« List of all CVEs

CVE-2016-5195

Published: 11/10/2016 Last updated: 11/4/2025 Reserved: 5/31/2016

Race condition in mm/gup.c in the Linux kernel 2.x through 4.x before 4.8.3 allows local users to gain privileges by leveraging incorrect handling of a copy-on-write (COW) feature to write to a read-only memory mapping, as exploited in the wild in October 2016, aka "Dirty COW."

CNA assigner: Chrome (ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28) Requested by: n/a

Metrics

Version Score Severity Vector String
3.1 7 High CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

Opam packages affected (27)

albatross cdrom conf-bpftool conf-libbpf conf-linux-libc-dev core core_unix hvsock mirage-block-unix mm ocaml-probes orun rawlink rawlink-eio rawlink-lwt shell solo5 solo5-bindings-hvt solo5-bindings-spt solo5-cross-aarch64 solo5-kernel-ukvm tracy-client tuntap uring vhd-format vhd-format-lwt xapi-stdext-unix

Products affected (2)

Product Vendor Version
n/a n/a 2.6-GA-01-23116 and prior (Windows 10, 11, Windows Server 2016, 2019, 2022)
n/a n/a < 10.0.17763.3887

References (508)