Security Advisory - Dirty COW Vulnerability in Huawei Products
- SA No:huawei-sa-20161207-01-dirtycow
- Initial Release Date: 2016-12-07
- Last Release Date: 2021-12-22
In the morning of October 21th, 2016, a security researcher Phil Oester disclosed a local privilege escalation vulnerability in Linux kernel.
A race condition was found in the way the Linux kernel's memory subsystem handled the copy-on-write (COW) breakage of private read-only memory mappings. An unprivileged local user could exploit this vulnerability to gain write access to otherwise read-only memory mappings and thus obtain the highest privileges on the system. (Vulnerability ID: HWPSIRT-2016-10050)
This vulnerability has been assigned a Common Vulnerabilities and Exposures (CVE) ID: CVE-2016-5195.
Huawei has released software updates to fix this vulnerability. This advisory is available at the following link:
http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20161207-01-dirtycow-en
|
产品名称 |
版本号 |
修复版本号 |
|
5288 V3 |
V100R003C00 |
V100R003C00SPC702 |
|
9032 |
V100R001C00 |
V100R001C00SPC205 |
|
V100R001C00SPC101 |
||
|
V100R001C00SPC200 |
||
|
AC6605 |
V200R006C00 |
v2r7c10 |
|
Agile Controller-Campus |
V100R002C00 |
V100R002C10SPC405 |
|
V100R002C10 |
||
|
V100R002C10SPC400 |
||
|
V100R002C10SPC403 |
||
|
Austin |
V100R001C10B290 |
V100R001C10B750SPC007 |
|
V100R001C10B680 |
||
|
V100R001C20B110 |
V100R001C20B210SPC005 |
|
|
V100R001C30 |
V100R001C30B256 |
|
|
V100R001C50 |
V100R001C50B090 |
|
|
BH620 V2 |
V100R002C00 |
V100R001C00SPC206 |
|
BH621 V2 |
V100R002C00 |
V100R002C00SPC403 |
|
BH622 V2 |
V100R002C00 |
V100R002C00SPC403 |
|
BH640 V2 |
V100R002C00 |
V100R002C00SPC403 |
|
Balong GU |
V800R200C50B200 |
V800R200C52B300SPC005 |
|
V800R200C55B200 |
V800R200C55B355SPC001 |
|
|
Balong GUL |
V700R110C30 |
V700R110C30B323 |
|
V700R110C31 |
||
|
V700R200C00 |
V700R200C00B317 |
|
|
V700R220C30 |
V700R220C30B233 |
|
|
V700R500C30 |
V700R500C30B325 |
|
|
V700R500C31 |
V700R500C31B187 |
|
|
CH121 V3 |
V100R001C00 |
V100R001C00SPC205 |
|
CH140 V3 |
V100R001C00 |
V100R001C00SPC126 |
|
CH220 V3 |
V100R001C00 |
V100R001C00SPC203 |
|
CH222 V3 |
V100R001C00 |
V100R001C00SPC205 |
|
CH225 V3 |
V100R001C00 |
V100R001C00SPC103 |
|
CH226 V3 |
V100R001C00 |
V100R001C00SPC125 |
|
Carrier-eLog |
V200R003C10 |
elog V2R5C00SPC200 |
|
Chicago |
V100R001C10 |
V100R001C10B505 |
|
CloudOpera CSM |
SysTool(OSUpgrade)V200R016C10SPC100 |
CSM CSMV200R17C10SPC100 |
|
SysTool(OSUpgrade)V200R016C10SPC100B021 |
||
|
V200R016C10SPC600 |
||
|
Dallas |
V100R001C10 |
V100R001C10B290SPC005 |
|
E5573 |
E5573s-320TCPU-V200R001B180D11SP00C00 |
E5573s-320TCPU-V200R001B323D05SP00C00 |
|
E5878s-32 |
E5878s-32TCPU-V200R001B280D01SP05C00 |
E5878s E5878s-32TCPU-V200R001B316D15SP00C00 |
|
E6000 Chassis |
V100R001C00 |
V100R001C00SPC601 |
|
Enterprise Service Solution EIDC |
V100R001C60 |
V100R001C60LHBM31 |
|
FusionCompute |
V100R003C10SPC600 |
V100R006C10RC1 |
|
V100R005C00 |
||
|
V100R005C10 |
||
|
V100R005C10U1_B1075917 |
||
|
FusionCube |
V100R002C60RC1 |
V100R002C60SPC100 |
|
FusionManager |
FusionManager V100R005C00 |
FusionManager V100R006C00 |
|
FusionManager V100R005C10 |
||
|
V100R003C00 |
V100R006C00 |
|
|
V100R003C10 |
||
|
V100R005C00 |
||
|
V100R005C00SPC100 |
||
|
V100R005C00SPC200 |
||
|
V100R005C00SPC300 |
||
|
V100R005C10 |
||
|
V100R005C10SPC300 |
||
|
V100R005C10SPC500 |
||
|
V100R005C10SPC700 |
||
|
V100R005C10SPC703 |
||
|
V100R005C10SPC720T |
||
|
V100R005C10U1_B1075133 |
||
|
V100R005C10U2 |
||
|
FusionSphere OpenStack |
V100R005C00 |
V100R006C00SPC101 |
|
V100R005C10 |
||
|
V100R005C10SPC500 |
||
|
V100R005C10SPC700 |
||
|
V100R005C10U20 |
||
|
V100R005C10U30 |
||
|
V100R006C00 |
||
|
V100R006C00RC1 |
||
|
FusionStorage Block |
V100R003C00 |
V100R003C30U2SPC001 |
|
V100R003C02 |
||
|
V100R003C30 |
||
|
FusionStorage Object |
V100R002C00 |
V1R2C01LHWS02U1SPC1 |
|
V100R002C01 |
||
|
HiDPTAndroid |
HiDPTAndroidV200R001C00 |
HiDPTAndroidV200R001SPC122 |
|
V300R001C00 |
HiDPTAndroidV300R001C01SPC050 |
|
|
HiSTBAndroid |
HiSTBAndroidV600R003C00SPC010 |
HiSTBAndroidV600R003C00SPC020 |
|
Huawei solutions for SAP HANA |
V100R001C00 |
V100R001C01SPC104 |
|
IPC6112-D |
V100R001C10 |
IPC Module V200R003C00SPC100 |
|
IPC6122-D |
V100R001C10 |
V100R001C10SPC306 |
|
IPC6611-Z30-I |
V100R001C00 |
V100R001C00SPC306 |
|
KII-L21 |
KII-L21C02B131CUSTC02D002 |
KII-L21C02B140CUSTC02D001 |
|
KII-L21C10B130CUSTC10D003 |
KII-L21C10B150CUSTC10D003 |
|
|
KII-L21C10B140CUSTC10D004 |
||
|
KII-L21C185B130CUSTC185D002 |
KII-21 KII-21C185B150CUSTC185D001 |
|
|
KII-L21C185B140CUSTC185D004 |
||
|
KII-L21C185B310CUSTC185D004 |
KII-L21C185B321CUSTC185D001 |
|
|
KII-L21C464B130 |
KII-L21C464B140 |
|
|
KII-L21C629B130CUSTC629D004 |
KII-L21C629B140CUSTC629D001 |
|
|
KII-L21C636B130CUSTC636D002 |
KII-L21C636B160CUSTC636D001 |
|
|
KII-L21C636B140CUSTC636D004 |
||
|
KII-L21C636B150CUSTC636D005 |
||
|
KII-L21C636B310CUSTC636D001 |
KII-L21C636B330CUSTC636D002 |
|
|
KII-L21C636B320CUSTC636D001 |
||
|
KII-L21C900B122 |
KII-L21C900B130 |
|
|
KII-L21C96B130 |
KII-L21C96B140CUSTC96D004 |
|
|
OTA-KII-L21C02B131CUSTC02D002 |
OTA-KII-L21C02B140CUSTC02D001 |
|
|
OTA-KII-L21C185B140CUSTC185D004 |
OTA-KII-L21C185B150CUSTC185D001 |
|
|
OTA-KII-L21C185B310CUSTC185D004 |
KII-L21C185B321CUSTC185D001 |
|
|
OTA-KII-L21C636B140CUSTC636D004 |
OTA-KII-L21C636B160CUSTC636D001 |
|
|
OTA-KII-L21C636B310CUSTC636D001 |
KII-L21C636B330CUSTC636D002 |
|
|
OTA-KII-L21C636B320CUSTC636D001 |
OTA-KII-L21C636B330CUSTC636D002 |
|
|
L2800 |
V100R001C00SPC200 |
V100R001C00SPC301 |
|
LogCenter |
V100R001C10 |
V1R1C20 |
|
OTA- |
KII-L21C636B150CUSTC636D005 |
OTA-KII-L21 OTA-KII-L21C636B160CUSTC636D001 |
|
OceanStor Backup Software |
V100R002C00 |
OceanStor BCManager V200R001C00SPC201B016 |
|
V100R002C00LHWS01_P385795 |
||
|
V100R002C00SPC200 |
||
|
V200R001C00 |
||
|
V200R001C00SPC200 |
||
|
OceanStor CSE |
V100R001C01SPC103 |
V100R002C00LSFM01SPC109 |
|
V100R001C01SPC106 |
||
|
V100R001C01SPC109 |
||
|
V100R001C01SPC112 |
||
|
V100R002C00LSFM01CP0001 |
||
|
V100R002C00LSFM01SPC101 |
||
|
V100R002C00LSFM01SPC102 |
||
|
V100R002C00LSFM01SPC106 |
||
|
OceanStor HDP3500E |
V100R002C00 |
HDP3500E V100R003C00SPC505 |
|
V100R003C00 |
||
|
OceanStor HVS85T |
V100R001C00 |
V100R001C30SPC201 |
|
V100R001C10 |
||
|
V100R001C30 |
||
|
OceanStor N8500 |
V200R001C09 |
OceanStor BCManager V200R001C00SPC201 |
|
V200R001C91 |
||
|
V200R001C91SPC900 |
||
|
OceanStor Onebox |
V100R003C10 |
OceanStor CSE V100R002C00LSFM01SPC109 |
|
OceanStor ReplicationDirector |
V200R001C00 |
OceanStor BCManager V200R001C00SPC201B013 |
|
Onebox Solution |
V100R005C00 |
OceanStor CSE V100R002C00LSFM01SPC109 |
|
V1R5C00RC2 |
||
|
RH1288 V2 |
V100R002C00 |
V100R002C00SPC611 |
|
RH1288 V3 |
V100R003C00 |
V100R003C00SPC622 |
|
RH1288A V2 |
V100R002C00 |
V100R002C00SPC716 |
|
RH2285 V2 |
V100R002C00 |
V100R002C00SPC505 |
|
RH2285H V2 |
V100R002C00 |
V100R002C00SPC606 |
|
RH2288 V2 |
V100R002C00 |
V100R002C00SPC606 |
|
RH2288 V3 |
V100R003C00 |
V100R003C00SPC622 |
|
RH2288A V2 |
V100R002C00 |
V100R002C00SPC716 |
|
RH2288E V2 |
V100R002C00 |
V100R002C00SPC300 |
|
RH2288H V2 |
V100R002C00 |
V100R002C00SPC710 |
|
RH2288H V3 |
V100R003C00 |
V100R003C00SPC530 |
|
RH2485 V2 |
V100R002C00 |
V100R002C00SPC700 |
|
RH5885 V3 |
V100R003C01 |
V100R003C01SPC119 |
|
V100R003C10 |
V100R003C10SPC109 |
|
|
RH5885H V3 |
V100R003C00 |
V100R003C00SPC206 |
|
V100R003C10 |
V100R003C10SPC105 |
|
|
RH8100 V3 |
V100R003C00 |
V100R003C00SPC213 |
|
SMU(02B) |
V300R002C10 |
SMU V500R002C20SPC961 |
|
V300R002C20 |
||
|
V300R003C00 |
||
|
V300R003C10 |
||
|
V300R003C91 |
||
|
V300R003C93 |
||
|
V500R001C00 |
||
|
V500R001C10 |
||
|
V500R001C20 |
||
|
SMU(02C) |
V500R001C20 |
SMU V500R003C00SPC031 |
|
V500R001C30 |
||
|
V500R001C50 |
||
|
V500R001C60 |
||
|
V500R002C00 |
||
|
V500R002C10 |
||
|
V500R002C20 |
||
|
V500R002C30 |
||
|
V500R002C50 |
||
|
SMU(02S) |
V500R001C50 |
SMU V500R003C00SPC031 |
|
V500R001C60 |
||
|
V500R002C00 |
||
|
V500R002C10 |
||
|
V500R002C20 |
||
|
V500R002C30 |
||
|
UPS2000 |
V100R001C00 |
V100R021C92SPC050 |
|
V100R001C10 |
||
|
V100R001C34 |
||
|
V100R002C02 |
||
|
V200R001C01 |
||
|
V200R001C31 |
||
|
UPS5000 |
V100R001C00 |
V100R003C01SPC408 |
|
V100R001C08 |
||
|
V100R001C10 |
||
|
V100R001C37 |
||
|
V100R001C39 |
||
|
V100R002C00 |
V100R003C01SPC410 |
|
|
V100R002C04 |
V100R003C01SPC408 |
|
|
V100R002C11 |
V100R003C01SPC410 |
|
|
V100R002C15 |
V100R003C01SPC408 |
|
|
V100R002C34 |
||
|
V100R002C41 |
V100R002C41SPC601 |
|
|
V100R003C00 |
V100R003C01SPC408 |
|
|
V100R003C01 |
||
|
V100R003C03 |
||
|
V300R001C90 |
||
|
V300R002C00 |
V100R002C41SPC601 |
|
|
V1300N |
V100R002C02 |
VCN3010 V100R002C50 |
|
VCM |
V100R001C00 |
VCM5010 V100R002C50 |
|
V100R001C10 |
||
|
V100R001C20 |
||
|
X6000 |
V100R002C00 |
XH621 V2 V100R001C00SPC300 XH310 V2 V100R001C00SPC301 XH311 V2 V100R001C00SPC301 XH320 V2 V100R001C00SPC300 XH321 V2 V100R002C00SPC503 XH310 V3 V100R003C00SPC600 |
|
X6800 |
V100R003C00 |
XH620 V3 V100R003C00SPC615 |
|
eA680-208 |
V100R001C00 |
V100R001C00SPC100 |
|
eCloud CC |
V100R001C01LSHU01 |
V100R001C01LPAT14 |
|
eLog |
V200R003C10 |
elog V2R5C00SPC200 |
|
V200R003C20 |
||
|
eOMC910 |
V100R003C00 |
eOMC910_TD V100R003C00SPC200 |
|
eSight |
V300R003C20 |
V300R003C20CP0062 |
|
V300R005C00SPC200 |
||
|
eSight Network |
V300R006C00 |
V300R006C00SPC501 |
|
V300R007C00 |
V300R007C00SPC100 |
|
|
eSpace 8950 |
V200R003C00 |
V200R003C00SPCf00 |
|
eSpace IPC |
V100R001C21 |
IPC6325-WD-VR V200R002C20SPC200 |
|
V200R001C01 |
||
|
V200R001C02 |
||
|
eSpace VCN3000 |
V100R001C01 |
VCN3010 V100R002C50 |
|
V100R002C00 |
||
|
V100R002C10 |
||
|
V100R002C20 |
||
|
iBattery |
iBattery_V276 |
iBattery_V297B014 included in UPS5000 V300R002C10SPC401 |
|
iBattery_V281 |
||
|
iBattery_V285 |
||
|
iBattery_V286 |
||
|
iBattery_V289 |
||
|
inCloud Eye |
V200R001C21 |
V2R1C30U1 |
|
ECC800 |
V100R001C10 |
ECC800 V100R002C00SPC200 |
|
V100R001C10SPC100 |
||
|
ECC500 |
V600R002C00 |
|
|
V600R002C00SPC200T |
||
|
V600R002C00SPC300 |
||
|
V600R002C00SPC300T |
An attacker can exploit this vulnerability to escalate the privilege levels to obtain administrator privilege.
The vulnerability classification has been performed by using the CVSSv3 scoring system (http://www.first.org/cvss/specification-document).
Base Score: 7.8 (AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)
Temporal Score: 7.2 (E:F/RL:O/RC:C)
1.This vulnerability can be exploited only when the following conditions are present:
Local low level user access to the device
2.Vulnerability details:
Please refer to this link:
https://github.com/dirtycow/dirtycow.github.io/wiki/VulnerabilityDetails
Customers should contact Huawei TAC (Huawei Technical Assistance Center) to request the upgrades. For TAC contact information, please refer to Huawei worldwide website at http://www.huawei.com/en/psirt/report-vulnerabilities.
This vulnerability was discovered by Phil Oester.
2021-12-22 V1.7 UPDATED Updated the "Software Versions and Fixes" section
2021-01-20 V1.6 UPDATED Updated the "Software Versions and Fixes" section
2020-06-24 V1.5 UPDATED Updated the "Software Versions and Fixes" section
2017-05-31 V1.4 UPDATED Updated the "Software Versions and Fixes" section
2017-02-22 V1.3 UPDATED Updated the "Software Versions and Fixes" section
2017-01-18 V1.2 UPDATED Updated the "Software Versions and Fixes" section
2016-12-21 V1.1 UPDATED Updated the "Software Versions and Fixes" section
2016-12-07 V1.0 INITIAL
None
Huawei adheres to protecting the ultimate interests of users with best efforts and the principle of responsible disclosure and deal with product security issues through our response mechanism.
To enjoy Huawei PSIRT services and obtain Huawei product vulnerability information, please visit http://www.huawei.com/en/psirt.
To report a security vulnerability in Huawei products and solutions, please send it to PSIRT@huawei.com. For details, please visit http://www.huawei.com/en/psirt/report-vulnerabilities.
