Executive Summary

Summary
TitleVMware product updates address local privilege escalation vulnerability in Linux kernel
Informations
NameVMSA-2016-0018First vendor Publication2016-11-09
VendorVMwareLast vendor Modification2016-11-22
Severity (Vendor) N/ARevision3

Security-Database Scoring CVSS v2

Cvss vector : (AV:L/AC:L/Au:N/C:C/I:C/A:C)
Cvss Base Score7.2Attack RangeLocal
Cvss Impact Score10Attack ComplexityLow
Cvss Expoit Score3.9AuthenticationNone Required
Calculate full CVSS 2.0 Vectors scores

Detail

Local privilege escalation vulnerability in Linux kernel

The Linux kernel which ships with the base operating system of VMware Appliances contains a race condition in the way its memory subsystem handles copy-on-write (aka "Dirty COW†). Successful exploitation of the vulnerability may allow for local privilege escalation. The product lines listed in this advisory have been confirmed to be affected.

VMware product lines that are not affected are documented in VMware Knowledge Base article 2147515.

The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the identifier CVE-2016-5195 to this issue.

Column 5 of the following table lists the action required to remediate the vulnerability in each release, if a solution is available.

Original Source

Url : http://www.vmware.com/security/advisories/VMSA-2016-0018.html

CWE : Common Weakness Enumeration

%idName
100 %CWE-362Race Condition

CPE : Common Platform Enumeration

TypeDescriptionCount
Os1
Os2
Os2
Os2164
Os3
Os3
Os3
Os2
Os1

SAINT Exploits

DescriptionLink
Linux Dirty COW Local File OverwriteMore info here

Snort® IPS/IDS

DateDescription
2016-11-30Linux kernel madvise race condition attempt
RuleID : 40566 - Revision : 1 - Type : OS-LINUX
2016-11-30Linux kernel madvise race condition attempt
RuleID : 40565 - Revision : 1 - Type : OS-LINUX
2016-11-30Linux kernel madvise race condition attempt
RuleID : 40564 - Revision : 1 - Type : OS-LINUX
2016-11-30Linux kernel madvise race condition attempt
RuleID : 40563 - Revision : 1 - Type : OS-LINUX
2016-11-30Linux kernel madvise race condition attempt
RuleID : 40562 - Revision : 1 - Type : OS-LINUX
2016-11-30Linux kernel madvise race condition attempt
RuleID : 40561 - Revision : 1 - Type : OS-LINUX
2016-11-30Linux kernel madvise race condition attempt
RuleID : 40560 - Revision : 1 - Type : OS-LINUX
2016-11-30Linux kernel madvise race condition attempt
RuleID : 40543 - Revision : 1 - Type : OS-LINUX
2016-11-30Linux kernel madvise race condition attempt
RuleID : 40542 - Revision : 1 - Type : OS-LINUX

Nessus® Vulnerability Scanner

DateDescription
2017-05-02Name : The remote EulerOS host is missing multiple security updates.
File : EulerOS_SA-2016-1051.nasl - Type : ACT_GATHER_INFO
2017-04-03Name : The remote OracleVM host is missing one or more security updates.
File : oraclevm_OVMSA-2017-0057.nasl - Type : ACT_GATHER_INFO
2017-02-22Name : The remote device is missing a vendor-supplied security patch.
File : f5_bigip_SOL10558632.nasl - Type : ACT_GATHER_INFO
2016-11-17Name : The remote OracleVM host is missing one or more security updates.
File : oraclevm_OVMSA-2016-0158.nasl - Type : ACT_GATHER_INFO
2016-11-15Name : The remote Fedora host is missing a security update.
File : fedora_2016-c8a0c7eece.nasl - Type : ACT_GATHER_INFO
2016-11-02Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2016-2132.nasl - Type : ACT_GATHER_INFO
2016-11-02Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2016-2133.nasl - Type : ACT_GATHER_INFO
2016-11-01Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2016-2126.nasl - Type : ACT_GATHER_INFO
2016-11-01Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2016-2127.nasl - Type : ACT_GATHER_INFO
2016-11-01Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2016-2128.nasl - Type : ACT_GATHER_INFO
2016-10-31Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2016-2124.nasl - Type : ACT_GATHER_INFO
2016-10-31Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2016-2124.nasl - Type : ACT_GATHER_INFO
2016-10-31Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2016-2124.nasl - Type : ACT_GATHER_INFO
2016-10-31Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20161028_kernel_on_SL5_x.nasl - Type : ACT_GATHER_INFO
2016-10-28Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2016-2120.nasl - Type : ACT_GATHER_INFO
2016-10-27Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2016-2105.nasl - Type : ACT_GATHER_INFO
2016-10-27Name : The remote openSUSE host is missing a security update.
File : openSUSE-2016-1227.nasl - Type : ACT_GATHER_INFO
2016-10-27Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2016-2105.nasl - Type : ACT_GATHER_INFO
2016-10-27Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2016-2106.nasl - Type : ACT_GATHER_INFO
2016-10-27Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2016-2107.nasl - Type : ACT_GATHER_INFO
2016-10-27Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2016-2110.nasl - Type : ACT_GATHER_INFO
2016-10-27Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2016-2118.nasl - Type : ACT_GATHER_INFO
2016-10-27Name : The remote SUSE host is missing one or more security updates.
File : suse_SU-2016-2655-1.nasl - Type : ACT_GATHER_INFO
2016-10-27Name : The remote SUSE host is missing one or more security updates.
File : suse_SU-2016-2657-1.nasl - Type : ACT_GATHER_INFO
2016-10-27Name : The remote SUSE host is missing one or more security updates.
File : suse_SU-2016-2658-1.nasl - Type : ACT_GATHER_INFO
2016-10-27Name : The remote SUSE host is missing one or more security updates.
File : suse_SU-2016-2659-1.nasl - Type : ACT_GATHER_INFO
2016-10-26Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2016-2098.nasl - Type : ACT_GATHER_INFO
2016-10-26Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2016-2105.nasl - Type : ACT_GATHER_INFO
2016-10-26Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20161025_Important__kernel_on_SL6_x.nasl - Type : ACT_GATHER_INFO
2016-10-26Name : The remote SUSE host is missing one or more security updates.
File : suse_SU-2016-2585-1.nasl - Type : ACT_GATHER_INFO
2016-10-26Name : The remote SUSE host is missing one or more security updates.
File : suse_SU-2016-2592-1.nasl - Type : ACT_GATHER_INFO
2016-10-26Name : The remote SUSE host is missing one or more security updates.
File : suse_SU-2016-2593-1.nasl - Type : ACT_GATHER_INFO
2016-10-26Name : The remote SUSE host is missing one or more security updates.
File : suse_SU-2016-2596-1.nasl - Type : ACT_GATHER_INFO
2016-10-26Name : The remote SUSE host is missing one or more security updates.
File : suse_SU-2016-2614-1.nasl - Type : ACT_GATHER_INFO
2016-10-26Name : The remote SUSE host is missing one or more security updates.
File : suse_SU-2016-2632-1.nasl - Type : ACT_GATHER_INFO
2016-10-26Name : The remote SUSE host is missing one or more security updates.
File : suse_SU-2016-2633-1.nasl - Type : ACT_GATHER_INFO
2016-10-26Name : The remote SUSE host is missing one or more security updates.
File : suse_SU-2016-2636-1.nasl - Type : ACT_GATHER_INFO
2016-10-25Name : The remote openSUSE host is missing a security update.
File : openSUSE-2016-1211.nasl - Type : ACT_GATHER_INFO
2016-10-25Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2016-2098.nasl - Type : ACT_GATHER_INFO
2016-10-25Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20161024_kernel_on_SL7_x.nasl - Type : ACT_GATHER_INFO
2016-10-25Name : The remote Ubuntu host is missing a security-related patch.
File : ubuntu_USN-3107-2.nasl - Type : ACT_GATHER_INFO
2016-10-24Name : The remote Fedora host is missing a security update.
File : fedora_2016-c3558808cd.nasl - Type : ACT_GATHER_INFO
2016-10-24Name : The remote Fedora host is missing a security update.
File : fedora_2016-db4b75b352.nasl - Type : ACT_GATHER_INFO
2016-10-24Name : The remote openSUSE host is missing a security update.
File : openSUSE-2016-1212.nasl - Type : ACT_GATHER_INFO
2016-10-24Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2016-3632.nasl - Type : ACT_GATHER_INFO
2016-10-24Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2016-3633.nasl - Type : ACT_GATHER_INFO
2016-10-24Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2016-3634.nasl - Type : ACT_GATHER_INFO
2016-10-24Name : The remote OracleVM host is missing one or more security updates.
File : oraclevm_OVMSA-2016-0149.nasl - Type : ACT_GATHER_INFO
2016-10-24Name : The remote OracleVM host is missing one or more security updates.
File : oraclevm_OVMSA-2016-0150.nasl - Type : ACT_GATHER_INFO
2016-10-24Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2016-2098.nasl - Type : ACT_GATHER_INFO
2016-10-21Name : The remote Amazon Linux AMI host is missing a security update.
File : ala_ALAS-2016-757.nasl - Type : ACT_GATHER_INFO
2016-10-20Name : The remote Debian host is missing a security update.
File : debian_DLA-670.nasl - Type : ACT_GATHER_INFO
2016-10-20Name : The remote Debian host is missing a security-related update.
File : debian_DSA-3696.nasl - Type : ACT_GATHER_INFO
2016-10-20Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-3104-1.nasl - Type : ACT_GATHER_INFO
2016-10-20Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-3105-1.nasl - Type : ACT_GATHER_INFO
2016-10-20Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-3105-2.nasl - Type : ACT_GATHER_INFO
2016-10-20Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-3106-1.nasl - Type : ACT_GATHER_INFO
2016-10-20Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-3106-2.nasl - Type : ACT_GATHER_INFO
2016-10-20Name : The remote Ubuntu host is missing a security-related patch.
File : ubuntu_USN-3106-3.nasl - Type : ACT_GATHER_INFO
2016-10-20Name : The remote Ubuntu host is missing a security-related patch.
File : ubuntu_USN-3106-4.nasl - Type : ACT_GATHER_INFO
2016-10-20Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-3107-1.nasl - Type : ACT_GATHER_INFO

Alert History

If you want to see full details history, please login or register.
0
1
2
DateInformations
2016-11-22 21:21:18
  • Multiple Updates
2016-11-18 00:23:39
  • Multiple Updates
2016-11-16 09:23:24
  • First insertion