Linux Kernel – CVE-2016-5195

Advisory ID CVE Number Date discovered Severity Advisory revision
STORM-2016-006 CVE-2016-5195 11/04/2016 low v1

Vulnerability details

A race condition was found in the way the Linux kernel’s memory subsystem handled the copy-on-write (COW) breakage of private read-only memory mappings. An unprivileged, local user could use this flaw to gain write access to otherwise read-only memory mappings and thus increase their privileges on the system.

Products

ProductSeverityDetail
Stormshield Network Security low The SNCM product used to manage SNS ships a vulnerable linux kernel.
Stormshield Endpoint Security

None

SES doesn't use Linux Kernel
Stormshield Data Security

None

SDS doesn't use Linux Kernel
Fast360

None

Fast does not use a vulnerable version of the Linux Kernel
Netasq low The SNCM product used to manage SNS ships a vulnerable linux kernel.

Revisions

Version Date Description
v1  01/25/2017 Initial release

 



Stormshield Network Security

CVSS Overall Score: 1.9      

Analysis

Impacted version

Stormshield Network Centralized Manager (SNCM) is an administration tool used to manage SNS UTM.

SNCM runs on a vulnerable kernel version allowing a non root-user to gain privileges and execute arbitrary code. Such access allows an attacker to cause denial of services on all managed appliances by SNCM.

Please note that SNS appliances are not impacted by CVE-2016-5195.

  • SNCM 1.0.0 to 1.6.7

Workaround solution

Solution

There is no workaround solution.

The 1.6.8 update fixes this vulnerability.



Access vector Access complexity Authentication Confidentiality impact Integrity impact Availability impact
Local Low Single Complete Complete Complete
CVSS Base score: 6.8 CVSS Vector: (AV:L/AC:L/Au:S/C:C/I:C/A:C)
Exploitability Remediation Level Report Confidence
Functionnal exploits exists Official fix Confirmed
CVSS Temporal score: 5.6 CVSS Vector: (AV:L/AC:L/Au:S/C:C/I:C/A:C/E:F/RL:OF/RC:C)
Collateral Damage Potential Target Distribution
High Low [0-25%]
CVSS Environmental score: 1.9 CVSS Vector: (AV:L/AC:L/Au:S/C:C/I:C/A:C/E:F/RL:OF/RC:C/CDP:H/TD:L)


Netasq

CVSS Overall Score: 1.9      

Analysis

Impacted version

Stormshield Network Centralized Manager (SNCM) is an administration tool used to manage Netasq UTM.

SNCM runs on a vulnerable kernel version allowing a non root-user to gain privileges and execute arbitrary code. Such access allows an attacker to cause denial of services on all managed appliances by SNCM.

Please note that Netasq appliances are not impacted by CVE-2016-5195.

  • SNCM 1.0.0 to 1.6.7

Workaround solution

Solution

There is no workaround solution.

The 1.6.8 update fixes this vulnerability.



Access vector Access complexity Authentication Confidentiality impact Integrity impact Availability impact
Local Low Single Complete Complete Complete
CVSS Base score: 6.8 CVSS Vector: (AV:L/AC:L/Au:S/C:C/I:C/A:C)
Exploitability Remediation Level Report Confidence
Functionnal exploits exists Official fix Confirmed
CVSS Temporal score: 5.6 CVSS Vector: (AV:L/AC:L/Au:S/C:C/I:C/A:C/E:F/RL:OF/RC:C)
Collateral Damage Potential Target Distribution
High Low [0-25%]
CVSS Environmental score: 1.9 CVSS Vector: (AV:L/AC:L/Au:S/C:C/I:C/A:C/E:F/RL:OF/RC:C/CDP:H/TD:L)