Lucene search
CentOS ProjectCESA-2016:2105HistoryOct 26, 2016 - 7:33 a.m.
kernel, perf, python security update
2016-10-2607:33:13
CentOS Project
lists.centos.org
90
CVSS2
7.2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:C/I:C/A:C
CVSS3
7
Attack Vector
LOCAL
Attack Complexity
HIGH
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS
0.817
Percentile
98.4%
CentOS Errata and Security Advisory CESA-2016:2105
The kernel packages contain the Linux kernel, the core of any Linux operating system.
Security Fix(es):
- A race condition was found in the way the Linux kernel’s memory subsystem handled the copy-on-write (COW) breakage of private read-only memory mappings. An unprivileged, local user could use this flaw to gain write access to otherwise read-only memory mappings and thus increase their privileges on the system. (CVE-2016-5195, Important)
Red Hat would like to thank Phil Oester for reporting this issue.
Merged security bulletin from advisories:
https://lists.centos.org/pipermail/centos-announce/2016-October/084296.html
Affected packages:
kernel
kernel-abi-whitelists
kernel-debug
kernel-debug-devel
kernel-devel
kernel-doc
kernel-firmware
kernel-headers
perf
python-perf
Upstream details at:
https://access.redhat.com/errata/RHSA-2016:2105
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| CentOS | 6 | i686 | kernel | < 2.6.32-642.6.2.el6 | kernel-2.6.32-642.6.2.el6.i686.rpm |
| CentOS | 6 | noarch | kernel-abi-whitelists | < 2.6.32-642.6.2.el6 | kernel-abi-whitelists-2.6.32-642.6.2.el6.noarch.rpm |
| CentOS | 6 | i686 | kernel-debug | < 2.6.32-642.6.2.el6 | kernel-debug-2.6.32-642.6.2.el6.i686.rpm |
| CentOS | 6 | i686 | kernel-debug-devel | < 2.6.32-642.6.2.el6 | kernel-debug-devel-2.6.32-642.6.2.el6.i686.rpm |
| CentOS | 6 | i686 | kernel-devel | < 2.6.32-642.6.2.el6 | kernel-devel-2.6.32-642.6.2.el6.i686.rpm |
| CentOS | 6 | noarch | kernel-doc | < 2.6.32-642.6.2.el6 | kernel-doc-2.6.32-642.6.2.el6.noarch.rpm |
| CentOS | 6 | noarch | kernel-firmware | < 2.6.32-642.6.2.el6 | kernel-firmware-2.6.32-642.6.2.el6.noarch.rpm |
| CentOS | 6 | i686 | kernel-headers | < 2.6.32-642.6.2.el6 | kernel-headers-2.6.32-642.6.2.el6.i686.rpm |
| CentOS | 6 | i686 | perf | < 2.6.32-642.6.2.el6 | perf-2.6.32-642.6.2.el6.i686.rpm |
| CentOS | 6 | i686 | python-perf | < 2.6.32-642.6.2.el6 | python-perf-2.6.32-642.6.2.el6.i686.rpm |
Related
suse
suse
Security update for Linux Kernel Live Patch 15 for SLE 12 (important)
2016-10-27 01:06:19
Security update for the Linux Kernel (important)
2016-10-24 17:08:24
Security update for the Linux Kernel (important)
2016-10-21 21:08:21
archlinux
archlinux
[ASA-201610-11] linux-lts: privilege escalation
2016-10-21 00:00:00
[ASA-201610-14] linux: privilege escalation
2016-10-22 00:00:00
[ASA-201610-16] linux-grsec: privilege escalation
2016-10-24 00:00:00
ubuntu
ubuntu
Linux kernel (Raspberry Pi 2) vulnerability
2016-10-20 00:00:00
Linux kernel vulnerability
2016-10-20 00:00:00
Linux kernel vulnerability
2016-10-20 00:00:00
ibm
ibm
nessus
nessus
F5 Networks BIG-IP : Linux privilege-escalation vulnerability (K10558632) (Dirty COW)
2017-02-22 00:00:00
Oracle Linux 6 / 7 : Unbreakable Enterprise kernel (ELSA-2016-3633)
2016-10-24 00:00:00
SUSE SLES12 Security Update : kernel (SUSE-SU-2016:2593-1) (Dirty COW)
2016-10-26 00:00:00
openvas
openvas
Ubuntu: Security Advisory (USN-3107-2)
2016-12-05 00:00:00
SUSE: Security Advisory (SUSE-SU-2016:2592-1)
2021-04-19 00:00:00
Fedora Update for kernel FEDORA-2016-db4b75b352
2016-11-14 00:00:00
canvas
canvas
Immunity Canvas: LINUX_FOLL_WRITE_COW
2016-11-10 21:59:00
redhat
redhat
(RHSA-2016:2132) Important: kernel security and bug fix update
2016-11-01 10:16:02
(RHSA-2016:2126) Important: kernel security update
2016-10-31 00:00:00
(RHSA-2016:2098) Important: kernel security update
2016-10-24 12:01:05
saint
saint
Linux Dirty COW Local File Overwrite
2016-10-27 00:00:00
Linux Dirty COW Local File Overwrite
2016-10-27 00:00:00
Linux Dirty COW Local File Overwrite
2016-10-27 00:00:00
cisa
cisa
Linux Kernel Vulnerability
2016-10-21 00:00:00
f5
f5
K10558632 : Linux privilege-escalation vulnerability CVE-2016-5195
2016-10-21 00:00:00
packetstorm
packetstorm
Linux Kernel Dirty COW PTRACE_POKEDATA Privilege Escalation
2016-11-28 00:00:00
Linux Kernel Dirty COW PTRACE_POKEDATA Privilege Escalation
2016-11-25 00:00:00
cve
cve
CVE-2016-5195
2016-11-10 21:59:00
CVE-2016-3919
2016-11-25 18:59:00
oraclelinux
oraclelinux
Unbreakable Enterprise kernel security update
2016-10-21 00:00:00
kernel security update
2016-10-24 00:00:00
Unbreakable Enterprise kernel security update
2016-10-21 00:00:00
fedora
fedora
[SECURITY] Fedora 24 Update: kernel-4.7.9-200.fc24
2016-10-22 17:20:39
[SECURITY] Fedora 25 Update: kernel-4.8.3-300.fc25
2016-10-22 12:53:27
[SECURITY] Fedora 23 Update: kernel-4.7.9-100.fc23
2016-10-23 22:49:20
centos
centos
kernel, perf, python security update
2016-10-25 11:17:10
kernel security update
2016-10-28 13:34:09
veracode
veracode
Arbitrary Code Execution
2019-01-15 09:14:05
zdt
zdt
ubuntucve
ubuntucve
CVE-2016-5195
2016-10-19 00:00:00
seebug
seebug
Linux kernel 2.6.22 < 3.9 elevation of privilege vulnerability
(Dirty COW)
2016-10-22 00:00:00
"Huge Dirty COW" (CVE-2017–1000405)
2017-11-30 00:00:00
huawei
huawei
Security Advisory - Dirty COW Vulnerability in Huawei Products
2016-12-07 00:00:00
debiancve
debiancve
CVE-2016-5195
2016-11-10 21:59:00
securelist
securelist
Mobile malware evolution 2019
2020-02-25 10:00:43
thn
thn
Dirty COW — Critical Linux Kernel Flaw Being Exploited in the Wild
2016-10-20 23:02:00
'Exodus' Surveillance Malware Found Targeting Apple iOS Users
2019-04-09 07:19:00
RedJuliett Cyber Espionage Campaign Hits 75 Taiwanese Organizations
2024-06-24 07:49:00
android
android
CVE-2016-5195
2016-11-01 00:00:00
dirtyc0w
2016-10-13 00:00:00
chrome
chrome
Stable Channel Update for Chrome OS
2016-10-26 00:00:00
cvelist
cvelist
CVE-2016-5195
2016-11-10 21:00:00
exploitdb
exploitdb
paloalto
paloalto
Kernel Vulnerability
2017-02-21 19:30:00
prion
prion
Race condition
2016-11-10 21:59:00
fortinet
fortinet
Linux Kernel Dirty Cow Vulnerability
2016-11-09 00:00:00
amazon
amazon
Critical: kernel
2016-10-20 04:11:00
vmware
vmware
cisa_kev
cisa_kev
Linux Kernel Race Condition Vulnerability
2022-03-03 00:00:00
cert
cert
slackware
slackware
[slackware-security] kernel
2016-11-01 03:40:05
threatpost
threatpost
Serious Dirty Cow Linux Vulnerability Under Attack
2016-10-21 11:21:36
Flaw Found In Dirty COW Patch
2017-12-01 11:43:06
Dirty Cow Vulnerability Patched in Android Security Bulletin
2016-12-05 15:32:51
arista
arista
Security Advisory 0026
2016-10-21 00:00:00
cisco
cisco
Vulnerability in Linux Kernel Affecting Cisco Products: October 2016
2016-10-26 15:00:00
nvd
nvd
CVE-2016-5195
2016-11-10 21:59:00
CVE-2016-3919
2016-11-25 18:59:00
attackerkb
attackerkb
CVE-2016-5195
2016-11-10 00:00:00
altlinux
altlinux
myhack58
myhack58
malwarebytes
malwarebytes
Linux “Dirty Pipe” vulnerability gives unprivileged users root access
2022-03-11 14:38:30
githubexploit
githubexploit
Exploit for Improper Initialization in Linux Linux Kernel
2022-03-07 18:36:50
Exploit for Improper Initialization in Linux Linux Kernel
2022-03-08 20:18:28
Exploit for Improper Initialization in Linux Linux Kernel
2022-04-15 09:11:43
redhatcve
redhatcve
CVE-2017-1000405
2017-11-30 07:49:34
CVSS2
7.2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:C/I:C/A:C
CVSS3
7
Attack Vector
LOCAL
Attack Complexity
HIGH
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS
0.817
Percentile
98.4%
Related for CESA-2016:2105