CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:C/I:C/A:C
CVSS3
Attack Vector
LOCAL
Attack Complexity
HIGH
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS
Percentile
98.4%
Severity: High
Date : 2016-10-21
CVE-ID : CVE-2016-5195
Package : linux-lts
Type : privilege escalation
Remote : No
Link : https://wiki.archlinux.org/index.php/CVE
The package linux-lts before version 4.4.26-1 is vulnerable to
privilege escalation.
Upgrade to 4.4.26-1.
The problem has been fixed upstream in version 4.4.26.
None.
A race condition was found in the way the Linux kernel’s memory
subsystem handled the copy-on-write (COW) breakage of private read-only
memory mappings. An unprivileged local user could use this flaw to gain
write access to otherwise read-only memory mappings and thus increase
their privileges on the system.
An unprivileged local attacker is able to elevate their privileges on
the system and gain root access.
https://bugzilla.redhat.com/show_bug.cgi?id=1384344
https://github.com/dirtycow/dirtycow.github.io/wiki/VulnerabilityDetails
https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=19be0eaffa3ac7d8eb6784ad9bdbc7d67ed8e619
https://access.redhat.com/security/cve/CVE-2016-5195
CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:C/I:C/A:C
CVSS3
Attack Vector
LOCAL
Attack Complexity
HIGH
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS
Percentile
98.4%