Back to KEVs

CVE-2016-5195

Race condition in mm/gup.c in the Linux kernel 2.x through 4.x before 4.8.3 allows local users to gain privileges by leveraging incorrect handling...

Basic Information

CVE State
PUBLISHED
Reserved Date
May 31, 2016
Published Date
November 10, 2016
Last Updated
January 29, 2025
Vendor
n/a
Product
n/a
Description
Race condition in mm/gup.c in the Linux kernel 2.x through 4.x before 4.8.3 allows local users to gain privileges by leveraging incorrect handling of a copy-on-write (COW) feature to write to a read-only memory mapping, as exploited in the wild in October 2016, aka "Dirty COW."

CVSS Scores

CVSS v3.1

7.0 - HIGH

Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

SSVC Information

Exploitation
active
Technical Impact
total

Exploit Status

Exploited in the Wild
Yes (added 2022-03-03 00:00:00 UTC) Source
Proof of Concept Available
Yes (added 2022-01-17 08:45:28 UTC) Source

References

http://rhn.redhat.com/errata/RHSA-2016-2107.html https://www.exploit-db.com/exploits/40616/ https://access.redhat.com/errata/RHSA-2017:0372 https://bto.bluecoat.com/security-advisory/sa134 https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05352241 http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html https://www.exploit-db.com/exploits/40839/ https://dirtycow.ninja https://www.exploit-db.com/exploits/40847/ http://rhn.redhat.com/errata/RHSA-2016-2118.html http://rhn.redhat.com/errata/RHSA-2016-2128.html https://source.android.com/security/bulletin/2016-12-01.html http://rhn.redhat.com/errata/RHSA-2016-2120.html http://www.openwall.com/lists/oss-security/2016/10/26/7 http://rhn.redhat.com/errata/RHSA-2016-2133.html http://rhn.redhat.com/errata/RHSA-2016-2098.html https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbgn03761en_us https://www.kb.cert.org/vuls/id/243144 https://bugzilla.suse.com/show_bug.cgi?id=1004418 http://www.securitytracker.com/id/1037078 https://people.canonical.com/~ubuntu-security/cve/2016/CVE-2016-5195.html https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbgn03722en_us https://security.netapp.com/advisory/ntap-20161025-0001/ http://www.securityfocus.com/bid/93793 http://rhn.redhat.com/errata/RHSA-2016-2127.html https://security-tracker.debian.org/tracker/CVE-2016-5195 https://github.com/dirtycow/dirtycow.github.io/wiki/PoCs https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbgn03742en_us https://github.com/torvalds/linux/commit/19be0eaffa3ac7d8eb6784ad9bdbc7d67ed8e619 https://help.ecostruxureit.com/display/public/UADCO8x/StruxureWare+Data+Center+Operation+Software+Vulnerability+Fixes https://github.com/dirtycow/dirtycow.github.io/wiki/VulnerabilityDetails https://bugzilla.redhat.com/show_bug.cgi?id=1384344 https://access.redhat.com/security/vulnerabilities/2706661 http://rhn.redhat.com/errata/RHSA-2016-2106.html http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=19be0eaffa3ac7d8eb6784ad9bdbc7d67ed8e619 https://www.exploit-db.com/exploits/40611/ https://access.redhat.com/security/cve/cve-2016-5195 https://source.android.com/security/bulletin/2016-11-01.html https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05347541 http://rhn.redhat.com/errata/RHSA-2016-2124.html http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.8.3 http://rhn.redhat.com/errata/RHSA-2016-2105.html http://rhn.redhat.com/errata/RHSA-2016-2126.html http://rhn.redhat.com/errata/RHSA-2016-2132.html http://rhn.redhat.com/errata/RHSA-2016-2110.html https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbgn03707en_us https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05341463 https://kc.mcafee.com/corporate/index?page=content&id=SB10176 http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00055.html http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00067.html http://www.openwall.com/lists/oss-security/2016/10/27/13 http://www.ubuntu.com/usn/USN-3106-2 http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00034.html http://packetstormsecurity.com/files/139277/Kernel-Live-Patch-Security-Notice-LSN-0012-1.html http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00053.html http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20161207-01-dirtycow-en http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00058.html http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00035.html http://packetstormsecurity.com/files/142151/Kernel-Live-Patch-Security-Notice-LSN-0021-1.html http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00066.html http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00051.html http://www.ubuntu.com/usn/USN-3106-3 https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-c05352241 http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00064.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/W3APRVDVPDBXLH4DC5UKZVCR742MJIM3/ http://www.securityfocus.com/archive/1/archive/1/540736/100/0/threaded http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00057.html http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00040.html http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00054.html https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20181107-vcsd http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161026-linux http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10770 https://kc.mcafee.com/corporate/index?page=content&id=SB10177 http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00065.html http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00045.html http://www.ubuntu.com/usn/USN-3105-2 http://www.ubuntu.com/usn/USN-3107-1 http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10774 http://www.ubuntu.com/usn/USN-3107-2 http://www.securityfocus.com/archive/1/540344/100/0/threaded http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00048.html http://www.ubuntu.com/usn/USN-3106-1 http://www.ubuntu.com/usn/USN-3106-4 http://www.openwall.com/lists/oss-security/2016/10/30/1 http://packetstormsecurity.com/files/139923/Linux-Kernel-Dirty-COW-PTRACE_POKEDATA-Privilege-Escalation.html http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00072.html http://www.ubuntu.com/usn/USN-3104-2 http://fortiguard.com/advisory/FG-IR-16-063 http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10807 http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00049.html http://www.securityfocus.com/archive/1/539611/100/0/threaded http://packetstormsecurity.com/files/139922/Linux-Kernel-Dirty-COW-PTRACE_POKEDATA-Privilege-Escalation.html http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00052.html http://www.securityfocus.com/archive/1/archive/1/540252/100/0/threaded http://www.ubuntu.com/usn/USN-3105-1 http://packetstormsecurity.com/files/139286/DirtyCow-Linux-Kernel-Race-Condition.html http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00050.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/E7M62SRP6CZLJ4ZXCRZKV4WPLQBSR7DT/ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NWMDLBWMGZKFHMRJ7QUQVCERP5QHDB6W/ http://www.openwall.com/lists/oss-security/2016/11/03/7 http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00056.html http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00033.html https://kc.mcafee.com/corporate/index?page=content&id=SB10222 http://www.debian.org/security/2016/dsa-3696 http://packetstormsecurity.com/files/139287/DirtyCow-Local-Root-Proof-Of-Concept.html http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00038.html http://www.securityfocus.com/archive/1/archive/1/540344/100/0/threaded http://www.securityfocus.com/archive/1/archive/1/539611/100/0/threaded http://www.ubuntu.com/usn/USN-3104-1 http://www.securityfocus.com/archive/1/540736/100/0/threaded http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00039.html http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00100.html http://www.openwall.com/lists/oss-security/2016/10/21/1 http://www.securityfocus.com/archive/1/540252/100/0/threaded http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00036.html http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00063.html https://security.paloaltonetworks.com/CVE-2016-5195 http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00041.html https://www.arista.com/en/support/advisories-notices/security-advisories/1753-security-advisory-0026 http://www.openwall.com/lists/oss-security/2022/03/07/1 http://www.openwall.com/lists/oss-security/2022/08/08/2 http://www.openwall.com/lists/oss-security/2022/08/08/1 http://www.openwall.com/lists/oss-security/2022/08/08/7 http://www.openwall.com/lists/oss-security/2022/08/08/8 http://www.openwall.com/lists/oss-security/2022/08/09/4 http://www.openwall.com/lists/oss-security/2022/08/15/1

Known Exploited Vulnerability Information

Source Added Date
CISA 2022-03-03 00:00:00 UTC

Potential Proof of Concepts

Warning: These PoCs have not been tested and could contain malware. Use at your own risk.

ASUKA39/CVE-2016-5195

Type: github • Created: 2024-04-05 07:14:07 UTC • Stars: 0

DirtyCOW 笔记

ZhiQiAnSecFork/DirtyCOW_CVE-2016-5195

Type: github • Created: 2023-12-15 07:47:39 UTC • Stars: 0

EDLLT/CVE-2016-5195-master

Type: github • Created: 2023-11-29 03:34:10 UTC • Stars: 0

h1n4mx0/Research-CVE-2016-5195

Type: github • Created: 2023-10-26 01:54:49 UTC • Stars: 0

fei9747/CVE-2016-5195

Type: github • Created: 2022-11-29 09:56:20 UTC • Stars: 0

malinthag62/The-exploitation-of-Dirty-Cow-CVE-2016-5195

Type: github • Created: 2022-05-18 10:51:23 UTC • Stars: 1

The Repository contains documents that explains the explotation of CVE-2016-5195

TotallyNotAHaxxer/CVE-2016-5195

Type: github • Created: 2022-04-08 18:18:36 UTC • Stars: 1

Ported golang version of dirtycow.c

KasunPriyashan/Y2S1-Project-Linux-Exploitaion-using-CVE-2016-5195-Vulnerability

Type: github • Created: 2022-01-17 08:45:28 UTC • Stars: 0

arttnba3/CVE-2016-5195

Type: github • Created: 2021-04-16 05:59:04 UTC • Stars: 2

my personal POC of CVE-2016-5195(dirtyCOW)

DanielEbert/CVE-2016-5195

Type: github • Created: 2020-12-20 19:17:10 UTC • Stars: 1

DirtyCOW Exploit for Android

dulanjaya23/Dirty-Cow-CVE-2016-5195-

Type: github • Created: 2020-05-12 17:10:38 UTC • Stars: 0

This is a Dirty Cow (CVE-2016-5195) privilege escalation vulnerability exploit

shanuka-ashen/Dirty-Cow-Explanation-CVE-2016-5195-

Type: github • Created: 2020-05-11 19:25:26 UTC • Stars: 0

zakariamaaraki/Dirty-COW-CVE-2016-5195-

Type: github • Created: 2019-11-26 01:18:41 UTC • Stars: 0

Exploit the dirtycow vulnerability to login as root

jas502n/CVE-2016-5195

Type: github • Created: 2019-08-13 10:38:49 UTC • Stars: 6

Linux 本地提权漏洞

acidburnmi/CVE-2016-5195-master

Type: github • Created: 2017-12-06 17:36:19 UTC • Stars: 0

titanhp/Dirty-COW-CVE-2016-5195-Testing

Type: github • Created: 2017-10-19 02:04:50 UTC • Stars: 1

Dirty COW (CVE-2016-5195) Testing

sribaba/android-CVE-2016-5195

Type: github • Created: 2017-01-15 03:56:27 UTC • Stars: 0

ndobson/inspec_CVE-2016-5195

Type: github • Created: 2016-12-08 22:41:51 UTC • Stars: 0

Inspec profile for detecting CVE-2016-5195 aka Dirty COW

whu-enjoy/CVE-2016-5195

Type: github • Created: 2016-11-17 02:20:09 UTC • Stars: 9

这里保留着部分脏牛漏洞的利用代码

ldenevi/CVE-2016-5195

Type: github • Created: 2016-11-06 14:38:04 UTC • Stars: 0

Recent Linux privilege escalation exploit

oleg-fiksel/ansible_CVE-2016-5195_check

Type: github • Created: 2016-10-29 19:15:20 UTC • Stars: 6

gbonacini/CVE-2016-5195

Type: github • Created: 2016-10-23 00:16:33 UTC • Stars: 326

A CVE-2016-5195 exploit example.

timwr/CVE-2016-5195

Type: github • Created: 2016-10-21 11:19:21 UTC • Stars: 973

CVE-2016-5195 (dirtycow/dirtyc0w) proof of concept for Android

ASRTeam/CVE-2016-5195

Type: github • Created: 2016-10-21 06:06:05 UTC • Stars: 1