CVE Database · CVE-2016-5195
CVSS v3.1
7.0
EPSS
83.91%
Published
Nov 10, 2016
Modified
Apr 21, 2026
CISA Known Exploited Vulnerability
Added: 2022-03-03 · Due: 2022-03-24
Apply updates per vendor instructions.
Public PoC / Exploit (14)
All weaponized →Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.
Description
Race condition in mm/gup.c in the Linux kernel 2.x through 4.x before 4.8.3 allows local users to gain privileges by leveraging incorrect handling of a copy-on-write (COW) feature to write to a read-only memory mapping, as exploited in the wild in October 2016, aka "Dirty COW."
CVSS Vector
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:HWeaknesses (CWE)
Affected Products (41)
References (20)