CVE-2016-5195 PoC — Linux kernel 竞争条件问题漏洞

Source

https://github.com/istenrot/centos-dirty-cow-ansible

Associated Vulnerability

Title:Linux kernel 竞争条件问题漏洞 (CVE-2016-5195)
Description:Linux kernel是美国Linux基金会的开源操作系统Linux所使用的内核。 Linux kernel 2.x至4.8.3之前的4.x版本中的mm/gup.c文件存在竞争条件问题漏洞，该漏洞源于程序没有正确处理copy-on-write(COW)功能写入只读内存映射。本地攻击者可利用该漏洞获取权限。

Description

Ansible playbook to mitigate CVE-2016-5195 on CentOS

Readme

# Ansible CVE-2016-5195 mitigation playbook
Ansible playbook to mitigate CVE-2016-5195 on CentOS/Scientific Linux with SystemTap.

Automating this mitigation recipe found on Red Hat Bugzilla:
[https://bugzilla.redhat.com/show_bug.cgi?id=1384344#c13](https://bugzilla.redhat.com/show_bug.cgi?id=1384344#c13)

This playbook install Kernel debuginfo packages and SystemTap. Then it will generate a SystemTap module and runs it in the background. If you reboot the server you'll need to re-run this playbook to restore the mitigation.

## Disclaimer

I'm not a kernel security expert, nor a SystemTap expert. I've not verified effectiveness of this vulnerability mitigation recipe. I give no guarantees of any kind. This playbook may break your server and cause data loss for you.

## Author

Ilari Stenroth

Twitter: @istenrot

File Snapshot


 [4.0K]  /data/pocs/de37ef5ac5c8fde5dbf1047c5f7d3b6a2668e5c3
├── [1.5K]  deploy.yml
├── [4.0K]  files
│   └── [ 292]  CVE-2016-5195.stp
├── [1.0K]  LICENSE
└── [ 825]  README.md

1 directory, 4 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!