Linux Kernel Local Privilege Escalation Vulnerability (CVE-2016-5195)

Description:

A race condition was found in the way the Linux kernel's memory subsystem handled the copy-on-write (COW) breakage of private read-only memory mappings. All the information we have so far is included in this page.

The bug has existed since around 2.6.22 (released in 2007) and was fixed on Oct 18, 2016.

More Information per Operating System:

Please make sure to verify if patched version of your kernel has been released for your Operating system vendors before updating it.

Red Hat and CentOS:
https://access.redhat.com/security/vulnerabilities/2706661

Debian:
https://security-tracker.debian.org/tracker/CVE-2016-5195

Ubuntu:
https://people.canonical.com/~ubuntu-security/cve/2016/CVE-2016-5195.html

Is my system vulnerable ?

For CentOS/Red Hat:

You can use a script provided by Red Hat to test your system.

Run:

wget https://access.redhat.com/sites/default/files/rh-cve-2016-5195_3.sh
bash rh-cve-2016-5195_3.sh

For Debian and Ubuntu:

If your kernel version is earlier than the following, you are affected:

Debian 7: 3.2.82-1
Debian 8: 3.16.36-1+deb8u2
Ubuntu 12.04 LTS: 3.2.0-113.155
Ubuntu 14.04 LTS: 3.13.0-100.147
Ubuntu 16.04 LTS: 4.4.0-45.66
Ubuntu 16.10: 4.8.0-26.28

Resolution:

On CentOS and Red Hat Enterprise Linux :

Run:

yum clean all
yum install kernel
reboot

Note: for Smart Servers, replace the yum install kernel line with the following command:

yum update kernel-xen


On Ubuntu and Debian:

Run:

sudo apt-get update
sudo apt-get install linux-generic
reboot

We suggest that you subscribe to your operating system notification system at the following URLs:

Red Hat - RHSA-announce (http://www.redhat.com/mailman/listinfo/rhsa-announce)
CentOS - CentOS-announce (https://lists.centos.org/mailman/listinfo/centos-announce)
Ubuntu - ubuntu-security-announce (https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce)
Debian - debian-security-announce (https://lists.debian.org/debian-security-announce/)

References:

https://github.com/dirtycow/dirtycow.github.io/wiki/VulnerabilityDetails
https://access.redhat.com/security/vulnerabilities/2706661

https://access.redhat.com/security/cve/cve-2016-5195
https://security-tracker.debian.org/tracker/CVE-2016-5195

https://people.canonical.com/~ubuntu-security/cve/2016/CVE-2016-5195.html

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5195

Have more questions? Submit a request

0 Comments

Article is closed for comments.
Powered by Zendesk