SecurityTracker.com
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 


Category:   OS (Linux)  >   Linux Kernel Vendors:   kernel.org
(CentOS Issues Fix) Linux Kernel Copy-on-Write Memory Management Race Condition Lets Local Users Obtain Elevated Privileges
SecurityTracker Alert ID:  1037146
SecurityTracker URL:  http://securitytracker.com/id/1037146
CVE Reference:   CVE-2016-5195   (Links to External Site)
Date:  Oct 28 2016
Impact:   Execution of arbitrary code via local system, Root access via local system
Fix Available:  Yes  Vendor Confirmed:  Yes  
Version(s): 5
Description:   A vulnerability was reported in the Linux kernel. A local user can obtain root privileges on the target system.

A local user can a race condition in the kernel memory subsystem in the management of copy-on-write operations on read-only memory mappings to overwrite kernel memory and gain kernel-level privileges.

This vulnerability is being actively exploited.

Some demonstration exploit code is listed at:

https://github.com/dirtycow/dirtycow.github.io/wiki/PoCs

Impact:   A local user can obtain root privileges on the target system.
Solution:   CentOS has issued a fix.

i386:
704498f1ec6f196882bf2dc25bf1f65d813ff84107a8476d5386663532f5206a kernel-2.6.18-416.el5.i686.rpm
0802fb601a7d1936e6607c747a0737c36791dcb2af156d6be30c81f2d0671465 kernel-debug-2.6.18-416.el5.i686.rpm
bc8956c899a7fce81f371e15e9d4293297b1abb64da75c214ba086d046c6a9bd kernel-debug-devel-2.6.18-416.el5.i686.rpm
db180509a4fa22d8e0151bed34f12dc1aa040b497f3ec0ba465388510a7b6df7 kernel-devel-2.6.18-416.el5.i686.rpm
fcfabae71ac655ffaeaf5ab5f3a4c64d214684ef6f738ce2a5666c950ec9fdbd kernel-doc-2.6.18-416.el5.noarch.rpm
8489c9c93257895eb1b69ecebb173249fcf501ed10518bc2547222ec1c75f482 kernel-headers-2.6.18-416.el5.i386.rpm
e7d00b03a37e0353c22343d3a996a33c893e220cccb1fb7f1981ba1d530b73ee kernel-PAE-2.6.18-416.el5.i686.rpm
36fefcec929f64c33b09d7e3f2924ce3c8b7d7a86d1272e7de731ad584a9b310 kernel-PAE-devel-2.6.18-416.el5.i686.rpm
ad35ea63d8275960cafd5844f59babeb5199f2f7ba10df6e35f58f5cc63f3aa6 kernel-xen-2.6.18-416.el5.i686.rpm
da05a5b93d8c3f1518ee7eb52792f655febc9b724301610bf7463fd91d14a41a kernel-xen-devel-2.6.18-416.el5.i686.rpm

x86_64:
cbedceb97046ac8274a6804c7da995dd8166c0d18f867e317e269091f197e68b kernel-2.6.18-416.el5.x86_64.rpm
31be4d5ec91c50abef7421dbdd3acd098d1d338b35a6b487cf4888071867852d kernel-debug-2.6.18-416.el5.x86_64.rpm
04a3c7d586ac2923ff1362cb1e72634cfe3aa54a5e84e175340043a51fa043ca kernel-debug-devel-2.6.18-416.el5.x86_64.rpm
b0ce136908b8fb2575bdc11e882a705e494a0b1b423435f7f3d984556b7afd38 kernel-devel-2.6.18-416.el5.x86_64.rpm
fcfabae71ac655ffaeaf5ab5f3a4c64d214684ef6f738ce2a5666c950ec9fdbd kernel-doc-2.6.18-416.el5.noarch.rpm
058216a53ff8b1bd75333ed1c700076f54365d209bfd4d54109299318edd1a49 kernel-headers-2.6.18-416.el5.x86_64.rpm
738534a54a6ca2d9b04e8116ec1147900eeff7b8a7b07f7fe6ca177ecaa51c66 kernel-xen-2.6.18-416.el5.x86_64.rpm
18a2ea3fe7513fd882ea8d9c84772bbfed55700e748a96fc0ebfacbab4da7380 kernel-xen-devel-2.6.18-416.el5.x86_64.rpm

Source:
724e9e10418be6bbb6a1408b12344edcab9f745373013f337be3180d3877c7f4 kernel-2.6.18-416.el5.src.rpm

Cause:   Access control error, State error

Message History:   This archive entry is a follow-up to the message listed below.
Oct 22 2016 Linux Kernel Copy-on-Write Memory Management Race Condition Lets Local Users Obtain Elevated Privileges



 Source Message Contents

Subject:  [CentOS-announce] CESA-2016:2124 Important CentOS 5 kernel Security Update


CentOS Errata and Security Advisory 2016:2124 Important

Upstream details at : https://rhn.redhat.com/errata/RHSA-2016-2124.html

The following updated files have been uploaded and are currently 
syncing to the mirrors: ( sha256sum Filename ) 

i386:
704498f1ec6f196882bf2dc25bf1f65d813ff84107a8476d5386663532f5206a  kernel-2.6.18-416.el5.i686.rpm
0802fb601a7d1936e6607c747a0737c36791dcb2af156d6be30c81f2d0671465  kernel-debug-2.6.18-416.el5.i686.rpm
bc8956c899a7fce81f371e15e9d4293297b1abb64da75c214ba086d046c6a9bd  kernel-debug-devel-2.6.18-416.el5.i686.rpm
db180509a4fa22d8e0151bed34f12dc1aa040b497f3ec0ba465388510a7b6df7  kernel-devel-2.6.18-416.el5.i686.rpm
fcfabae71ac655ffaeaf5ab5f3a4c64d214684ef6f738ce2a5666c950ec9fdbd  kernel-doc-2.6.18-416.el5.noarch.rpm
8489c9c93257895eb1b69ecebb173249fcf501ed10518bc2547222ec1c75f482  kernel-headers-2.6.18-416.el5.i386.rpm
e7d00b03a37e0353c22343d3a996a33c893e220cccb1fb7f1981ba1d530b73ee  kernel-PAE-2.6.18-416.el5.i686.rpm
36fefcec929f64c33b09d7e3f2924ce3c8b7d7a86d1272e7de731ad584a9b310  kernel-PAE-devel-2.6.18-416.el5.i686.rpm
ad35ea63d8275960cafd5844f59babeb5199f2f7ba10df6e35f58f5cc63f3aa6  kernel-xen-2.6.18-416.el5.i686.rpm
da05a5b93d8c3f1518ee7eb52792f655febc9b724301610bf7463fd91d14a41a  kernel-xen-devel-2.6.18-416.el5.i686.rpm

x86_64:
cbedceb97046ac8274a6804c7da995dd8166c0d18f867e317e269091f197e68b  kernel-2.6.18-416.el5.x86_64.rpm
31be4d5ec91c50abef7421dbdd3acd098d1d338b35a6b487cf4888071867852d  kernel-debug-2.6.18-416.el5.x86_64.rpm
04a3c7d586ac2923ff1362cb1e72634cfe3aa54a5e84e175340043a51fa043ca  kernel-debug-devel-2.6.18-416.el5.x86_64.rpm
b0ce136908b8fb2575bdc11e882a705e494a0b1b423435f7f3d984556b7afd38  kernel-devel-2.6.18-416.el5.x86_64.rpm
fcfabae71ac655ffaeaf5ab5f3a4c64d214684ef6f738ce2a5666c950ec9fdbd  kernel-doc-2.6.18-416.el5.noarch.rpm
058216a53ff8b1bd75333ed1c700076f54365d209bfd4d54109299318edd1a49  kernel-headers-2.6.18-416.el5.x86_64.rpm
738534a54a6ca2d9b04e8116ec1147900eeff7b8a7b07f7fe6ca177ecaa51c66  kernel-xen-2.6.18-416.el5.x86_64.rpm
18a2ea3fe7513fd882ea8d9c84772bbfed55700e748a96fc0ebfacbab4da7380  kernel-xen-devel-2.6.18-416.el5.x86_64.rpm

Source:
724e9e10418be6bbb6a1408b12344edcab9f745373013f337be3180d3877c7f4  kernel-2.6.18-416.el5.src.rpm



-- 
Johnny Hughes
CentOS Project { http://www.centos.org/ }
irc: hughesjr, #centos@irc.freenode.net
Twitter: JohnnyCentOS

_______________________________________________
CentOS-announce mailing list
CentOS-announce@centos.org
https://lists.centos.org/mailman/listinfo/centos-announce
 
 


Go to the Top of This SecurityTracker Archive Page





Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2019, SecurityGlobal.net LLC