Exploit the possiblities
Showing 1 - 25 of 34 RSS Feed

CVE-2016-5195

Status Candidate

Overview

Race condition in mm/gup.c in the Linux kernel 2.x through 4.x before 4.8.3 allows local users to gain privileges by leveraging incorrect handling of a copy-on-write (COW) feature to write to a read-only memory mapping, as exploited in the wild in October 2016, aka "Dirty COW."

Related Files

HP Security Bulletin HPESBGN03761 1
Posted Jun 16, 2017
Authored by HP | Site hp.com

HP Security Bulletin HPESBGN03761 1 - A security vulnerability in Linux kernel, also known as "Dirty COW", has been addressed in HPE Virtualization Performance Viewer (VPV)/ Cloud Optimizer Virtual appliance. This vulnerability could be exploited remotely to allow escalation of privilege. Revision 1 of this advisory.

tags | advisory, kernel
systems | linux
advisories | CVE-2016-5195
MD5 | c9719f48003ae5a721583c7b1781b623
Kernel Live Patch Security Notice LSN-0021-1
Posted Apr 15, 2017
Authored by Benjamin M. Romer

Several security issues were fixed in the kernel. Andrey Konovalov discovered that the AF_PACKET implementation in the Linux kernel did not properly validate certain block-size data. A local attacker could use this to cause a denial of service (system crash). Andrey Konovalov discovered a use-after-free vulnerability in the DCCP implementation in the Linux kernel. A local attacker could use this to cause a denial of service (system crash) or possibly gain administrative privileges. Various other issues were also addressed.

tags | advisory, denial of service, kernel, local
systems | linux
advisories | CVE-2016-5195, CVE-2016-7910, CVE-2016-7911, CVE-2016-7912, CVE-2016-7916, CVE-2016-8399, CVE-2016-8630, CVE-2016-8633, CVE-2016-9191, CVE-2016-9555, CVE-2016-9756, CVE-2017-2583, CVE-2017-6074, CVE-2017-7308
MD5 | 878ad898ccfcd692664025f15c5ea754
HP Security Bulletin HPESBGN03722 1
Posted Mar 31, 2017
Authored by HP | Site hp.com

HP Security Bulletin HPESBGN03722 1 - A security vulnerability in Linux kernel, also known as "Dirty COW", has been addressed in HPE Operations Agent. This vulnerability could be exploited locally to allow escalation of privilege. Revision 1 of this advisory.

tags | advisory, kernel
systems | linux
advisories | CVE-2016-5195
MD5 | 6e048f342c976bad5812d28b477f7348
HP Security Bulletin HPESBGN03707 1
Posted Mar 11, 2017
Authored by HP | Site hp.com

HP Security Bulletin HPESBGN03707 1 - HPE has identified two VMware security advisories affecting the HPE ConvergedSystem 700 2.0 VMware Kit. The vulnerability could be exploited remotely to allow an increase of privilege. Revision 1 of this advisory.

tags | advisory
advisories | CVE-2016-5195, CVE-2016-7457
MD5 | 16f3e53e9a48af65828e29bdd8ef1013
HP Security Bulletin HPSBGN03680 1
Posted Dec 1, 2016
Authored by HP | Site hp.com

HP Security Bulletin HPSBGN03680 1 - Potential security vulnerabilities were identified in HPE Propel. The vulnerabilities could be exploited locally to allow escalation of privilege or Denial of Service (DoS). Revision 1 of this advisory.

tags | advisory, denial of service, vulnerability
advisories | CVE-2016-1669, CVE-2016-4997, CVE-2016-5195
MD5 | 8b5a6009b583e9e0c6a830265c78e74c
HP Security Bulletin HPSBHF03682 1
Posted Nov 30, 2016
Authored by HP | Site hp.com

HP Security Bulletin HPSBHF03682 1 - A security vulnerability in the Linux kernel could potentially impact HPE Comware 7 network products. The vulnerability could be exploited locally to gain privileged access. Revision 1 of this advisory.

tags | advisory, kernel
systems | linux
advisories | CVE-2016-5195
MD5 | 7630d3a934b144d82cd08e94aa6ae34d
Linux Kernel Dirty COW PTRACE_POKEDATA Privilege Escalation
Posted Nov 28, 2016
Authored by FireFart

This exploit uses the pokemon exploit as a base and automatically generates a new passwd line. The original /etc/passwd is then backed up to /tmp/passwd.bak and overwritten with the new line. The user will be prompted for the new password when the binary is run. After running the exploit you should be able to login with the newly created user.

tags | exploit
advisories | CVE-2016-5195
MD5 | 2d84b48a3c7259bdcfc8b09a0c2ed0c2
Linux Kernel Dirty COW PTRACE_POKEDATA Privilege Escalation
Posted Nov 25, 2016
Authored by Phil Oester

Linux kernel versions 2.6.22 and below 3.9 Dirty COW PTRACE_POKEDATA race condition privilege escalation exploit that provides write access.

tags | exploit, kernel
systems | linux
advisories | CVE-2016-5195
MD5 | cd99656821f9a7a8679fc8c4c258ee15
Red Hat Security Advisory 2016-2133-01
Posted Nov 1, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-2133-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: A race condition was found in the way the Linux kernel's memory subsystem handled the copy-on-write breakage of private read-only memory mappings. An unprivileged, local user could use this flaw to gain write access to otherwise read-only memory mappings and thus increase their privileges on the system.

tags | advisory, kernel, local
systems | linux, redhat
advisories | CVE-2016-4470, CVE-2016-5195
MD5 | d5b07c315a355e661a7fdbaa934654a7
Red Hat Security Advisory 2016-2132-01
Posted Nov 1, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-2132-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: A race condition was found in the way the Linux kernel's memory subsystem handled the copy-on-write breakage of private read-only memory mappings. An unprivileged, local user could use this flaw to gain write access to otherwise read-only memory mappings and thus increase their privileges on the system.

tags | advisory, kernel, local
systems | linux, redhat
advisories | CVE-2016-5195
MD5 | cdbfd29f7f1e5342fd94478ac3c72a1d
Red Hat Security Advisory 2016-2128-01
Posted Oct 31, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-2128-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: A flaw was found in the Linux kernel's keyring handling code: the key_reject_and_link() function could be forced to free an arbitrary memory block. An attacker could use this flaw to trigger a use-after-free condition on the system, potentially allowing for privilege escalation.

tags | advisory, arbitrary, kernel
systems | linux, redhat
advisories | CVE-2016-4470, CVE-2016-5195
MD5 | fb99ecab5d659bd43730c6df818651e2
Red Hat Security Advisory 2016-2127-01
Posted Oct 31, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-2127-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: A race condition was found in the way the Linux kernel's memory subsystem handled the copy-on-write breakage of private read-only memory mappings. An unprivileged, local user could use this flaw to gain write access to otherwise read-only memory mappings and thus increase their privileges on the system.

tags | advisory, kernel, local
systems | linux, redhat
advisories | CVE-2016-5195
MD5 | 175155c18e9b6f574eeecbff9a379989
Red Hat Security Advisory 2016-2126-01
Posted Oct 31, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-2126-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: A race condition was found in the way the Linux kernel's memory subsystem handled the copy-on-write breakage of private read-only memory mappings. An unprivileged, local user could use this flaw to gain write access to otherwise read-only memory mappings and thus increase their privileges on the system.

tags | advisory, kernel, local
systems | linux, redhat
advisories | CVE-2016-5195
MD5 | 9acd7fac3959493a5fb5551f0cf58b09
Red Hat Security Advisory 2016-2124-01
Posted Oct 28, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-2124-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: A race condition was found in the way the Linux kernel's memory subsystem handled the copy-on-write breakage of private read-only memory mappings. An unprivileged, local user could use this flaw to gain write access to otherwise read-only memory mappings and thus increase their privileges on the system.

tags | advisory, kernel, local
systems | linux, redhat
advisories | CVE-2016-1583, CVE-2016-5195
MD5 | 07b68525c33d0f626da8f190a7337e24
Red Hat Security Advisory 2016-2120-01
Posted Oct 27, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-2120-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: A race condition was found in the way the Linux kernel's memory subsystem handled the copy-on-write breakage of private read-only memory mappings. An unprivileged, local user could use this flaw to gain write access to otherwise read-only memory mappings and thus increase their privileges on the system.

tags | advisory, kernel, local
systems | linux, redhat
advisories | CVE-2016-5195
MD5 | 81fa87cf714f78bd02f4b7b24c5f2e82
Red Hat Security Advisory 2016-2118-01
Posted Oct 26, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-2118-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: A race condition was found in the way the Linux kernel's memory subsystem handled the copy-on-write breakage of private read-only memory mappings. An unprivileged, local user could use this flaw to gain write access to otherwise read-only memory mappings and thus increase their privileges on the system.

tags | advisory, kernel, local
systems | linux, redhat
advisories | CVE-2016-5195
MD5 | 5a57987df84f11b88d23afb3507bd17f
Red Hat Security Advisory 2016-2110-01
Posted Oct 26, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-2110-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Security Fix: A race condition was found in the way the Linux kernel's memory subsystem handled the copy-on-write breakage of private read-only memory mappings. An unprivileged, local user could use this flaw to gain write access to otherwise read-only memory mappings and thus increase their privileges on the system.

tags | advisory, kernel, local
systems | linux, redhat
advisories | CVE-2016-5195, CVE-2016-7039
MD5 | 88e4fe5ab45eef19cd0bf51fa78999bb
Red Hat Security Advisory 2016-2107-01
Posted Oct 26, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-2107-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Security Fix: A race condition was found in the way the Linux kernel's memory subsystem handled the copy-on-write breakage of private read-only memory mappings. An unprivileged, local user could use this flaw to gain write access to otherwise read-only memory mappings and thus increase their privileges on the system.

tags | advisory, kernel, local
systems | linux, redhat
advisories | CVE-2016-5195, CVE-2016-7039
MD5 | 9edc79016fb7ce862d94d9f81680bb4d
Red Hat Security Advisory 2016-2106-01
Posted Oct 26, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-2106-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: A race condition was found in the way the Linux kernel's memory subsystem handled the copy-on-write breakage of private read-only memory mappings. An unprivileged, local user could use this flaw to gain write access to otherwise read-only memory mappings and thus increase their privileges on the system.

tags | advisory, kernel, local
systems | linux, redhat
advisories | CVE-2016-5195
MD5 | 8ac9c8348677102180c40468abf6803f
Red Hat Security Advisory 2016-2105-01
Posted Oct 26, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-2105-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: A race condition was found in the way the Linux kernel's memory subsystem handled the copy-on-write breakage of private read-only memory mappings. An unprivileged, local user could use this flaw to gain write access to otherwise read-only memory mappings and thus increase their privileges on the system.

tags | advisory, kernel, local
systems | linux, redhat
advisories | CVE-2016-5195
MD5 | 8bd741b32bf98367f948fd2087d5d519
Ubuntu Security Notice USN-3107-2
Posted Oct 24, 2016
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3107-2 - It was discovered that a race condition existed in the memory manager of the Linux kernel when handling copy-on-write breakage of private read-only memory mappings. A local attacker could use this to gain administrative privileges.

tags | advisory, kernel, local
systems | linux, ubuntu
advisories | CVE-2016-5195
MD5 | 47563cd04c60fbee4f488185fed44b92
Red Hat Security Advisory 2016-2098-01
Posted Oct 24, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-2098-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: A race condition was found in the way the Linux kernel's memory subsystem handled the copy-on-write breakage of private read-only memory mappings. An unprivileged, local user could use this flaw to gain write access to otherwise read-only memory mappings and thus increase their privileges on the system.

tags | advisory, kernel, local
systems | linux, redhat
advisories | CVE-2016-5195
MD5 | 82cd6861b6dcb0b6ba82f6ce5e20a4a2
DirtyCow Local Root Proof Of Concept
Posted Oct 21, 2016
Authored by Robin Verton

DirtyCow local root proof of concept exploit that overwrites passwd.

tags | exploit, local, root, proof of concept
advisories | CVE-2016-5195
MD5 | 121f1c681c29b7ccd0d3886ff9506757
DirtyCow Linux Kernel Race Condition
Posted Oct 21, 2016
Authored by dirtycow, Phil Oester | Site github.com

This exploit demonstrates a race condition in the Linux kernel's memory subsystem and how it handles the copy-on-write (COW) breakage of private read-only memory mappings.

tags | exploit, kernel
systems | linux
advisories | CVE-2016-5195
MD5 | 1dcf363c8d922bfcf4a86e9422511d31
Kernel Live Patch Security Notice LSN-0012-1
Posted Oct 20, 2016
Authored by Luis Henriques

Vladimir Benes discovered an unbounded recursion in the VLAN and TEB Generic Receive Offload (GRO) processing implementations in the Linux kernel, A remote attacker could use this to cause a stack corruption, leading to a denial of service (system crash). It was discovered that a race condition existed in the memory manager of the Linux kernel when handling copy-on-write breakage of private read-only memory mappings. A local attacker could use this to gain administrative privileges.

tags | advisory, remote, denial of service, kernel, local
systems | linux
advisories | CVE-2016-5195, CVE-2016-7039, CVE-2016-8666
MD5 | edeba226c2ac5f34fa32774519f42c74
Page 1 of 2
Back12Next

File Archive:

November 2017

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    22 Files
  • 2
    Nov 2nd
    28 Files
  • 3
    Nov 3rd
    10 Files
  • 4
    Nov 4th
    1 Files
  • 5
    Nov 5th
    5 Files
  • 6
    Nov 6th
    15 Files
  • 7
    Nov 7th
    15 Files
  • 8
    Nov 8th
    13 Files
  • 9
    Nov 9th
    9 Files
  • 10
    Nov 10th
    9 Files
  • 11
    Nov 11th
    3 Files
  • 12
    Nov 12th
    2 Files
  • 13
    Nov 13th
    15 Files
  • 14
    Nov 14th
    17 Files
  • 15
    Nov 15th
    19 Files
  • 16
    Nov 16th
    15 Files
  • 17
    Nov 17th
    19 Files
  • 18
    Nov 18th
    4 Files
  • 19
    Nov 19th
    2 Files
  • 20
    Nov 20th
    9 Files
  • 21
    Nov 21st
    15 Files
  • 22
    Nov 22nd
    23 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    0 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close