Privilege Escalation Vulnerability in Linux Kernel by The Linux Foundation
CVE-2016-5195
Key Information:
- Vendor
Canonical
- Status
- Vendor
- CVE Published:
- 10 November 2016
Badges
What is CVE-2016-5195?
A race condition exists in the Linux kernel that allows local users to gain elevated privileges. By exploiting improper handling of copy-on-write (COW) memory mappings, an attacker could modify files that are meant to be read-only. This vulnerability, known as 'Dirty COW', was notably used in attacks as early as October 2016, facilitating unauthorized access and modification capabilities.
CISA has reported CVE-2016-5195
CISA provides regional cyber and physical services to support security and resilience across the United States. CISA monitor the most dangerious vulnerabilities and have identifed CVE-2016-5195 as being exploited but is not known by the CISA to be used in ransomware campaigns. This is subject to change at pace
The CISA's recommendation is: Apply updates per vendor instructions.
Exploit Proof of Concept (PoC)
PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.
References
EPSS Score
94% chance of being exploited in the next 30 days.
CVSS V3.1
Timeline
- 🟡
Public PoC available
- 👾
Exploit known to exist
- 🦅
CISA Reported
Vulnerability published
Vulnerability Reserved