漏洞信息(CVE-2016-5195)

一、漏洞 CVE-2016-5195 基础信息

漏洞标题

N/A

来源：AIGC 神龙大模型

漏洞描述信息

在Linux内核2.x至4.x之间的mm/gup.c中，在4.8.3之前的版本中，竞争条件允许本地用户通过错误处理复制后写入(COW)功能来写入只读内存映射来获得权限，就像2016年10月在野外被攻击一样，被称为“Dirty COW”。

来源：AIGC 神龙大模型

CVSS信息

CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

来源：AIGC 神龙大模型

漏洞类别

N/A

来源：AIGC 神龙大模型

漏洞标题

N/A

来源：美国国家漏洞数据库 NVD

漏洞描述信息

Race condition in mm/gup.c in the Linux kernel 2.x through 4.x before 4.8.3 allows local users to gain privileges by leveraging incorrect handling of a copy-on-write (COW) feature to write to a read-only memory mapping, as exploited in the wild in October 2016, aka "Dirty COW."

来源：美国国家漏洞数据库 NVD

CVSS信息

N/A

来源：美国国家漏洞数据库 NVD

漏洞类别

N/A

来源：美国国家漏洞数据库 NVD

漏洞标题

Linux kernel 竞争条件问题漏洞

来源：中国国家信息安全漏洞库 CNNVD

漏洞描述信息

Linux kernel是美国Linux基金会的开源操作系统Linux所使用的内核。 Linux kernel 2.x至4.8.3之前的4.x版本中的mm/gup.c文件存在竞争条件问题漏洞，该漏洞源于程序没有正确处理copy-on-write(COW)功能写入只读内存映射。本地攻击者可利用该漏洞获取权限。

来源：中国国家信息安全漏洞库 CNNVD

CVSS信息

N/A

来源：中国国家信息安全漏洞库 CNNVD

漏洞类别

竞争条件问题

来源：中国国家信息安全漏洞库 CNNVD

二、漏洞 CVE-2016-5195 的公开POC

#	POC 描述	源链接	神龙链接
1	Dirty Cow	https://github.com/KosukeShimofuji/CVE-2016-5195	POC详情
2	None	https://github.com/ASRTeam/CVE-2016-5195	POC详情
3	CVE-2016-5195 (dirtycow/dirtyc0w) proof of concept for Android	https://github.com/timwr/CVE-2016-5195	POC详情
4	CVE-2016-5195 exploit written in Crystal	https://github.com/xlucas/dirtycow.cr	POC详情
5	Ansible playbook to mitigate CVE-2016-5195 on CentOS	https://github.com/istenrot/centos-dirty-cow-ansible	POC详情
6	Mitigates CVE-2016-5195 aka DirtyCOW	https://github.com/pgporada/ansible-role-cve	POC详情
7	Dirty COW (CVE-2016-5195) vulnerability testing utility for Linux-based systems.	https://github.com/sideeffect42/DirtyCOWTester	POC详情
8	PoC for Dirty COW (CVE-2016-5195)	https://github.com/scumjr/dirtycow-vdso	POC详情
9	A CVE-2016-5195 exploit example.	https://github.com/gbonacini/CVE-2016-5195	POC详情
10	Universal Android root tool based on CVE-2016-5195. Watch this space.	https://github.com/DavidBuchanan314/cowroot	POC详情
11	Scan vuls kernel CVE-2016-5195 - DirtyCow	https://github.com/aishee/scan-dirtycow	POC详情
12	None	https://github.com/oleg-fiksel/ansible_CVE-2016-5195_check	POC详情
13	Recent Linux privilege escalation exploit	https://github.com/ldenevi/CVE-2016-5195	POC详情
14	这里保留着部分脏牛漏洞的利用代码	https://github.com/whu-enjoy/CVE-2016-5195	POC详情
15	Dirty Cow exploit - CVE-2016-5195	https://github.com/firefart/dirtycow	POC详情
16	Inspec profile for detecting CVE-2016-5195 aka Dirty COW	https://github.com/ndobson/inspec_CVE-2016-5195	POC详情
17	None	https://github.com/linhlt247/DirtyCOW_CVE-2016-5195	POC详情
18	None	https://github.com/sribaba/android-CVE-2016-5195	POC详情
19	Android APK Based On Public Information Using DirtyCOW CVE-2016-5195 Exploit	https://github.com/esc0rtd3w/org.cowpoop.moooooo	POC详情
20	CVE-2016-5195 (Dirty COW) PoC for Android 6.0.1 Marshmallow	https://github.com/hyln9/VIKIROOT	POC详情
21	CVE-2016-5195 dirtycow by timwr automated multi file patch tool	https://github.com/droidvoider/dirtycow-replacer	POC详情
22	os experiment 4 CVE-2016-5195	https://github.com/FloridSleeves/os-experiment-4	POC详情
23	Ready to use, weaponized dirtycow (CVE-2016-5195)	https://github.com/arbll/dirtycow	POC详情
24	Dirty COW (CVE-2016-5195) Testing	https://github.com/titanhp/Dirty-COW-CVE-2016-5195-Testing	POC详情
25	None	https://github.com/acidburnmi/CVE-2016-5195-master	POC详情
26	Example exploit for CVE-2016-5195	https://github.com/xpcmdshell/derpyc0w	POC详情
27	编译好的脏牛漏洞（CVE-2016-5195）EXP	https://github.com/Brucetg/DirtyCow-EXP	POC详情
28	Linux 本地提权漏洞	https://github.com/jas502n/CVE-2016-5195	POC详情
29	脏牛Linux本地提权漏洞复现(CVE-2016-5195)	https://github.com/imust6226/dirtcow	POC详情
30	Exploit the dirtycow vulnerability to login as root	https://github.com/zakariamaaraki/Dirty-COW-CVE-2016-5195-	POC详情
31	None	https://github.com/shanuka-ashen/Dirty-Cow-Explanation-CVE-2016-5195-	POC详情
32	This is a Dirty Cow (CVE-2016-5195) privilege escalation vulnerability exploit	https://github.com/dulanjaya23/Dirty-Cow-CVE-2016-5195-	POC详情
33	Dirtycow also is known as CVE-2016-5195	https://github.com/KaviDk/dirtyCow	POC详情
34	DirtyCOW Exploit for Android	https://github.com/DanielEbert/CVE-2016-5195	POC详情
35	my personal POC of CVE-2016-5195(dirtyCOW)	https://github.com/arttnba3/CVE-2016-5195	POC详情
36	None	https://github.com/KasunPriyashan/Y2S1-Project-Linux-Exploitaion-using-CVE-2016-5195-Vulnerability	POC详情
37	An exploit script of CVE-2016-5195	https://github.com/th3-5had0w/DirtyCOW-PoC	POC详情
38	PoC for Dirty COW (CVE-2016-5195)	https://github.com/vinspiert/scumjrs	POC详情
39	Dirty Cow CVE-2016-5195 Vulnerability	https://github.com/gurpreetsinghsaluja/dirtycow	POC详情
40	Ported golang version of dirtycow.c	https://github.com/TotallyNotAHaxxer/CVE-2016-5195	POC详情
41	PoC for Dirty COW (CVE-2016-5195)	https://github.com/passionchenjianyegmail8/scumjrs	POC详情
42	The Repository contains documents that explains the explotation of CVE-2016-5195	https://github.com/malinthag62/The-exploitation-of-Dirty-Cow-CVE-2016-5195	POC详情
43	PoC for Dirty COW (CVE-2016-5195)	https://github.com/1equeneRise/scumjr9	POC详情
44	Dirty Cow exploit - CVE-2016-5195	https://github.com/flux10n/dirtycow	POC详情
45	None	https://github.com/fei9747/CVE-2016-5195	POC详情
46	Below code takes advantage of a known vulnerability [Dirty COW (CVE-2016-5195)] 🔥	https://github.com/LinuxKernelContent/DirtyCow	POC详情
47	None	https://github.com/NguyenCongHaiNam/Research-CVE-2016-5195	POC详情
48	None	https://github.com/EDLLT/CVE-2016-5195-master	POC详情
49	More specific : Dirty COW (CVE-2016-5195)	https://github.com/sakilahamed/Linux-Kernel-Exploit-LAB	POC详情
50	DirtyCOW 笔记	https://github.com/ASUKA39/CVE-2016-5195	POC详情
51	None	https://github.com/B1ackCat/cve-2016-5195-DirtyCOW	POC详情
52	DirtyCow root privilege escalation (CVE-2016-5195)	https://github.com/talsim/root-dirtyc0w	POC详情
53	None	https://github.com/ZhiQiAnSecFork/DirtyCOW_CVE-2016-5195	POC详情
54	None	https://github.com/h1n4mx0/Research-CVE-2016-5195	POC详情

三、漏洞 CVE-2016-5195 的情报信息

https://bto.bluecoat.com/security-advisory/sa134 x_refsource_CONFIRM
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05352241 x_refsource_CONFIRM
http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html x_refsource_CONFIRM
https://dirtycow.ninja x_refsource_MISC
https://source.android.com/security/bulletin/2016-12-01.html x_refsource_CONFIRM
https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbgn03761en_us x_refsource_CONFIRM
https://bugzilla.suse.com/show_bug.cgi?id=1004418 x_refsource_CONFIRM
https://people.canonical.com/~ubuntu-security/cve/2016/CVE-2016-5195.html x_refsource_CONFIRM
https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbgn03722en_us x_refsource_CONFIRM
https://security.netapp.com/advisory/ntap-20161025-0001/ x_refsource_CONFIRM
https://security-tracker.debian.org/tracker/CVE-2016-5195 x_refsource_CONFIRM
https://github.com/dirtycow/dirtycow.github.io/wiki/PoCs x_refsource_MISC
https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbgn03742en_us x_refsource_CONFIRM
https://github.com/torvalds/linux/commit/19be0eaffa3ac7d8eb6784ad9bdbc7d67ed8e619 x_refsource_CONFIRM
https://help.ecostruxureit.com/display/public/UADCO8x/StruxureWare+Data+Center+Operation+Software+Vulnerability+Fixes x_refsource_CONFIRM
https://github.com/dirtycow/dirtycow.github.io/wiki/VulnerabilityDetails x_refsource_MISC
https://bugzilla.redhat.com/show_bug.cgi?id=1384344 x_refsource_CONFIRM
https://access.redhat.com/security/vulnerabilities/2706661 x_refsource_CONFIRM
http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=19be0eaffa3ac7d8eb6784ad9bdbc7d67ed8e619 x_refsource_CONFIRM
https://access.redhat.com/security/cve/cve-2016-5195 x_refsource_CONFIRM
https://source.android.com/security/bulletin/2016-11-01.html x_refsource_CONFIRM
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05347541 x_refsource_CONFIRM
http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.8.3 x_refsource_CONFIRM
https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbgn03707en_us x_refsource_CONFIRM
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05341463 x_refsource_CONFIRM
https://kc.mcafee.com/corporate/index?page=content&id=SB10176 x_refsource_CONFIRM
http://packetstormsecurity.com/files/139277/Kernel-Live-Patch-Security-Notice-LSN-0012-1.html x_refsource_MISC
http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20161207-01-dirtycow-en x_refsource_CONFIRM
http://packetstormsecurity.com/files/142151/Kernel-Live-Patch-Security-Notice-LSN-0021-1.html x_refsource_MISC
https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-c05352241 x_refsource_CONFIRM
http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10770 x_refsource_CONFIRM
https://kc.mcafee.com/corporate/index?page=content&id=SB10177 x_refsource_CONFIRM
http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10774 x_refsource_CONFIRM
http://packetstormsecurity.com/files/139923/Linux-Kernel-Dirty-COW-PTRACE_POKEDATA-Privilege-Escalation.html x_refsource_MISC
http://fortiguard.com/advisory/FG-IR-16-063 x_refsource_CONFIRM
http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10807 x_refsource_CONFIRM
http://packetstormsecurity.com/files/139922/Linux-Kernel-Dirty-COW-PTRACE_POKEDATA-Privilege-Escalation.html x_refsource_MISC
http://packetstormsecurity.com/files/139286/DirtyCow-Linux-Kernel-Race-Condition.html x_refsource_MISC
https://kc.mcafee.com/corporate/index?page=content&id=SB10222 x_refsource_CONFIRM
http://packetstormsecurity.com/files/139287/DirtyCow-Local-Root-Proof-Of-Concept.html x_refsource_MISC
https://security.paloaltonetworks.com/CVE-2016-5195 x_refsource_CONFIRM
https://www.arista.com/en/support/advisories-notices/security-advisories/1753-security-advisory-0026 x_refsource_MISC
https://www.exploit-db.com/exploits/40616/ exploit x_refsource_EXPLOIT-DB
https://www.exploit-db.com/exploits/40839/ exploit x_refsource_EXPLOIT-DB
https://www.exploit-db.com/exploits/40847/ exploit x_refsource_EXPLOIT-DB
http://www.securityfocus.com/bid/93793 vdb-entry x_refsource_BID
https://www.exploit-db.com/exploits/40611/ exploit x_refsource_EXPLOIT-DB
http://www.securitytracker.com/id/1037078 vdb-entry x_refsource_SECTRACK
http://www.debian.org/security/2016/dsa-3696 vendor-advisory x_refsource_DEBIAN
https://www.kb.cert.org/vuls/id/243144 third-party-advisory x_refsource_CERT-VN
http://www.ubuntu.com/usn/USN-3106-2 vendor-advisory x_refsource_UBUNTU
http://www.ubuntu.com/usn/USN-3106-3 vendor-advisory x_refsource_UBUNTU
http://www.ubuntu.com/usn/USN-3105-2 vendor-advisory x_refsource_UBUNTU
http://www.ubuntu.com/usn/USN-3107-1 vendor-advisory x_refsource_UBUNTU
http://www.ubuntu.com/usn/USN-3107-2 vendor-advisory x_refsource_UBUNTU
http://www.ubuntu.com/usn/USN-3106-1 vendor-advisory x_refsource_UBUNTU
http://www.ubuntu.com/usn/USN-3106-4 vendor-advisory x_refsource_UBUNTU
http://www.ubuntu.com/usn/USN-3104-2 vendor-advisory x_refsource_UBUNTU
http://www.ubuntu.com/usn/USN-3105-1 vendor-advisory x_refsource_UBUNTU
http://www.ubuntu.com/usn/USN-3104-1 vendor-advisory x_refsource_UBUNTU
http://rhn.redhat.com/errata/RHSA-2016-2107.html vendor-advisory x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2017:0372 vendor-advisory x_refsource_REDHAT
http://rhn.redhat.com/errata/RHSA-2016-2118.html vendor-advisory x_refsource_REDHAT
http://rhn.redhat.com/errata/RHSA-2016-2128.html vendor-advisory x_refsource_REDHAT
http://rhn.redhat.com/errata/RHSA-2016-2120.html vendor-advisory x_refsource_REDHAT
http://rhn.redhat.com/errata/RHSA-2016-2133.html vendor-advisory x_refsource_REDHAT
http://rhn.redhat.com/errata/RHSA-2016-2098.html vendor-advisory x_refsource_REDHAT
http://rhn.redhat.com/errata/RHSA-2016-2127.html vendor-advisory x_refsource_REDHAT
http://rhn.redhat.com/errata/RHSA-2016-2106.html vendor-advisory x_refsource_REDHAT
http://rhn.redhat.com/errata/RHSA-2016-2124.html vendor-advisory x_refsource_REDHAT
http://rhn.redhat.com/errata/RHSA-2016-2105.html vendor-advisory x_refsource_REDHAT
http://rhn.redhat.com/errata/RHSA-2016-2126.html vendor-advisory x_refsource_REDHAT
http://rhn.redhat.com/errata/RHSA-2016-2132.html vendor-advisory x_refsource_REDHAT
http://rhn.redhat.com/errata/RHSA-2016-2110.html vendor-advisory x_refsource_REDHAT
http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00055.html vendor-advisory x_refsource_SUSE
http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00067.html vendor-advisory x_refsource_SUSE
http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00053.html vendor-advisory x_refsource_SUSE
http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00058.html vendor-advisory x_refsource_SUSE
http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00066.html vendor-advisory x_refsource_SUSE
http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00051.html vendor-advisory x_refsource_SUSE
http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00064.html vendor-advisory x_refsource_SUSE
http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00057.html vendor-advisory x_refsource_SUSE
http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00040.html vendor-advisory x_refsource_SUSE
http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00054.html vendor-advisory x_refsource_SUSE
http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00065.html vendor-advisory x_refsource_SUSE
http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00045.html vendor-advisory x_refsource_SUSE
http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00072.html vendor-advisory x_refsource_SUSE
http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00049.html vendor-advisory x_refsource_SUSE
http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00052.html vendor-advisory x_refsource_SUSE
http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00050.html vendor-advisory x_refsource_SUSE
http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00056.html vendor-advisory x_refsource_SUSE
http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00033.html vendor-advisory x_refsource_SUSE
http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00038.html vendor-advisory x_refsource_SUSE
http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00039.html vendor-advisory x_refsource_SUSE
http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00100.html vendor-advisory x_refsource_SUSE
http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00036.html vendor-advisory x_refsource_SUSE
http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00034.html vendor-advisory x_refsource_SUSE
http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00035.html vendor-advisory x_refsource_SUSE
http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00048.html vendor-advisory x_refsource_SUSE
http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00063.html vendor-advisory x_refsource_SUSE
http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00041.html vendor-advisory x_refsource_SUSE
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/W3APRVDVPDBXLH4DC5UKZVCR742MJIM3/ vendor-advisory x_refsource_FEDORA
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/E7M62SRP6CZLJ4ZXCRZKV4WPLQBSR7DT/ vendor-advisory x_refsource_FEDORA
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NWMDLBWMGZKFHMRJ7QUQVCERP5QHDB6W/ vendor-advisory x_refsource_FEDORA
http://www.openwall.com/lists/oss-security/2016/10/27/13 mailing-list x_refsource_MLIST
http://www.openwall.com/lists/oss-security/2016/10/30/1 mailing-list x_refsource_MLIST
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161026-linux vendor-advisory x_refsource_CISCO
http://www.securityfocus.com/archive/1/539611/100/0/threaded mailing-list x_refsource_BUGTRAQ
http://www.securityfocus.com/archive/1/archive/1/539611/100/0/threaded mailing-list x_refsource_BUGTRAQ
http://www.openwall.com/lists/oss-security/2022/03/07/1 mailing-list x_refsource_MLIST
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20181107-vcsd vendor-advisory x_refsource_CISCO
http://www.openwall.com/lists/oss-security/2016/10/21/1 mailing-list x_refsource_MLIST
http://www.openwall.com/lists/oss-security/2016/10/26/7 mailing-list x_refsource_MLIST
http://www.securityfocus.com/archive/1/540344/100/0/threaded mailing-list x_refsource_BUGTRAQ
http://www.openwall.com/lists/oss-security/2016/11/03/7 mailing-list x_refsource_MLIST
http://www.securityfocus.com/archive/1/archive/1/540344/100/0/threaded mailing-list x_refsource_BUGTRAQ
http://www.openwall.com/lists/oss-security/2022/08/08/1 mailing-list x_refsource_MLIST
http://www.openwall.com/lists/oss-security/2022/08/08/2 mailing-list x_refsource_MLIST
http://www.openwall.com/lists/oss-security/2022/08/08/7 mailing-list x_refsource_MLIST
http://www.openwall.com/lists/oss-security/2022/08/08/8 mailing-list x_refsource_MLIST
http://www.openwall.com/lists/oss-security/2022/08/09/4 mailing-list x_refsource_MLIST
http://www.openwall.com/lists/oss-security/2022/08/15/1 mailing-list x_refsource_MLIST
http://www.securityfocus.com/archive/1/archive/1/540252/100/0/threaded mailing-list x_refsource_BUGTRAQ
http://www.securityfocus.com/archive/1/540252/100/0/threaded mailing-list x_refsource_BUGTRAQ
http://www.securityfocus.com/archive/1/archive/1/540736/100/0/threaded mailing-list x_refsource_BUGTRAQ
http://www.securityfocus.com/archive/1/540736/100/0/threaded mailing-list x_refsource_BUGTRAQ
https://nvd.nist.gov/vuln/detail/CVE-2016-5195

一、 漏洞 CVE-2016-5195 基础信息

漏洞标题

漏洞描述信息

CVSS信息

漏洞类别

漏洞标题

漏洞描述信息

CVSS信息

漏洞类别

漏洞标题

漏洞描述信息

CVSS信息

漏洞类别

二、漏洞 CVE-2016-5195 的公开POC

三、漏洞 CVE-2016-5195 的情报信息

一、漏洞 CVE-2016-5195 基础信息