Kernel Local Privilege Escalation (Dirty COW) vulnerability in Filr (CVE-2016-5195)

  • 7018287
  • 17-Nov-2016
  • 12-Dec-2017

Environment

Micro Focus Filr 3.0
Novell Filr 2.0

Situation

A race condition was found in the way the Linux kernel's memory subsystem handles the copy-on-write (COW) breakage of private read-only memory mappings.

An unprivileged local user could use this flaw to gain write access to otherwise read-only files and thus increase their privileges on the system.

Resolution

A fix for this issue was released on December 13, 2016 as Filr 3.0 Security Update 1 for Filr 3.0 and Filr 2.0 Security Update 3 for Filr 2.0, both available via the Novell Patch Finder. However, because the patch was not released via the Filr 3 Online Update channel you may have missed applying this patch to your Filr 3.0 deployment. The same fix is now available via the Filr 3 Online Update channel as Filr 3.0 Security Update 2. If your Filr deployment is not patched with the Filr 3.0 Security Update 1, you will see the Filr 3.0 Security Update 2 appear in the Online Update > Needed patches list. If your Filr deployment is already patched with the Filr 3.0 Security Update 1, no action is needed and the Filr 3.0 Security Update 2 will appear in the Online Update > Installed patches list.

With the update installed, the kernel version will be updated to 3.0.101-84.1. If you're running Filr 1.2 or older, please upgrade to the Filr 3.0 Security Update 2.

Additional Information

CVE-2016-5195

Further information can be found here.