CyberSec.Space Logo
Back to CVE Browser

CVE-2016-5195

Known Exploited (CISA KEV)HIGH
7.0
CVSS Severity Score
EPSS Score32.9130%
EPSS Percentile97.01th
PublishedNov 10, 2016
Last ModifiedApr 21, 2026

Vulnerability Description

Race condition in mm/gup.c in the Linux kernel 2.x through 4.x before 4.8.3 allows local users to gain privileges by leveraging incorrect handling of a copy-on-write (COW) feature to write to a read-only memory mapping, as exploited in the wild in October 2016, aka "Dirty COW."

Affected Platforms (CPE)

πŸ’»
Canonical

Ubuntu Linux

= 12.04
πŸ’»
Canonical

Ubuntu Linux

= 14.04
πŸ’»
Canonical

Ubuntu Linux

= 16.04
πŸ’»
Canonical

Ubuntu Linux

= 16.10
πŸ’»
Linux

Linux Kernel

>= 2.6.22 and < 3.2.83
πŸ’»
Linux

Linux Kernel

>= 3.3 and < 3.4.113
πŸ’»
Linux

Linux Kernel

>= 3.5 and < 3.10.104
πŸ’»
Linux

Linux Kernel

>= 3.11 and < 3.12.66
πŸ’»
Linux

Linux Kernel

>= 3.13 and < 3.16.38
πŸ’»
Linux

Linux Kernel

>= 3.17 and < 3.18.44
πŸ’»
Linux

Linux Kernel

>= 3.19 and < 4.1.35
πŸ’»
Linux

Linux Kernel

>= 4.2 and < 4.4.26
πŸ’»
Linux

Linux Kernel

>= 4.5 and < 4.7.9
πŸ’»
Linux

Linux Kernel

>= 4.8 and < 4.8.3
πŸ’»
Redhat

Enterprise Linux

= 5
πŸ’»
Redhat

Enterprise Linux

= 6.0
πŸ’»
Redhat

Enterprise Linux

= 7.0
πŸ’»
Redhat

Enterprise Linux Aus

= 6.2
πŸ’»
Redhat

Enterprise Linux Aus

= 6.4
πŸ’»
Redhat

Enterprise Linux Aus

= 6.5
πŸ’»
Redhat

Enterprise Linux Eus

= 6.6
πŸ’»
Redhat

Enterprise Linux Eus

= 6.7
πŸ’»
Redhat

Enterprise Linux Eus

= 7.1
πŸ’»
Redhat

Enterprise Linux Long Life

= 5.6
πŸ’»
Redhat

Enterprise Linux Long Life

= 5.9
πŸ’»
Redhat

Enterprise Linux Tus

= 6.5
πŸ’»
Debian

Debian Linux

= 7.0
πŸ’»
Debian

Debian Linux

= 8.0
πŸ’»
Fedoraproject

Fedora

= 23
πŸ’»
Fedoraproject

Fedora

= 24
πŸ’»
Fedoraproject

Fedora

= 25
πŸ’»
Paloaltonetworks

Pan Os

>= 5.1 and < 7.0.14
πŸ’»
Paloaltonetworks

Pan Os

>= 7.1.0 and < 7.1.8
πŸ“¦
Netapp

Cloud Backup

All versions
πŸ“¦
Netapp

Hci Storage Nodes

All versions
πŸ“¦
Netapp

Oncommand Balance

All versions
πŸ“¦
Netapp

Oncommand Performance Manager

All versions
πŸ“¦
Netapp

Oncommand Unified Manager For Clustered Data Ontap

All versions
πŸ“¦
Netapp

Ontap Select Deploy Administration Utility

All versions
πŸ“¦
Netapp

Snapprotect

All versions
πŸ“¦
Netapp

Solidfire

All versions

References & Advisories

πŸ”— http://fortiguard.com/advisory/FG-IR-16-063
πŸ”— http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=19be0eaffa3ac7d8eb6784ad9bdbc7d67ed8e619
πŸ”— http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10770
πŸ”— http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10774
πŸ”— http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10807
πŸ”— http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00034.html
πŸ”— http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00035.html
πŸ”— http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00036.html

Related Vulnerabilities

CVE-2021-344239.8

A buffer overflow vulnerability was discovered in Zoom Client for Meetings (for Android, iOS, Linux, macOS, and Windows) before ve...

CVE-2018-66349.8

A vulnerability in Parsec Windows 142-0 and Parsec 'Linux Ubuntu 16.04 LTS Desktop' Build 142-1 allows unauthorized users to maint...

CVE-2021-34938.8

The overlayfs implementation in the linux kernel did not properly validate with respect to user namespaces the setting of file cap...

CVE-2021-34928.8

Shiftfs, an out-of-tree stacking file system included in Ubuntu Linux kernels, did not properly handle faults occurring during cop...

CVE-2016-5195 Detail & Impact Analysis | CVSS 7.0 (HIGH) | Cyber-Sec.Space | Cyber-Sec.Space