refsource_SUSE

http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20161207-01-dirtycow-en

x_refsource_CONFIRM

SUSE-SU-2016:2638

vendor-advisory

x_refsource_SUSE

openSUSE-SU-2016:2584

vendor-advisory

x_refsource_SUSE

http://packetstormsecurity.com/files/142151/Kernel-Live-Patch-Security-Notice-LSN-0021-1.html

x_refsource_MISC

SUSE-SU-2016:2658

vendor-advisory

x_refsource_SUSE

SUSE-SU-2016:2631

vendor-advisory

x_refsource_SUSE

USN-3106-3

vendor-advisory

x_refsource_UBUNTU

https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-c05352241

x_refsource_CONFIRM

SUSE-SU-2016:2655

vendor-advisory

x_refsource_SUSE

FEDORA-2016-c3558808cd

vendor-advisory

x_refsource_FEDORA

20170615 [security bulletin] HPESBGN03761 rev.1 - HPE Virtualization Performance Viewer (VPV)/ Cloud Optimizer using Linux, Remote Escalation of Privilege

mailing-list

x_refsource_BUGTRAQ

SUSE-SU-2016:2637

vendor-advisory

x_refsource_SUSE

SUSE-SU-2016:2596

vendor-advisory

x_refsource_SUSE

SUSE-SU-2016:2634

vendor-advisory

x_refsource_SUSE

20181107 Cisco TelePresence Video Communication Server Test Validation Script Issue

vendor-advisory

x_refsource_CISCO

20161026 Vulnerability in Linux Kernel Affecting Cisco Products: October 2016

vendor-advisory

x_refsource_CISCO

http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10770

x_refsource_CONFIRM

https://kc.mcafee.com/corporate/index?page=content&id=SB10177

x_refsource_CONFIRM

SUSE-SU-2016:2657

vendor-advisory

x_refsource_SUSE

SUSE-SU-2016:2614

vendor-advisory

x_refsource_SUSE

USN-3105-2

vendor-advisory

x_refsource_UBUNTU

USN-3107-1

vendor-advisory

x_refsource_UBUNTU

http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10774

x_refsource_CONFIRM

USN-3107-2

vendor-advisory

x_refsource_UBUNTU

20170331 [security bulletin] HPESBGN03722 rev.1 - HPE Operations Agent, Local Escalation of Privilege

mailing-list

x_refsource_BUGTRAQ

openSUSE-SU-2016:2625

vendor-advisory

x_refsource_SUSE

USN-3106-1

vendor-advisory

x_refsource_UBUNTU

USN-3106-4

vendor-advisory

x_refsource_UBUNTU

[oss-security] 20161030 Re: CVE-2016-5195 test case

mailing-list

x_refsource_MLIST

http://packetstormsecurity.com/files/139923/Linux-Kernel-Dirty-COW-PTRACE_POKEDATA-Privilege-Escalation.html

x_refsource_MISC

SUSE-SU-2016:2673

vendor-advisory

x_refsource_SUSE

USN-3104-2

vendor-advisory

x_refsource_UBUNTU

http://fortiguard.com/advisory/FG-IR-16-063

x_refsource_CONFIRM

http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10807

x_refsource_CONFIRM

SUSE-SU-2016:2629

vendor-advisory

x_refsource_SUSE

20161020 [CVE-2016-5195] "Dirty COW" Linux privilege escalation vulnerability

mailing-list

x_refsource_BUGTRAQ

http://packetstormsecurity.com/files/139922/Linux-Kernel-Dirty-COW-PTRACE_POKEDATA-Privilege-Escalation.html

x_refsource_MISC

SUSE-SU-2016:2632

vendor-advisory

x_refsource_SUSE

20170310 [security bulletin] HPESBGN03707 rev.1 - HPE ConvergedSystem 700 2.0 VMware Kit, Remote Increase of Privilege

mailing-list

x_refsource_BUGTRAQ

USN-3105-1

vendor-advisory

x_refsource_UBUNTU

http://packetstormsecurity.com/files/139286/DirtyCow-Linux-Kernel-Race-Condition.html

x_refsource_MISC

SUSE-SU-2016:2630

vendor-advisory

x_refsource_SUSE

FEDORA-2016-db4b75b352

vendor-advisory

x_refsource_FEDORA

FEDORA-2016-c8a0c7eece

vendor-advisory

x_refsource_FEDORA

[oss-security] 20161103 Re: CVE-2016-5195 "Dirty COW" Linux kernel privilege escalation vulnerability

mailing-list

x_refsource_MLIST

SUSE-SU-2016:2636

vendor-advisory

x_refsource_SUSE

SUSE-SU-2016:3069

vendor-advisory

x_refsource_SUSE

https://kc.mcafee.com/corporate/index?page=content&id=SB10222

x_refsource_CONFIRM

DSA-3696

vendor-advisory

x_refsource_DEBIAN

http://packetstormsecurity.com/files/139287/DirtyCow-Local-Root-Proof-Of-Concept.html

x_refsource_MISC

SUSE-SU-2016:2592

vendor-advisory

x_refsource_SUSE

20170331 [security bulletin] HPESBGN03722 rev.1 - HPE Operations Agent, Local Escalation of Privilege

mailing-list

x_refsource_BUGTRAQ

20161020 [CVE-2016-5195] "Dirty COW" Linux privilege escalation vulnerability

mailing-list

x_refsource_BUGTRAQ

USN-3104-1

vendor-advisory

x_refsource_UBUNTU

20170615 [security bulletin] HPESBGN03761 rev.1 - HPE Virtualization Performance Viewer (VPV)/ Cloud Optimizer using Linux, Remote Escalation of Privilege

mailing-list

x_refsource_BUGTRAQ

SUSE-SU-2016:2593

vendor-advisory

x_refsource_SUSE

SUSE-SU-2016:3304

vendor-advisory

x_refsource_SUSE

[oss-security] 20161021 CVE-2016-5195 "Dirty COW" Linux kernel privilege escalation vulnerability

mailing-list

x_refsource_MLIST

20170310 [security bulletin] HPESBGN03707 rev.1 - HPE ConvergedSystem 700 2.0 VMware Kit, Remote Increase of Privilege

mailing-list

x_refsource_BUGTRAQ

SUSE-SU-2016:2585

vendor-advisory

x_refsource_SUSE

openSUSE-SU-2016:2649

vendor-advisory

x_refsource_SUSE

https://security.paloaltonetworks.com/CVE-2016-5195

x_refsource_CONFIRM

openSUSE-SU-2020:0554

vendor-advisory

x_refsource_SUSE

https://www.arista.com/en/support/advisories-notices/security-advisories/1753-security-advisory-0026

x_refsource_MISC

[oss-security] 20220307 CVE-2022-0847: Linux kernel: overwriting read-only files

mailing-list

x_refsource_MLIST

[oss-security] 20220808 Re: CVE-2022-2590: Linux kernel: Modifying shmem/tmpfs files without write permissions

mailing-list

x_refsource_MLIST

[oss-security] 20220808 CVE-2022-2590: Linux kernel: Modifying shmem/tmpfs files without write permissions

mailing-list

x_refsource_MLIST

[oss-security] 20220808 Re: CVE-2022-2590: Linux kernel: Modifying shmem/tmpfs files without write permissions

mailing-list

x_refsource_MLIST

[oss-security] 20220808 Re: CVE-2022-2590: Linux kernel: Modifying shmem/tmpfs files without write permissions

mailing-list

x_refsource_MLIST

[oss-security] 20220809 Re: CVE-2022-2590: Linux kernel: Modifying shmem/tmpfs files without write permissions

mailing-list

x_refsource_MLIST

[oss-security] 20220815 Re: CVE-2022-2590: Linux kernel: Modifying shmem/tmpfs files without write permissions

mailing-list

x_refsource_MLIST

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2016-5195

Description

Affected Products

References