cbcvebase.
CVE-2016-5195
published 2016-11-10

CVE-2016-5195: Race condition in mm/gup.c in the Linux kernel 2.x through 4.x before 4.8.3 allows local users to gain privileges by leveraging incorrect handling of a…

high7CVSS 3.1
AVLACHPRLUINSUCHIHAH
KEVITWEXPLOIT
CISA Known Exploited Vulnerabilitydue 2022-03-24
Exploited in the wild
Race condition in mm/gup.c in the Linux kernel 2.x through 4.x before 4.8.3 allows local users to gain privileges by leveraging incorrect handling of a copy-on-write (COW) feature to write to a read-only memory mapping, as exploited in the wild in October 2016, aka "Dirty COW."

Affected

49 ranges· showing 25
VendorProductVersion rangeFixed in
canonicalubuntu_linux
canonicalubuntu_linux
canonicalubuntu_linux
canonicalubuntu_linux
debiandebian_linux
debiandebian_linux
debianlinux< linux 4.7.8-1 (bookworm)linux 4.7.8-1 (bookworm)
debianlinux< linux 6.0.2-1 (bookworm)linux 6.0.2-1 (bookworm)
fedoraprojectfedora
fedoraprojectfedora
fedoraprojectfedora
googleandroid
linuxlinux
linuxlinux>= 9ae0f87d009ca6c4aab2882641ddfc319727e3db < 9def52eb10baab3b700858003d462fcf17d628739def52eb10baab3b700858003d462fcf17d62873
linuxlinux>= 9ae0f87d009ca6c4aab2882641ddfc319727e3db < 5535be3099717646781ce1540cf725965d680e7b5535be3099717646781ce1540cf725965d680e7b
linuxlinux_kernel
linuxlinux_kernel>= 0 < 4.7.8-14.7.8-1
linuxlinux_kernel>= 0 < 6.0.2-16.0.2-1
linuxlinux_kernel>= 0 < 4.7.8-14.7.8-1
linuxlinux_kernel>= 0 < 6.0.2-16.0.2-1
linuxlinux_kernel>= 0 < 4.7.8-14.7.8-1
linuxlinux_kernel>= 0 < 6.0.2-16.0.2-1
linuxlinux_kernel>= 0 < 4.7.8-14.7.8-1
linuxlinux_kernel>= 2.6.22 < 3.2.833.2.83
linuxlinux_kernel>= 3.11 < 3.12.663.12.66

CVSS provenance

nvdv3.17.0HIGHCVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
osv7.0HIGH
vulncheck7.0HIGH
cisa7.0HIGH