(CentOS Issues Fix) Linux Kernel Copy-on-Write Memory Management Race Condition Lets Local Users Obtain Elevated Privileges
|
SecurityTracker Alert ID: 1037094 |
SecurityTracker URL: http://securitytracker.com/id/1037094
|
CVE Reference:
CVE-2016-5195
(Links to External Site)
|
Date: Oct 25 2016
|
Impact:
Execution of arbitrary code via local system, Root access via local system
|
Fix Available: Yes Vendor Confirmed: Yes
|
Version(s): 7
|
Description:
A vulnerability was reported in the Linux kernel. A local user can obtain root privileges on the target system.
A local user can a race condition in the kernel memory subsystem in the management of copy-on-write operations on read-only memory mappings to overwrite kernel memory and gain kernel-level privileges.
This vulnerability is being actively exploited.
Some demonstration exploit code is listed at:
https://github.com/dirtycow/dirtycow.github.io/wiki/PoCs
|
Impact:
A local user can obtain root privileges on the target system.
|
Solution:
CentOS has issued a fix.
x86_64:
afb7e2a7c3a38185b99f092b70ec274888a5beb136a7e5077559cbd29b3f55d7 kernel-3.10.0-327.36.3.el7.x86_64.rpm
1b33324ee4de14c03dde2eefb91bdee83082dd4ced6c0b94f5ab3253690bce38 kernel-abi-whitelists-3.10.0-327.36.3.el7.noarch.rpm
000ccd89b45a28645202add878b5e37d9a482df68fd5cf12914611098724eea7 kernel-debug-3.10.0-327.36.3.el7.x86_64.rpm
430e59db8a03d01f25ff602e766b96b06157fb881db68ca0cb81f229ec2609d6 kernel-debug-devel-3.10.0-327.36.3.el7.x86_64.rpm
5522697d3b016509dd3744e714d61e5d177921d2a045588730c1cd41713ba2c1 kernel-devel-3.10.0-327.36.3.el7.x86_64.rpm
b3fb9f23b5a2427d90e286350b1e7ded8ce6c3c2c5f7e191ee15bb8a70c981aa kernel-doc-3.10.0-327.36.3.el7.noarch.rpm
ad0006f10828ff8890c5599982c57a5ed75a9fdc9aab90e0c8cba6422eb766ea kernel-headers-3.10.0-327.36.3.el7.x86_64.rpm
3639553b0daacf8b577a5576d732eadae1aeef30cf61ca15dd755e439b5a8578 kernel-tools-3.10.0-327.36.3.el7.x86_64.rpm
b66a1c39f21081605dc3f19afc73236b5cb23a1de8d1bd1b14718165663de7ac kernel-tools-libs-3.10.0-327.36.3.el7.x86_64.rpm
97f1708f020dc0c19c9abead5cabdf813aa56ffdf6f8956811669019d74980d8 kernel-tools-libs-devel-3.10.0-327.36.3.el7.x86_64.rpm
6101abe377f9c3f96f9a0b32840ccde2d60835af96ffbb1c787841e0a98bb755 perf-3.10.0-327.36.3.el7.x86_64.rpm
cd55f641ed83faeb33d35a7915c78f85f58a237612ffebdfd5f41e652472ce7b python-perf-3.10.0-327.36.3.el7.x86_64.rpm
Source:
fc7d9058db4d12308f80993c446175e0fd45e413ffafa7b9b2b0c38a432a4a3c kernel-3.10.0-327.36.3.el7.src.rpm
|
Cause:
Access control error, State error
|
|
Message History:
This archive entry is a follow-up to the message listed below.
|
Source Message Contents
|
Subject: [CentOS-announce] CESA-2016:2098 Important CentOS 7 kernel Security Update
|
CentOS Errata and Security Advisory 2016:2098 Important
Upstream details at : https://rhn.redhat.com/errata/RHSA-2016-2098.html
The following updated files have been uploaded and are currently
syncing to the mirrors: ( sha256sum Filename )
x86_64:
afb7e2a7c3a38185b99f092b70ec274888a5beb136a7e5077559cbd29b3f55d7 kernel-3.10.0-327.36.3.el7.x86_64.rpm
1b33324ee4de14c03dde2eefb91bdee83082dd4ced6c0b94f5ab3253690bce38 kernel-abi-whitelists-3.10.0-327.36.3.el7.noarch.rpm
000ccd89b45a28645202add878b5e37d9a482df68fd5cf12914611098724eea7 kernel-debug-3.10.0-327.36.3.el7.x86_64.rpm
430e59db8a03d01f25ff602e766b96b06157fb881db68ca0cb81f229ec2609d6 kernel-debug-devel-3.10.0-327.36.3.el7.x86_64.rpm
5522697d3b016509dd3744e714d61e5d177921d2a045588730c1cd41713ba2c1 kernel-devel-3.10.0-327.36.3.el7.x86_64.rpm
b3fb9f23b5a2427d90e286350b1e7ded8ce6c3c2c5f7e191ee15bb8a70c981aa kernel-doc-3.10.0-327.36.3.el7.noarch.rpm
ad0006f10828ff8890c5599982c57a5ed75a9fdc9aab90e0c8cba6422eb766ea kernel-headers-3.10.0-327.36.3.el7.x86_64.rpm
3639553b0daacf8b577a5576d732eadae1aeef30cf61ca15dd755e439b5a8578 kernel-tools-3.10.0-327.36.3.el7.x86_64.rpm
b66a1c39f21081605dc3f19afc73236b5cb23a1de8d1bd1b14718165663de7ac kernel-tools-libs-3.10.0-327.36.3.el7.x86_64.rpm
97f1708f020dc0c19c9abead5cabdf813aa56ffdf6f8956811669019d74980d8 kernel-tools-libs-devel-3.10.0-327.36.3.el7.x86_64.rpm
6101abe377f9c3f96f9a0b32840ccde2d60835af96ffbb1c787841e0a98bb755 perf-3.10.0-327.36.3.el7.x86_64.rpm
cd55f641ed83faeb33d35a7915c78f85f58a237612ffebdfd5f41e652472ce7b python-perf-3.10.0-327.36.3.el7.x86_64.rpm
Source:
fc7d9058db4d12308f80993c446175e0fd45e413ffafa7b9b2b0c38a432a4a3c kernel-3.10.0-327.36.3.el7.src.rpm
--
Johnny Hughes
CentOS Project { http://www.centos.org/ }
irc: hughesjr, #centos@irc.freenode.net
Twitter: @JohnnyCentOS
_______________________________________________
CentOS-announce mailing list
CentOS-announce@centos.org
https://lists.centos.org/mailman/listinfo/centos-announce
|
|