7.2
CVE-2016-5195
- EPSS 94.18%
- Veröffentlicht 10.11.2016 21:59:00
- Zuletzt bearbeitet 12.04.2025 10:46:40
- Quelle chrome-cve-admin@google.com
- Teams Watchlist Login
- Unerledigt Login
Race condition in mm/gup.c in the Linux kernel 2.x through 4.x before 4.8.3 allows local users to gain privileges by leveraging incorrect handling of a copy-on-write (COW) feature to write to a read-only memory mapping, as exploited in the wild in October 2016, aka "Dirty COW."
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Canonical ≫ Ubuntu Linux Version12.04 SwEdition-
Canonical ≫ Ubuntu Linux Version14.04 SwEditionesm
Canonical ≫ Ubuntu Linux Version16.04 SwEditionesm
Canonical ≫ Ubuntu Linux Version16.10
Linux ≫ Linux Kernel Version >= 2.6.22 < 3.2.83
Linux ≫ Linux Kernel Version >= 3.3 < 3.4.113
Linux ≫ Linux Kernel Version >= 3.5 < 3.10.104
Linux ≫ Linux Kernel Version >= 3.11 < 3.12.66
Linux ≫ Linux Kernel Version >= 3.13 < 3.16.38
Linux ≫ Linux Kernel Version >= 3.17 < 3.18.44
Linux ≫ Linux Kernel Version >= 3.19 < 4.1.35
Linux ≫ Linux Kernel Version >= 4.2 < 4.4.26
Linux ≫ Linux Kernel Version >= 4.5 < 4.7.9
Linux ≫ Linux Kernel Version >= 4.8 < 4.8.3
Redhat ≫ Enterprise Linux Version5
Redhat ≫ Enterprise Linux Version6.0
Redhat ≫ Enterprise Linux Version7.0
Redhat ≫ Enterprise Linux Aus Version6.2
Redhat ≫ Enterprise Linux Aus Version6.4
Redhat ≫ Enterprise Linux Aus Version6.5
Redhat ≫ Enterprise Linux Eus Version6.6
Redhat ≫ Enterprise Linux Eus Version6.7
Redhat ≫ Enterprise Linux Eus Version7.1
Redhat ≫ Enterprise Linux Long Life Version5.6
Redhat ≫ Enterprise Linux Long Life Version5.9
Redhat ≫ Enterprise Linux Tus Version6.5
Debian ≫ Debian Linux Version7.0
Debian ≫ Debian Linux Version8.0
Fedoraproject ≫ Fedora Version23
Fedoraproject ≫ Fedora Version24
Fedoraproject ≫ Fedora Version25
Paloaltonetworks ≫ Pan-os Version >= 5.1 < 7.0.14
Paloaltonetworks ≫ Pan-os Version >= 7.1.0 < 7.1.8
Netapp ≫ Cloud Backup Version-
Netapp ≫ Hci Storage Nodes Version-
Netapp ≫ Oncommand Balance Version-
Netapp ≫ Oncommand Performance Manager Version-
Netapp ≫ Ontap Select Deploy Administration Utility Version-
Netapp ≫ Snapprotect Version-
03.03.2022: CISA Known Exploited Vulnerabilities (KEV) Catalog
Linux Kernel Race Condition Vulnerability
SchwachstelleRace condition in mm/gup.c in the Linux kernel allows local users to escalate privileges.
BeschreibungApply updates per vendor instructions.
Erforderliche Maßnahmen| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 94.18% | 0.999 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 7 | 1 | 5.9 |
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
|
| nvd@nist.gov | 7.2 | 3.9 | 10 |
AV:L/AC:L/Au:N/C:C/I:C/A:C
|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 7 | 1 | 5.9 |
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
|
CWE-362 Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
The product contains a concurrent code sequence that requires temporary, exclusive access to a shared resource, but a timing window exists in which the shared resource can be modified by another code sequence operating concurrently.