CVE DATABASE / CVE-2016-5195
CVE-2016-5195
Linux Kernel Race Condition Vulnerability
CVSS 7 · HIGH
⚠ CISA KEV — ACTIVELY EXPLOITED
On the CISA KEV catalog
Confirmed exploited in the wild. Added 2022-03-03.
Federal remediation due 2022-03-24.
Required action: Apply updates per vendor instructions.
Summary
Race condition in mm/gup.c in the Linux kernel 2.x through 4.x before 4.8.3 allows local users to gain privileges by leveraging incorrect handling of a copy-on-write (COW) feature to write to a read-only memory mapping, as exploited in the wild in October 2016, aka "Dirty COW."
CVSS 3.1 breakdown
| Base score | 7 (HIGH) |
| Vector | CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H |
| Attack vector | LOCAL |
| Attack complexity | HIGH |
| Privileges required | LOW |
| User interaction | NONE |
| Scope | UNCHANGED |
| Confidentiality | HIGH |
| Integrity | HIGH |
| Availability | HIGH |
Weakness type (CWE)
Affected products
Canonical ubuntu linuxLinux linux kernelRedhat enterprise linuxRedhat enterprise linux ausRedhat enterprise linux eusRedhat enterprise linux long lifeRedhat enterprise linux tusDebian debian linuxFedoraproject fedoraPaloaltonetworks pan-osNetapp cloud backupNetapp hci storage nodesNetapp oncommand balanceNetapp oncommand performance managerNetapp oncommand unified manager for clustered data ontapNetapp ontap select deploy administration utilityNetapp snapprotectNetapp solidfire
Check this CVE live
Use our free CVE Lookup tool for the latest NVD record, or browse the full CISA KEV catalog.
Our coverage
- Dirty Frag: Public Root Exploit Hits All Major Linux Distros, Partial Patch Only
- Dirty Frag: CVE-2026-43284 and CVE-2026-43500 Grant Root Access Across All Major Linux Distros
References
- http://fortiguard.com/advisory/FG-IR-16-063
- http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=19be0eaffa3ac7d8eb6784ad9bdbc7d67ed8e619
- http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10770
- http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10774
- http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10807
- http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00034.html
- http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00035.html
- http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00036.html
- http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00038.html
- http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00039.html
- http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00040.html
- http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00045.html
- http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00048.html
- http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00049.html
- http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00050.html
Data: NIST NVD + CISA KEV. NVD last modified 2026-04-21. Always verify against the vendor advisory before acting.