What is CVE-2016-5195?

CVE-2016-5195 is a High severity Linux kernel vulnerability with a CVSS score of 7.0 out of 10, classified as a Race Condition flaw (CWE-362). CVE-2016-5195 is listed in the CISA Known Exploited Vulnerabilities (KEV) catalog, confirming active exploitation in the wild.

What is the CVSS score for CVE-2016-5195?

CVE-2016-5195 has a CVSS score of 7.0 out of 10, rated High severity. The vector string is CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H.

Is there a patch available for CVE-2016-5195?

No patch is currently available for CVE-2016-5195. Monitor the NIST NVD and your Linux distribution's security advisories for updates.

Is CVE-2016-5195 actively exploited?

Yes — CVE-2016-5195 is listed in the CISA Known Exploited Vulnerabilities (KEV) catalog, confirming active exploitation in the wild with a CVSS score of 7.0 (High severity).

What is Race Condition (CWE-362)?

The product contains a code sequence that can run concurrently with other code, creating unexpected states. See MITRE CWE for full details: https://cwe.mitre.org/data/definitions/362.html

CVE-2016-5195

High KEV — Actively Exploited

Race condition in mm/gup.c in the Linux kernel 2.x through 4.x before 4.8.3 allows local users to gain privileges by leveraging incorrect handling of a copy-on-write (COW) feature to write to a read-only memory mapping, as exploited in the wild in October 2016, aka "Dirty COW."

Package Linux Kernel

Published 2016-11-10

Last modified 2026-04-21

CVSS version 3.1

Patch available

Awaiting data

CVSS 3.1 score

7.0

out of 10

High

Attack Vector

Local

Attack Complexity

High

Privileges Required

Low

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

High

Vector string

CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

Weakness type

CWE-362

CVE-2016-5195 is a Race Condition vulnerability

What is Race Condition?

The product contains a code sequence that can run concurrently with other code, creating unexpected states. Learn more on MITRE CWE

References

The following references provide additional information about CVE-2016-5195 including vendor advisories, patch commits, exploit details, and third-party analysis. Links are sourced from the NIST NVD database.

Fortiguard
http://fortiguard.com/advisory/FG-IR-16-063

Third Party Advisory
Kb
http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10770

Third Party Advisory
Kb
http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10774

Third Party Advisory
Kb
http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10807

Third Party Advisory
Lists
http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00034.html

Mailing List
Lists
http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00035.html

Mailing List
Lists
http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00036.html

Mailing List
Lists
http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00038.html

Mailing List
Lists
http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00039.html

Mailing List
Lists
http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00040.html

Mailing List
Lists
http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00045.html

Mailing List
Lists
http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00048.html

Mailing List
Lists
http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00049.html

Mailing List
Lists
http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00050.html

Mailing List
Lists
http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00051.html

Mailing List
Lists
http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00052.html

Mailing List
Lists
http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00053.html

Mailing List
Lists
http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00054.html

Mailing List
Lists
http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00055.html

Mailing List
Lists
http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00056.html

Mailing List
Lists
http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00057.html

Mailing List
Lists
http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00058.html

Mailing List
Lists
http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00063.html

Mailing List
Lists
http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00064.html

Mailing List
Lists
http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00065.html

Mailing List
Lists
http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00066.html

Mailing List
Lists
http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00067.html

Mailing List
Lists
http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00072.html

Mailing List
Lists
http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00033.html

Mailing List
Lists
http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00100.html

Mailing List
Lists
http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00041.html

Third Party Advisory
Packet Storm
http://packetstormsecurity.com/files/139277/Kernel-Live-Patch-Security-Notice-LSN-0012-1.html

Exploit Third Party Advisory VDB Entry
Packet Storm
http://packetstormsecurity.com/files/139286/DirtyCow-Linux-Kernel-Race-Condition.html

Exploit Third Party Advisory VDB Entry
Packet Storm
http://packetstormsecurity.com/files/139287/DirtyCow-Local-Root-Proof-Of-Concept.html

Exploit Third Party Advisory VDB Entry
Packet Storm
http://packetstormsecurity.com/files/139922/Linux-Kernel-Dirty-COW-PTRACE_POKEDATA-Privilege-Escalation.html

Exploit Third Party Advisory VDB Entry
Packet Storm
http://packetstormsecurity.com/files/139923/Linux-Kernel-Dirty-COW-PTRACE_POKEDATA-Privilege-Escalation.html

Exploit Third Party Advisory VDB Entry
Packet Storm
http://packetstormsecurity.com/files/142151/Kernel-Live-Patch-Security-Notice-LSN-0021-1.html

Third Party Advisory VDB Entry
Red Hat
http://rhn.redhat.com/errata/RHSA-2016-2098.html

Third Party Advisory
Red Hat
http://rhn.redhat.com/errata/RHSA-2016-2105.html

Third Party Advisory
Red Hat
http://rhn.redhat.com/errata/RHSA-2016-2106.html

Third Party Advisory
Red Hat
http://rhn.redhat.com/errata/RHSA-2016-2107.html

Third Party Advisory
Red Hat
http://rhn.redhat.com/errata/RHSA-2016-2110.html

Third Party Advisory
Red Hat
http://rhn.redhat.com/errata/RHSA-2016-2118.html

Third Party Advisory
Red Hat
http://rhn.redhat.com/errata/RHSA-2016-2120.html

Third Party Advisory
Red Hat
http://rhn.redhat.com/errata/RHSA-2016-2124.html

Third Party Advisory
Red Hat
http://rhn.redhat.com/errata/RHSA-2016-2126.html

Third Party Advisory
Red Hat
http://rhn.redhat.com/errata/RHSA-2016-2127.html

Third Party Advisory
Red Hat
http://rhn.redhat.com/errata/RHSA-2016-2128.html

Third Party Advisory
Red Hat
http://rhn.redhat.com/errata/RHSA-2016-2132.html

Third Party Advisory
Red Hat
http://rhn.redhat.com/errata/RHSA-2016-2133.html

Third Party Advisory
Tools
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161026-linux

Third Party Advisory
Debian Security
http://www.debian.org/security/2016/dsa-3696

Third Party Advisory
Huawei
http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20161207-01-dirtycow-en

Third Party Advisory
Kernel.org
http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.8.3

Release Notes
Openwall
http://www.openwall.com/lists/oss-security/2016/10/21/1

Mailing List Third Party Advisory
Openwall
http://www.openwall.com/lists/oss-security/2016/10/26/7

Mailing List Third Party Advisory
Openwall
http://www.openwall.com/lists/oss-security/2016/10/27/13

Mailing List Third Party Advisory
Openwall
http://www.openwall.com/lists/oss-security/2016/10/30/1

Mailing List Third Party Advisory
Openwall
http://www.openwall.com/lists/oss-security/2016/11/03/7

Mailing List Third Party Advisory
Openwall
http://www.openwall.com/lists/oss-security/2022/03/07/1

Mailing List Third Party Advisory
Openwall
http://www.openwall.com/lists/oss-security/2022/08/08/1

Mailing List Third Party Advisory
Openwall
http://www.openwall.com/lists/oss-security/2022/08/08/2

Mailing List Third Party Advisory
Openwall
http://www.openwall.com/lists/oss-security/2022/08/08/7

Mailing List Third Party Advisory
Openwall
http://www.openwall.com/lists/oss-security/2022/08/08/8

Mailing List Third Party Advisory
Openwall
http://www.openwall.com/lists/oss-security/2022/08/09/4

Mailing List Third Party Advisory
Openwall
http://www.openwall.com/lists/oss-security/2022/08/15/1

Mailing List Third Party Advisory
Securityfocus
http://www.securityfocus.com/archive/1/539611/100/0/threaded

Broken Link Third Party Advisory VDB Entry
Securityfocus
http://www.securityfocus.com/archive/1/540252/100/0/threaded

Broken Link Third Party Advisory VDB Entry
Securityfocus
http://www.securityfocus.com/archive/1/540344/100/0/threaded

Broken Link Third Party Advisory VDB Entry
Securityfocus
http://www.securityfocus.com/archive/1/540736/100/0/threaded

Broken Link Third Party Advisory VDB Entry
Securityfocus
http://www.securityfocus.com/archive/1/archive/1/539611/100/0/threaded

Broken Link Third Party Advisory VDB Entry
Securityfocus
http://www.securityfocus.com/archive/1/archive/1/540252/100/0/threaded

Broken Link Third Party Advisory VDB Entry
Securityfocus
http://www.securityfocus.com/archive/1/archive/1/540344/100/0/threaded

Broken Link Third Party Advisory VDB Entry
Securityfocus
http://www.securityfocus.com/archive/1/archive/1/540736/100/0/threaded

Broken Link Third Party Advisory VDB Entry
Securityfocus
http://www.securityfocus.com/bid/93793

Broken Link Third Party Advisory VDB Entry
Securitytracker
http://www.securitytracker.com/id/1037078

Broken Link Third Party Advisory VDB Entry
Ubuntu Security
http://www.ubuntu.com/usn/USN-3104-1

Third Party Advisory
Ubuntu Security
http://www.ubuntu.com/usn/USN-3104-2

Third Party Advisory
Ubuntu Security
http://www.ubuntu.com/usn/USN-3105-1

Third Party Advisory
Ubuntu Security
http://www.ubuntu.com/usn/USN-3105-2

Third Party Advisory
Ubuntu Security
http://www.ubuntu.com/usn/USN-3106-1

Third Party Advisory
Ubuntu Security
http://www.ubuntu.com/usn/USN-3106-2

Third Party Advisory
Ubuntu Security
http://www.ubuntu.com/usn/USN-3106-3

Third Party Advisory
Ubuntu Security
http://www.ubuntu.com/usn/USN-3106-4

Third Party Advisory
Ubuntu Security
http://www.ubuntu.com/usn/USN-3107-1

Third Party Advisory
Ubuntu Security
http://www.ubuntu.com/usn/USN-3107-2

Third Party Advisory
Red Hat
https://access.redhat.com/errata/RHSA-2017:0372

Broken Link Third Party Advisory
Red Hat
https://access.redhat.com/security/cve/cve-2016-5195

Third Party Advisory
Red Hat
https://access.redhat.com/security/vulnerabilities/2706661

Third Party Advisory
Bto
https://bto.bluecoat.com/security-advisory/sa134

Permissions Required Third Party Advisory
Red Hat
https://bugzilla.redhat.com/show_bug.cgi?id=1384344

Exploit Issue Tracking
SUSE
https://bugzilla.suse.com/show_bug.cgi?id=1004418

Issue Tracking
Dirtycow
https://dirtycow.ninja

Third Party Advisory
GitHub
https://github.com/dirtycow/dirtycow.github.io/wiki/PoCs

Third Party Advisory
GitHub
https://github.com/dirtycow/dirtycow.github.io/wiki/VulnerabilityDetails

Exploit Third Party Advisory
H20566
https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-c05352241

Third Party Advisory
H20566
https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbgn03707en_us

Third Party Advisory
H20566
https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbgn03722en_us

Third Party Advisory
H20566
https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbgn03742en_us

Third Party Advisory
H20566
https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbgn03761en_us

Third Party Advisory
H20566
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05341463

Third Party Advisory
H20566
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05347541

Third Party Advisory
H20566
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05352241

Third Party Advisory
Help
https://help.ecostruxureit.com/display/public/UADCO8x/StruxureWare+Data+Center+Operation+Software+Vulnerability+Fixes

Broken Link Third Party Advisory
Kc
https://kc.mcafee.com/corporate/index?page=content&id=SB10176

Broken Link Third Party Advisory
Kc
https://kc.mcafee.com/corporate/index?page=content&id=SB10177

Broken Link Third Party Advisory
Kc
https://kc.mcafee.com/corporate/index?page=content&id=SB10222

Broken Link Third Party Advisory
Lists
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/E7M62SRP6CZLJ4ZXCRZKV4WPLQBSR7DT/

Release Notes
Lists
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NWMDLBWMGZKFHMRJ7QUQVCERP5QHDB6W/

Release Notes
Lists
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/W3APRVDVPDBXLH4DC5UKZVCR742MJIM3/

Release Notes
People
https://people.canonical.com/~ubuntu-security/cve/2016/CVE-2016-5195.html

Third Party Advisory
Debian Security
https://security-tracker.debian.org/tracker/CVE-2016-5195

Issue Tracking Third Party Advisory
Security
https://security.netapp.com/advisory/ntap-20161025-0001/

Third Party Advisory
Security
https://security.paloaltonetworks.com/CVE-2016-5195

Third Party Advisory
Source
https://source.android.com/security/bulletin/2016-11-01.html

Third Party Advisory
Source
https://source.android.com/security/bulletin/2016-12-01.html

Third Party Advisory
Tools
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20181107-vcsd

Third Party Advisory
Arista
https://www.arista.com/en/support/advisories-notices/security-advisories/1753-security-advisory-0026

Third Party Advisory
Exploit-DB
https://www.exploit-db.com/exploits/40611/

Exploit Third Party Advisory VDB Entry
Exploit-DB
https://www.exploit-db.com/exploits/40616/

Exploit Third Party Advisory VDB Entry
Exploit-DB
https://www.exploit-db.com/exploits/40839/

Exploit Third Party Advisory VDB Entry
Exploit-DB
https://www.exploit-db.com/exploits/40847/

Third Party Advisory VDB Entry
Kb
https://www.kb.cert.org/vuls/id/243144

Third Party Advisory US Government Resource
Seclists
http://seclists.org/fulldisclosure/2024/Aug/35

Mailing List Third Party Advisory
CISA
https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2016-5195

US Government Resource
Kernel patch commit
http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=19be0eaffa3ac7d8eb6784ad9bdbc7d67ed8e619
Patch
Kernel patch commit
http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html
Patch
Kernel patch commit
https://github.com/torvalds/linux/commit/19be0eaffa3ac7d8eb6784ad9bdbc7d67ed8e619
Patch

Details

CVE ID CVE-2016-5195

Severity High

CVSS score 7.0 / 10

CVSS version 3.1

Published 2016-11-10

Modified 2026-04-21

KEV Yes

Patch Awaiting data

Package linux

Frequently asked questions

What is CVE-2016-5195?

CVE-2016-5195 is a High severity Linux kernel vulnerability with a CVSS score of 7.0 out of 10 , classified as a Race Condition flaw (CWE-362) . CVE-2016-5195 is listed in the CISA Known Exploited Vulnerabilities (KEV) catalog, confirming active exploitation in the wild.
What is the CVSS score for CVE-2016-5195?

CVE-2016-5195 has a CVSS score of 7.0 out of 10, rated High severity (CVSS 3.1). The vector string is CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H.
Is there a patch available for CVE-2016-5195?

No patch is currently available for CVE-2016-5195. Monitor the NIST NVD and your Linux distribution's security advisories for updates.
Is CVE-2016-5195 actively exploited?

Yes — CVE-2016-5195 is listed in the CISA Known Exploited Vulnerabilities (KEV) catalog, confirming active exploitation in the wild. It carries a CVSS score of 7.0 (High severity).
What is Race Condition (CWE-362)?

The product contains a code sequence that can run concurrently with other code, creating unexpected states. View CWE-362 on MITRE CWE →