English | Deutsch | Español
 
Home ▼
Home About Us Contact Us Privacy Partner Programs Testimonials In Press Mailing Lists Abuse Developer APIs
Bookkeeping
Online ▼
Home Free Trial FAQ
Open/Create Company File Accept an Invite Order/Renew
Security
Audits ▼
Home Dedicated audits Advanced audits Standard audits Recurring audits No Risk audits Desktop audits Basic audit Security Seal FAQ Price/Feature Summary Order New Tests All Tests Confidentiality Vulnerability search Run Audit Scheduler IP Permissions Audit Configuration Editor Scan Queue Reminder Notification Schedule Seal Reports Reports Style Editor
Managed
DNS ▼
About Order FAQ Acceptable Use Policy Dynamic DNS Clients
Configure Domains Dyanmic DNS Update Password
Network
Monitor ▼
Enterprise Package Advanced Package Standard Package Free Trial FAQ Price/Feature Summary Order/Renew Examples
Configure/Status Alert Profiles
Research
Reports ▼
Home FAQ Glossary Archive
 Login/Register 
 
 Vulnerability   
Search   		     Search 324607 CVE descriptions
and 145615 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.882583
Category:CentOS Local Security Checks
Title:CentOS Update for kernel CESA-2016:2098 centos7
Summary:Check the version of kernel
Description:Summary:
Check the version of kernel

Vulnerability Insight:
The kernel packages contain the
Linux kernel, the core of any Linux operating system.

Security Fix(es):

* A race condition was found in the way the Linux kernel's memory subsystem
handled the copy-on-write (COW) breakage of private read-only memory
mappings. An unprivileged, local user could use this flaw to gain write
access to otherwise read-only memory mappings and thus increase their
privileges on the system. (CVE-2016-5195, Important)

Red Hat would like to thank Phil Oester for reporting this issue.

Affected Software/OS:
kernel on CentOS 7

Solution:
Please Install the Updated Packages.

CVSS Score:
7.2

CVSS Vector:
AV:L/AC:L/Au:N/C:C/I:C/A:C

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2016-5195
BugTraq ID: 93793
http://www.securityfocus.com/bid/93793
Bugtraq: 20161020 [CVE-2016-5195] "Dirty COW" Linux privilege escalation vulnerability (Google Search)
http://www.securityfocus.com/archive/1/539611/100/0/threaded
http://www.securityfocus.com/archive/1/archive/1/539611/100/0/threaded
Bugtraq: 20170310 [security bulletin] HPESBGN03707 rev.1 - HPE ConvergedSystem 700 2.0 VMware Kit, Remote Increase of Privilege (Google Search)
http://www.securityfocus.com/archive/1/540252/100/0/threaded
http://www.securityfocus.com/archive/1/archive/1/540252/100/0/threaded
Bugtraq: 20170331 [security bulletin] HPESBGN03722 rev.1 - HPE Operations Agent, Local Escalation of Privilege (Google Search)
http://www.securityfocus.com/archive/1/540344/100/0/threaded
http://www.securityfocus.com/archive/1/archive/1/540344/100/0/threaded
Bugtraq: 20170615 [security bulletin] HPESBGN03761 rev.1 - HPE Virtualization Performance Viewer (VPV)/ Cloud Optimizer using Linux, Remote Escalation of Privilege (Google Search)
http://www.securityfocus.com/archive/1/540736/100/0/threaded
http://www.securityfocus.com/archive/1/archive/1/540736/100/0/threaded
CERT/CC vulnerability note: VU#243144
https://www.kb.cert.org/vuls/id/243144
Cisco Security Advisory: 20161026 Vulnerability in Linux Kernel Affecting Cisco Products: October 2016
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161026-linux
Cisco Security Advisory: 20181107 Cisco TelePresence Video Communication Server Test Validation Script Issue
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20181107-vcsd
Debian Security Information: DSA-3696 (Google Search)
http://www.debian.org/security/2016/dsa-3696
https://www.exploit-db.com/exploits/40611/
https://www.exploit-db.com/exploits/40616/
https://www.exploit-db.com/exploits/40839/
https://www.exploit-db.com/exploits/40847/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W3APRVDVPDBXLH4DC5UKZVCR742MJIM3/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NWMDLBWMGZKFHMRJ7QUQVCERP5QHDB6W/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/E7M62SRP6CZLJ4ZXCRZKV4WPLQBSR7DT/
http://packetstormsecurity.com/files/139277/Kernel-Live-Patch-Security-Notice-LSN-0012-1.html
http://packetstormsecurity.com/files/139286/DirtyCow-Linux-Kernel-Race-Condition.html
http://packetstormsecurity.com/files/139287/DirtyCow-Local-Root-Proof-Of-Concept.html
http://packetstormsecurity.com/files/139922/Linux-Kernel-Dirty-COW-PTRACE_POKEDATA-Privilege-Escalation.html
http://packetstormsecurity.com/files/139923/Linux-Kernel-Dirty-COW-PTRACE_POKEDATA-Privilege-Escalation.html
http://packetstormsecurity.com/files/142151/Kernel-Live-Patch-Security-Notice-LSN-0021-1.html
https://dirtycow.ninja
https://github.com/dirtycow/dirtycow.github.io/wiki/PoCs
https://github.com/dirtycow/dirtycow.github.io/wiki/VulnerabilityDetails
https://www.arista.com/en/support/advisories-notices/security-advisories/1753-security-advisory-0026
http://www.openwall.com/lists/oss-security/2016/10/21/1
http://www.openwall.com/lists/oss-security/2016/10/26/7
http://www.openwall.com/lists/oss-security/2016/10/27/13
http://www.openwall.com/lists/oss-security/2016/10/30/1
http://www.openwall.com/lists/oss-security/2016/11/03/7
http://www.openwall.com/lists/oss-security/2022/03/07/1
http://www.openwall.com/lists/oss-security/2022/08/08/1
http://www.openwall.com/lists/oss-security/2022/08/08/2
http://www.openwall.com/lists/oss-security/2022/08/08/7
http://www.openwall.com/lists/oss-security/2022/08/08/8
http://www.openwall.com/lists/oss-security/2022/08/09/4
http://www.openwall.com/lists/oss-security/2022/08/15/1
RedHat Security Advisories: RHSA-2016:2098
http://rhn.redhat.com/errata/RHSA-2016-2098.html
RedHat Security Advisories: RHSA-2016:2105
http://rhn.redhat.com/errata/RHSA-2016-2105.html
RedHat Security Advisories: RHSA-2016:2106
http://rhn.redhat.com/errata/RHSA-2016-2106.html
RedHat Security Advisories: RHSA-2016:2107
http://rhn.redhat.com/errata/RHSA-2016-2107.html
RedHat Security Advisories: RHSA-2016:2110
http://rhn.redhat.com/errata/RHSA-2016-2110.html
RedHat Security Advisories: RHSA-2016:2118
http://rhn.redhat.com/errata/RHSA-2016-2118.html
RedHat Security Advisories: RHSA-2016:2120
http://rhn.redhat.com/errata/RHSA-2016-2120.html
RedHat Security Advisories: RHSA-2016:2124
http://rhn.redhat.com/errata/RHSA-2016-2124.html
RedHat Security Advisories: RHSA-2016:2126
http://rhn.redhat.com/errata/RHSA-2016-2126.html
RedHat Security Advisories: RHSA-2016:2127
http://rhn.redhat.com/errata/RHSA-2016-2127.html
RedHat Security Advisories: RHSA-2016:2128
http://rhn.redhat.com/errata/RHSA-2016-2128.html
RedHat Security Advisories: RHSA-2016:2132
http://rhn.redhat.com/errata/RHSA-2016-2132.html
RedHat Security Advisories: RHSA-2016:2133
http://rhn.redhat.com/errata/RHSA-2016-2133.html
RedHat Security Advisories: RHSA-2017:0372
https://access.redhat.com/errata/RHSA-2017:0372
http://www.securitytracker.com/id/1037078
SuSE Security Announcement: SUSE-SU-2016:2585 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00036.html
SuSE Security Announcement: SUSE-SU-2016:2592 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00038.html
SuSE Security Announcement: SUSE-SU-2016:2593 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00039.html
SuSE Security Announcement: SUSE-SU-2016:2596 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00040.html
SuSE Security Announcement: SUSE-SU-2016:2614 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00045.html
SuSE Security Announcement: SUSE-SU-2016:2629 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00049.html
SuSE Security Announcement: SUSE-SU-2016:2630 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00050.html
SuSE Security Announcement: SUSE-SU-2016:2631 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00051.html
SuSE Security Announcement: SUSE-SU-2016:2632 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00052.html
SuSE Security Announcement: SUSE-SU-2016:2633 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00053.html
SuSE Security Announcement: SUSE-SU-2016:2634 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00054.html
SuSE Security Announcement: SUSE-SU-2016:2635 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00055.html
SuSE Security Announcement: SUSE-SU-2016:2636 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00056.html
SuSE Security Announcement: SUSE-SU-2016:2637 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00057.html
SuSE Security Announcement: SUSE-SU-2016:2638 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00058.html
SuSE Security Announcement: SUSE-SU-2016:2655 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00064.html
SuSE Security Announcement: SUSE-SU-2016:2657 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00065.html
SuSE Security Announcement: SUSE-SU-2016:2658 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00066.html
SuSE Security Announcement: SUSE-SU-2016:2659 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00067.html
SuSE Security Announcement: SUSE-SU-2016:2673 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00072.html
SuSE Security Announcement: SUSE-SU-2016:3069 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00033.html
SuSE Security Announcement: SUSE-SU-2016:3304 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00100.html
SuSE Security Announcement: openSUSE-SU-2016:2583 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00034.html
SuSE Security Announcement: openSUSE-SU-2016:2584 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00035.html
SuSE Security Announcement: openSUSE-SU-2016:2625 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00048.html
SuSE Security Announcement: openSUSE-SU-2016:2649 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00063.html
SuSE Security Announcement: openSUSE-SU-2020:0554 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00041.html
http://www.ubuntu.com/usn/USN-3104-1
http://www.ubuntu.com/usn/USN-3104-2
http://www.ubuntu.com/usn/USN-3105-1
http://www.ubuntu.com/usn/USN-3105-2
http://www.ubuntu.com/usn/USN-3106-1
http://www.ubuntu.com/usn/USN-3106-2
http://www.ubuntu.com/usn/USN-3106-3
http://www.ubuntu.com/usn/USN-3106-4
http://www.ubuntu.com/usn/USN-3107-1
http://www.ubuntu.com/usn/USN-3107-2
CopyrightCopyright (C) 2016 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.



© 1998-2025 E-Soft Inc. All rights reserved.