SecurityTracker.com
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 


Category:   OS (Linux)  >   Linux Kernel Vendors:   kernel.org
(CentOS Issues Fix) Linux Kernel Copy-on-Write Memory Management Race Condition Lets Local Users Obtain Elevated Privileges
SecurityTracker Alert ID:  1037094
SecurityTracker URL:  http://securitytracker.com/id/1037094
CVE Reference:   CVE-2016-5195   (Links to External Site)
Date:  Oct 25 2016
Impact:   Execution of arbitrary code via local system, Root access via local system
Fix Available:  Yes  Vendor Confirmed:  Yes  
Version(s): 7
Description:   A vulnerability was reported in the Linux kernel. A local user can obtain root privileges on the target system.

A local user can a race condition in the kernel memory subsystem in the management of copy-on-write operations on read-only memory mappings to overwrite kernel memory and gain kernel-level privileges.

This vulnerability is being actively exploited.

Some demonstration exploit code is listed at:

https://github.com/dirtycow/dirtycow.github.io/wiki/PoCs

Impact:   A local user can obtain root privileges on the target system.
Solution:   CentOS has issued a fix.

x86_64:
afb7e2a7c3a38185b99f092b70ec274888a5beb136a7e5077559cbd29b3f55d7 kernel-3.10.0-327.36.3.el7.x86_64.rpm
1b33324ee4de14c03dde2eefb91bdee83082dd4ced6c0b94f5ab3253690bce38 kernel-abi-whitelists-3.10.0-327.36.3.el7.noarch.rpm
000ccd89b45a28645202add878b5e37d9a482df68fd5cf12914611098724eea7 kernel-debug-3.10.0-327.36.3.el7.x86_64.rpm
430e59db8a03d01f25ff602e766b96b06157fb881db68ca0cb81f229ec2609d6 kernel-debug-devel-3.10.0-327.36.3.el7.x86_64.rpm
5522697d3b016509dd3744e714d61e5d177921d2a045588730c1cd41713ba2c1 kernel-devel-3.10.0-327.36.3.el7.x86_64.rpm
b3fb9f23b5a2427d90e286350b1e7ded8ce6c3c2c5f7e191ee15bb8a70c981aa kernel-doc-3.10.0-327.36.3.el7.noarch.rpm
ad0006f10828ff8890c5599982c57a5ed75a9fdc9aab90e0c8cba6422eb766ea kernel-headers-3.10.0-327.36.3.el7.x86_64.rpm
3639553b0daacf8b577a5576d732eadae1aeef30cf61ca15dd755e439b5a8578 kernel-tools-3.10.0-327.36.3.el7.x86_64.rpm
b66a1c39f21081605dc3f19afc73236b5cb23a1de8d1bd1b14718165663de7ac kernel-tools-libs-3.10.0-327.36.3.el7.x86_64.rpm
97f1708f020dc0c19c9abead5cabdf813aa56ffdf6f8956811669019d74980d8 kernel-tools-libs-devel-3.10.0-327.36.3.el7.x86_64.rpm
6101abe377f9c3f96f9a0b32840ccde2d60835af96ffbb1c787841e0a98bb755 perf-3.10.0-327.36.3.el7.x86_64.rpm
cd55f641ed83faeb33d35a7915c78f85f58a237612ffebdfd5f41e652472ce7b python-perf-3.10.0-327.36.3.el7.x86_64.rpm

Source:
fc7d9058db4d12308f80993c446175e0fd45e413ffafa7b9b2b0c38a432a4a3c kernel-3.10.0-327.36.3.el7.src.rpm

Cause:   Access control error, State error

Message History:   This archive entry is a follow-up to the message listed below.
Oct 22 2016 Linux Kernel Copy-on-Write Memory Management Race Condition Lets Local Users Obtain Elevated Privileges



 Source Message Contents

Subject:  [CentOS-announce] CESA-2016:2098 Important CentOS 7 kernel Security Update


CentOS Errata and Security Advisory 2016:2098 Important

Upstream details at : https://rhn.redhat.com/errata/RHSA-2016-2098.html

The following updated files have been uploaded and are currently 
syncing to the mirrors: ( sha256sum Filename ) 

x86_64:
afb7e2a7c3a38185b99f092b70ec274888a5beb136a7e5077559cbd29b3f55d7  kernel-3.10.0-327.36.3.el7.x86_64.rpm
1b33324ee4de14c03dde2eefb91bdee83082dd4ced6c0b94f5ab3253690bce38  kernel-abi-whitelists-3.10.0-327.36.3.el7.noarch.rpm
000ccd89b45a28645202add878b5e37d9a482df68fd5cf12914611098724eea7  kernel-debug-3.10.0-327.36.3.el7.x86_64.rpm
430e59db8a03d01f25ff602e766b96b06157fb881db68ca0cb81f229ec2609d6  kernel-debug-devel-3.10.0-327.36.3.el7.x86_64.rpm
5522697d3b016509dd3744e714d61e5d177921d2a045588730c1cd41713ba2c1  kernel-devel-3.10.0-327.36.3.el7.x86_64.rpm
b3fb9f23b5a2427d90e286350b1e7ded8ce6c3c2c5f7e191ee15bb8a70c981aa  kernel-doc-3.10.0-327.36.3.el7.noarch.rpm
ad0006f10828ff8890c5599982c57a5ed75a9fdc9aab90e0c8cba6422eb766ea  kernel-headers-3.10.0-327.36.3.el7.x86_64.rpm
3639553b0daacf8b577a5576d732eadae1aeef30cf61ca15dd755e439b5a8578  kernel-tools-3.10.0-327.36.3.el7.x86_64.rpm
b66a1c39f21081605dc3f19afc73236b5cb23a1de8d1bd1b14718165663de7ac  kernel-tools-libs-3.10.0-327.36.3.el7.x86_64.rpm
97f1708f020dc0c19c9abead5cabdf813aa56ffdf6f8956811669019d74980d8  kernel-tools-libs-devel-3.10.0-327.36.3.el7.x86_64.rpm
6101abe377f9c3f96f9a0b32840ccde2d60835af96ffbb1c787841e0a98bb755  perf-3.10.0-327.36.3.el7.x86_64.rpm
cd55f641ed83faeb33d35a7915c78f85f58a237612ffebdfd5f41e652472ce7b  python-perf-3.10.0-327.36.3.el7.x86_64.rpm

Source:
fc7d9058db4d12308f80993c446175e0fd45e413ffafa7b9b2b0c38a432a4a3c  kernel-3.10.0-327.36.3.el7.src.rpm



-- 
Johnny Hughes
CentOS Project { http://www.centos.org/ }
irc: hughesjr, #centos@irc.freenode.net
Twitter: @JohnnyCentOS

_______________________________________________
CentOS-announce mailing list
CentOS-announce@centos.org
https://lists.centos.org/mailman/listinfo/centos-announce
 
 


Go to the Top of This SecurityTracker Archive Page





Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2019, SecurityGlobal.net LLC