{
  "threat_severity" : "Important",
  "public_date" : "2016-10-19T00:00:00Z",
  "bugzilla" : {
    "description" : "kernel: mm: privilege escalation via MAP_PRIVATE COW breakage",
    "id" : "1384344",
    "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1384344"
  },
  "cvss" : {
    "cvss_base_score" : "6.9",
    "cvss_scoring_vector" : "AV:L/AC:M/Au:N/C:C/I:C/A:C",
    "status" : "verified"
  },
  "cvss3" : {
    "cvss3_base_score" : "7.8",
    "cvss3_scoring_vector" : "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
    "status" : "verified"
  },
  "details" : [ "Race condition in mm/gup.c in the Linux kernel 2.x through 4.x before 4.8.3 allows local users to gain privileges by leveraging incorrect handling of a copy-on-write (COW) feature to write to a read-only memory mapping, as exploited in the wild in October 2016, aka \"Dirty COW.\"", "A race condition was found in the way the Linux kernel's memory subsystem handled the copy-on-write (COW) breakage of private read-only memory mappings. An unprivileged, local user could use this flaw to gain write access to otherwise read-only memory mappings and thus increase their privileges on the system." ],
  "statement" : "This issue affects the Linux kernel packages as shipped with Red Hat Enterprise Linux 5, 6, 7 and MRG 2.x. This issue has been rated as having Important security impact.",
  "acknowledgement" : "Red Hat would like to thank Phil Oester for reporting this issue.",
  "affected_release" : [ {
    "product_name" : "Red Hat Enterprise Linux 5",
    "release_date" : "2016-10-28T00:00:00Z",
    "advisory" : "RHSA-2016:2124",
    "cpe" : "cpe:/o:redhat:enterprise_linux:5",
    "package" : "kernel-0:2.6.18-416.el5"
  }, {
    "product_name" : "Red Hat Enterprise Linux 5.6 Long Life",
    "release_date" : "2016-10-31T00:00:00Z",
    "advisory" : "RHSA-2016:2127",
    "cpe" : "cpe:/o:redhat:rhel_mission_critical:5.6",
    "package" : "kernel-0:2.6.18-238.57.1.el5"
  }, {
    "product_name" : "Red Hat Enterprise Linux 5.9 Long Life",
    "release_date" : "2016-10-31T00:00:00Z",
    "advisory" : "RHSA-2016:2126",
    "cpe" : "cpe:/o:redhat:rhel_aus:5.9",
    "package" : "kernel-0:2.6.18-348.32.1.el5"
  }, {
    "product_name" : "Red Hat Enterprise Linux 6",
    "release_date" : "2016-10-26T00:00:00Z",
    "advisory" : "RHSA-2016:2105",
    "cpe" : "cpe:/o:redhat:enterprise_linux:6",
    "package" : "kernel-0:2.6.32-642.6.2.el6"
  }, {
    "product_name" : "Red Hat Enterprise Linux 6.2 Advanced Update Support",
    "release_date" : "2016-11-01T00:00:00Z",
    "advisory" : "RHSA-2016:2132",
    "cpe" : "cpe:/o:redhat:rhel_mission_critical:6.2",
    "package" : "kernel-0:2.6.32-220.68.1.el6"
  }, {
    "product_name" : "Red Hat Enterprise Linux 6.4 Advanced Update Support",
    "release_date" : "2016-11-01T00:00:00Z",
    "advisory" : "RHSA-2016:2133",
    "cpe" : "cpe:/o:redhat:rhel_aus:6.4",
    "package" : "kernel-0:2.6.32-358.75.1.el6"
  }, {
    "product_name" : "Red Hat Enterprise Linux 6.5 Advanced Update Support",
    "release_date" : "2016-10-27T00:00:00Z",
    "advisory" : "RHSA-2016:2120",
    "cpe" : "cpe:/o:redhat:rhel_aus:6.5",
    "package" : "kernel-0:2.6.32-431.75.1.el6"
  }, {
    "product_name" : "Red Hat Enterprise Linux 6.5 Telco Extended Update Support",
    "release_date" : "2016-10-27T00:00:00Z",
    "advisory" : "RHSA-2016:2120",
    "cpe" : "cpe:/o:redhat:rhel_tus:6.5",
    "package" : "kernel-0:2.6.32-431.75.1.el6"
  }, {
    "product_name" : "Red Hat Enterprise Linux 6.6 Extended Update Support",
    "release_date" : "2016-10-31T00:00:00Z",
    "advisory" : "RHSA-2016:2128",
    "cpe" : "cpe:/o:redhat:rhel_eus:6.6",
    "package" : "kernel-0:2.6.32-504.54.1.el6"
  }, {
    "product_name" : "Red Hat Enterprise Linux 6.7 Extended Update Support",
    "release_date" : "2016-10-26T00:00:00Z",
    "advisory" : "RHSA-2016:2106",
    "cpe" : "cpe:/o:redhat:rhel_eus:6.7",
    "package" : "kernel-0:2.6.32-573.35.2.el6"
  }, {
    "product_name" : "Red Hat Enterprise Linux 7",
    "release_date" : "2016-10-26T00:00:00Z",
    "advisory" : "RHSA-2016:2110",
    "cpe" : "cpe:/a:redhat:rhel_extras_rt:7",
    "package" : "kernel-rt-0:3.10.0-327.36.3.rt56.238.el7"
  }, {
    "product_name" : "Red Hat Enterprise Linux 7",
    "release_date" : "2016-10-24T00:00:00Z",
    "advisory" : "RHSA-2016:2098",
    "cpe" : "cpe:/o:redhat:enterprise_linux:7",
    "package" : "kernel-0:3.10.0-327.36.3.el7"
  }, {
    "product_name" : "Red Hat Enterprise Linux 7",
    "release_date" : "2017-03-02T00:00:00Z",
    "advisory" : "RHSA-2017:0372",
    "cpe" : "cpe:/o:redhat:enterprise_linux:7",
    "package" : "kernel-aarch64-0:4.5.0-15.2.1.el7"
  }, {
    "product_name" : "Red Hat Enterprise Linux 7.1 Extended Update Support",
    "release_date" : "2016-10-26T00:00:00Z",
    "advisory" : "RHSA-2016:2118",
    "cpe" : "cpe:/o:redhat:rhel_eus:7.1",
    "package" : "kernel-0:3.10.0-229.42.2.ael7b"
  }, {
    "product_name" : "Red Hat Enterprise MRG 2",
    "release_date" : "2016-10-26T00:00:00Z",
    "advisory" : "RHSA-2016:2107",
    "cpe" : "cpe:/a:redhat:enterprise_mrg:2:server:el6",
    "package" : "kernel-rt-1:3.10.0-327.rt56.198.el6rt"
  } ],
  "package_state" : [ {
    "product_name" : "Red Hat Enterprise Linux 4",
    "fix_state" : "Not affected",
    "package_name" : "kernel",
    "cpe" : "cpe:/o:redhat:enterprise_linux:4"
  } ],
  "references" : [ "https://www.cve.org/CVERecord?id=CVE-2016-5195\nhttps://nvd.nist.gov/vuln/detail/CVE-2016-5195\nhttps://www.cisa.gov/known-exploited-vulnerabilities-catalog" ],
  "csaw" : true,
  "name" : "CVE-2016-5195",
  "mitigation" : {
    "value" : "Please see bug 1384344 comment #13 (https://bugzilla.redhat.com/show_bug.cgi?id=1384344#c13) for details on how to mitigate this issue.",
    "lang" : "en:us"
  }
}