Vulnerability Details

Huawei Data Communication: Dirty COW Vulnerability in Huawei Products (huawei-sa-20161207-01-dirtycow)

Published: 2020-06-05 08:17:40
CVE Author: NIST National Vulnerability Database

CVSS Base Vector:
AV:L/AC:L/Au:N/C:C/I:C/A:C

Detection Type:
Remote Banner

Solution Type:
Vendor Patch

Summary:
In the morning of October 21th, 2016, a security researcher Phil Oester disclosed a local privilege escalation vulnerability in Linux kernel.

Technical Details:
In the morning of October 21th, 2016, a security researcher Phil Oester disclosed a local privilege escalation vulnerability in Linux kernel. A race condition was found in the way the Linux kernel's memory subsystem handled the copy-on-write (COW) breakage of private read-only memory mappings. An unprivileged local user could exploit this vulnerability to gain write access to otherwise read-only memory mappings and thus obtain the highest privileges on the system. (Vulnerability ID: HWPSIRT-2016-10050)This vulnerability has been assigned a Common Vulnerabilities and Exposures (CVE) ID: CVE-2016-5195.Huawei has released software updates to fix this vulnerability. This advisory is available in the linked references.

Impact:
An attacker can exploit this vulnerability to escalate the privilege levels to obtain administrator privilege.

Affected Versions:
5288 V3 versions V100R003C00 9032 versions V100R001C00 V100R001C00SPC101 V100R001C00SPC200 AC6605 versions V200R006C00 Agile Controller-Campus versions V100R002C00 V100R002C10 V100R002C10SPC400 V100R002C10SPC403 Austin versions V100R001C10B290 V100R001C10B680 V100R001C20B110 V100R001C30 V100R001C50 BH620 V2 versions V100R002C00 BH621 V2 versions V100R002C00 BH622 V2 versions V100R002C00 BH640 V2 versions V100R002C00 Balong GU versions V800R200C50B200 V800R200C55B200 Balong GUL versions V700R110C30 V700R110C31 V700R200C00 V700R220C30 V700R500C30 V700R500C31 CAM-L21 versions Versions earlier than C576B130 CH121 V3 versions V100R001C00 CH140 V3 versions V100R001C00 CH220 V3 versions V100R001C00 CH222 V3 versions V100R001C00 CH225 V3 versions V100R001C00 CH226 V3 versions V100R001C00 Carrier-eLog versions V200R003C10 Chicago versions V100R001C10 CloudOpera CSM versions SysTool(OSUpgrade)V200R016C10SPC100 SysTool(OSUpgrade)V200R016C10SPC100B021 V200R016C10SPC600 Dallas versions V100R001C10 E5573Cs-609 versions Versions earlier than TCPU-V200R001B328D01SP00C00 E5573s-320 versions TCPU-V200R001B180D11SP00C00 E5673s-609 versions Versions earlier than TCPU-V200R001B328D01SP00C00 E5771s-856 versions Versions earlier than TCPU-V200R001B329D07SP00C00 E5878s-32 versions TCPU-V200R001B280D01SP05C00 E6000 Chassis versions V100R001C00 Enterprise Service Solution EIDC versions V100R001C60 FusionCompute versions V100R003C10SPC600 V100R005C00 V100R005C10 V100R005C10U1_B1075917 FusionCube versions V100R002C60RC1 FusionManager versions V100R003C00 V100R003C10 V100R005C00 V100R005C00SPC100 V100R005C00SPC200 V100R005C00SPC300 V100R005C10 V100R005C10SPC300 V100R005C10SPC500 V100R005C10SPC700 V100R005C10SPC703 V100R005C10SPC720T V100R005C10U1_B1075133 V100R005C10U2 FusionStorage Block versions V100R003C00 V100R003C02 V100R003C30 FusionStorage Object versions V100R002C00 V100R002C01 HiDPTAndroid versions V200R001C00 V300R001C00 HiSTBAndroid versions V600R003C00SPC010 Huawei solutions for SAP HANA versions V100R001C00 IPC6122-D versions V100R001C10 IPC6611-Z30-I versions V100R001C00 KII-L21 versions C10B130CUSTC10D003 C185B130CUSTC185D002 C185B140CUSTC185D004 C636B310CUSTC636D001 OTA-C02B131CUSTC02D002 OTA-C185B140CUSTC185D004 OTA-C185B310CUSTC185D004 OTA-C636B140CUSTC636D004 OTA-C636B310CUSTC636D001 OTA-C636B320CUSTC636D001 Versions earlier than C02B140CUSTC02D001 Versions earlier than C10B150CUSTC10D003 Versions earlier than C185B321CUSTC185D001 Versions earlier than C464B140 Versions earlier than C629B140CUSTC629D001 Versions earlier than C636B160CUSTC636D001 Versions earlier than C636B160CUSTC636D001 Versions earlier than C636B160CUSTC636D001 Versions earlier than C636B330CUSTC636D002 Versions earlier than C900B130 Versions earlier than C96B140CUSTC96D004 L2800 versions V100R001C00SPC200 LogCenter versions V100R001C10 NEM-AL10 versions Versions earlier than C00B355 NMO-L22 versions Versions earlier than C569B150 OTA- versions KII-L21C636B150CUSTC636D005 OceanStor 18500 versions V100R001C10 OceanStor 18500 V3 versions V300R003C10 OceanStor 18800 V3 versions V300R003C00 OceanStor 5600 V3 versions V300R003C00 V300R003C10 OceanStor Backup Software versions V100R002C00 V100R002C00LHWS01_P385795 V100R002C00SPC200 V200R001C00 V200R001C00SPC200 OceanStor CSE versions V100R001C01SPC103 V100R001C01SPC106 V100R001C01SPC109 V100R001C01SPC112 V100R002C00LSFM01CP0001 V100R002C00LSFM01SPC101 V100R002C00LSFM01SPC102 V100R002C00LSFM01SPC106 OceanStor HDP3500E versions V100R002C00 V100R003C00 OceanStor HVS85T versions V100R001C00 V100R001C10 V100R001C30 OceanStor HVS88T versions V100R001C00 OceanStor N8500 versions V200R001C09 V200R001C91 V200R001C91SPC900 OceanStor Onebox versions V100R003C10 OceanStor ReplicationDirector versions V200R001C00 Onebox Solution versions V100R005C00 V1R5C00RC2 RH1288 V2 versions V100R002C00 RH1288 V3 versions V100R003C00 RH1288A V2 versions V100R002C00 RH2285 V2 versions V100R002C00 RH2285H V2 versions V100R002C00 RH2288 V2 versions V100R002C00 RH2288 V3 versions V100R003C00 RH2288A V2 versions V100R002C00 RH2288E V2 versions V100R002C00 RH2288H V2 versions V100R002C00 RH2288H V3 versions V100R003C00 RH2485 V2 versions V100R002C00 RH5885 V3 versions V100R003C01 V100R003C10 RH5885H V3 versions V100R003C00 V100R003C10 RH8100 V3 versions V100R003C00 V1300N versions V100R002C02 VCM versions V100R001C00 V100R001C10 V100R001C20 VIE-L29 versions Versions earlier than C185B384 Versions earlier than C605B370 X6000 versions V100R002C00 X6800 versions V100R003C00 eCloud CC versions V100R001C01LSHU01 eLog versions V200R003C10 V200R003C20 eOMC910 versions V100R003C00 eSight versions V300R003C20 V300R005C00SPC200 eSight Network versions V300R006C00 V300R007C00 eSpace 8950 versions V200R003C00 eSpace IPC versions V100R001C21 V200R001C01 V200R001C02 eSpace VCN3000 versions V100R001C01 V100R002C00 V100R002C10 V100R002C20 inCloud Eye versions V200R001C21 V200R001C30 inCloud Payment versions V200R001C30 inCloud Shield versions V200R001C30

Recommendations:
See the referenced vendor advisory for a solution.

Detection Method:
Checks if a vulnerable version is present on the target host.

NIST (National Institute of Standards and Technology) NVD (National Vulnerability Database)

https://nvd.nist.gov/vuln/detail/CVE-2016-5195

References:

https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20161207-01-dirtycow-en

Severity
High
CVSS Score
7.2
Published
2020-06-05
Modified
2020-06-08
Category
Huawei

Free Vulnerability Scanning, Assessment and Management

Mageni's Platform is packed with all the features you need to scan, assess and manage vulnerabilities like this - it is free, open source, lightning fast, reliable and scalable.

Router
Servers
Laptop
Database
Group
Cloud

Frequently Asked Questions

No, you can scan concurrently as many assets as you want. Please note that you must be aware of the hardware requeriments of the platform to ensure a good performance.

No, you can add as many assest as you want. It doesn't matters if you have millions of assets, we won't charge you for that.

No. The software is completely free. We have no intention to charge you to use the software, in fact - it completely goes against our beliefs and business model.

A vulnerability is defined in the ISO 27002 standard as “A weakness of an asset or group of assets that can be exploited by one or more threats” (International Organization for Standardization, 2005)

We generate revenue by providing support and other services for customers that require a subscription so they get guaranteed support and enterprise services. To use Mageni's Platform is completely free, with no limits at all.

Yes. Mageni understands that there are professionals and businesses that need commercial support so Mageni provides an active support subscription with everything needed to run Mageni's Platform reliably and securely. More than software, it's access to security experts, knowledge resources, security updates, and support tools you can't get anywhere else. The subscription includes:

  • Ongoing delivery
    • Patches
    • Bug fixes
    • Updates
    • Upgrades
  • Technical support
    • 24/7 availability
    • Unlimited Incidents
    • Specialty-based routing
    • Multi-Channel
  • Commitments
    • Software certifications
    • Software assurance
    • SLA

No, we don't store the information of your vulnerabilities in our servers.

Vulnerability management is the process in which vulnerabilities in IT are identified and the risks of these vulnerabilities are evaluated. This evaluation leads to correcting the vulnerabilities and removing the risk or a formal risk acceptance by the management of an organization. The term vulnerability management is often confused with vulnerability scanning. Despite the fact both are related, there is an important difference between the two. Vulnerability scanning consists of using a computer program to identify vulnerabilities in networks, computer infrastructure or applications. Vulnerability management is the process surrounding vulnerability scanning, also taking into account other aspects such as risk acceptance, remediation etc. Source: "Implementing a Vulnerability Management Process". SANS Institute.

I am ready to start scanning for vulnerabilities