Important Information Regarding Linux Kernel Vulnerability (CVE-2016-5195, a.k.a. Dirty CoW)

Publish Time: 2016-11-02 00:00:00 UTC+8

Last Updated: 2016-11-02 12:00:00 UTC+8

Severity: Important

Status: Resolved

Description

A long-existing Linux kernel vulnerability was revealed last week. The vulnerability contains a race condition found in the way Linux kernel handles copy-on-write mechanism, which may be exploited by unprivileged local users to increase their privileges.

Severity

Important

Update Availability

Synology will release DSM 6.0 update to address this issue in the coming weeks.

References

https://access.redhat.com/security/vulnerabilities/2706661
https://access.redhat.com/security/cve/CVE-2016-5195
http://dirtycow.ninja/
https://git.kernel.org/linus/19be0eaffa3ac7d8eb6784ad9bdbc7d67ed8e619