This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy

Security Advisory - Dirty COW Vulnerability in Huawei Products

  • SA No:huawei-sa-20161207-01-dirtycow
  • Initial Release Date: Dec 07, 2016
  • Last Release Date: Jun 24, 2020

In the morning of October 21th, 2016, a security researcher Phil Oester disclosed a local privilege escalation vulnerability in Linux kernel.

A race condition was found in the way the Linux kernel's memory subsystem handled the copy-on-write (COW) breakage of private read-only memory mappings. An unprivileged local user could exploit this vulnerability to gain write access to otherwise read-only memory mappings and thus obtain the highest privileges on the system. (Vulnerability ID: HWPSIRT-2016-10050)

This vulnerability has been assigned a Common Vulnerabilities and Exposures (CVE) ID: CVE-2016-5195.

Huawei has released software updates to fix this vulnerability. This advisory is available at the following link:

http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20161207-01-dirtycow-en

Product Name

Affected Version

Resolved Product and Version

5288 V3

5288 V3 V100R003C00

5288 V3 V100R003C00SPC702

V100R003C00

V100R003C00SPC702

9032

V100R001C00

V100R001C00SPC205

V100R001C00SPC101

V100R001C00SPC200

Agile Controller-Campus

V100R002C00

Upgrade to V100R002C10SPC405

V100R002C10

V100R002C10SPC405

V100R002C10SPC400

V100R002C10SPC403

AR3200
V200R007C00
 V200R008C20SPC700
V200R008C20
V200R006C16
V200R006C15
V200R006C10
V200R006C13
V200R006C12

Austin

V100R001C10B290

V100R001C10B750SPC007

V100R001C10B680

V100R001C20B110

V100R001C20B210SPC005

V100R001C30

V100R001C30B256

V100R001C50

V100R001C50B090

BH620 V2

V100R002C00

V100R002C00SPC206

BH621 V2

V100R002C00

V100R002C00SPC403

BH622 V2

V100R002C00

V100R002C00SPC403

BH640 V2

V100R002C00

V100R002C00SPC403

Balong GU

V800R200C50B200

Upgrade to V800R200C52B300SPC005

V800R200C55B200

V800R200C55B355SPC001

Balong GUL

V700R110C30

V700R110C30B323

V700R110C31

V700R200C00

V700R200C00B317

V700R220C30

V700R220C30B233

V700R500C30

V700R500C30B325

V700R500C31

V700R500C31B187

CH121 V3

V100R001C00

V100R001C00SPC205

CH140 V3

V100R001C00

V100R001C00SPC126

CH220 V3

V100R001C00

V100R001C00SPC203

CH222 V3

V100R001C00

V100R001C00SPC205

CH225 V3

V100R001C00

V100R001C00SPC103

CH226 V3

V100R001C00

V100R001C00SPC125

Carrier-eLog

V200R003C10

Upgrade to elog V2R5C00SPC200

Chicago

V100R001C10

V100R001C10B505

Dallas

V100R001C10

V100R001C10B290SPC005

E5573s-320

E5573s-320TCPU-V200R001B180D11SP00C00

E5573s E5573s-320TCPU-V200R001B323D05SP00C00

E5878s-32

E5878s-32TCPU-V200R001B280D01SP05C00

E5878s E5878s-32TCPU-V200R001B316D15SP00C00

E6000 Chassis  V100R001C00  V100R001C00SPC601

Enterprise Service Solution EIDC

V100R001C60

V100R001C60LHBM31

FusionCompute

V100R003C10SPC600

Upgrade to V100R006C10RC1

V100R005C00

V100R005C10

V100R005C10U1_B1075917

 

FusionCube

V100R002C02  

V100R002C60SPC100

V100R002C60RC1

FusionManager

V100R003C00

Upgrade to V100R006C00

V100R003C10

V100R005C00

V100R005C00SPC100

V100R005C00SPC200

V100R005C00SPC300

V100R005C10

V100R005C10SPC300

V100R005C10SPC500

V100R005C10SPC700

V100R005C10SPC703

V100R005C10SPC720T

V100R005C10U1_B1075133

V100R005C10U2

FusionStorage Block

V100R003C00

Upgrade to V100R003C30U2SPC001

V100R003C02

V100R003C30

V100R003C30U2SPC001

FusionStorage Object

V100R002C00

Upgrade to V1R2C01LHWS02U1SPC1

V100R002C01

HiDPTAndroid

V200R001C00

Upgrade to V200R001SPC122

V300R001C00

Upgrade to V300R001C01SPC050

HiSTBAndroid

HiSTBAndroidV600R003C00SPC010

HiSTBAndroidV600R003C00SPC020

Huawei solutions for SAP HANA

V100R001C00

Upgrade to V100R001C01SPC104

KII-L21

KII-L21C02B131CUSTC02D002

KII-L21C02B140CUSTC02D001

KII-L21C10B130CUSTC10D003

KII-L21C10B150CUSTC10D003

KII-L21C10B140CUSTC10D004

KII-L21C185B130CUSTC185D002

KII-21 KII-21C185B150CUSTC185D001

KII-L21C185B140CUSTC185D004

KII-L21C185B310CUSTC185D004

KII-L21C185B321CUSTC185D001

KII-L21C464B130

KII-L21C464B140

KII-L21C629B130CUSTC629D004

KII-L21C629B140CUSTC629D001

KII-L21C636B130CUSTC636D002

KII-L21C636B160CUSTC636D001

KII-L21C636B140CUSTC636D004

KII-L21C636B150CUSTC636D005

KII-L21C636B310CUSTC636D001

KII-L21C636B330CUSTC636D002

KII-L21C636B320CUSTC636D001

KII-L21C900B122

KII-L21C900B130

KII-L21C96B130

KII-L21C96B140CUSTC96D004

OTA-KII-L21C02B131CUSTC02D002

OTA-KII-L21C02B140CUSTC02D001

OTA-KII-L21C185B140CUSTC185D004

OTA-KII-L21C185B150CUSTC185D001

OTA-KII-L21C185B310CUSTC185D004

KII-L21C185B321CUSTC185D001

OTA-KII-L21C636B140CUSTC636D004

OTA-KII-L21C636B160CUSTC636D001

OTA-KII-L21C636B310CUSTC636D001

KII-L21C636B330CUSTC636D002

OTA-KII-L21C636B320CUSTC636D001

OTA-KII-L21C636B330CUSTC636D002

 L2800 V100R001C00SPC200  V100R001C00SPC301

LogCenter

V100R001C10

Upgrade to V100R001C20

OTA-

KII-L21C636B150CUSTC636D005

OTA-KII-L21 C636B160CUSTC636D001

OceanStor Backup Software

V100R002C00

Upgrade to OceanStor BCManager V200R001C00SPC201B016

V100R002C00LHWS01_P385795

V100R002C00SPC200

V200R001C00

OceanStor BCManager V200R001C00SPC201B016

V200R001C00SPC200

OceanStor CSE

V100R001C01SPC103

Upgrade to V100R002C00LSFM01SPC109

V100R001C01SPC106

V100R001C01SPC109

V100R001C01SPC112

V100R002C00LSFM01CP0001

V100R002C00LSFM01SPC109

V100R002C00LSFM01SPC101

V100R002C00LSFM01SPC102

V100R002C00LSFM01SPC106

OceanStor HDP3500E

V100R002C00

Upgrade to HDP3500E V100R003C00SPC505

V100R003C00

HDP3500E V100R003C00SPC505

OceanStor 18500/18800/18800F/HVS85T/HVS88T

V100R001C00

Upgrade to V100R001C30SPC201

V100R001C10

V100R001C30

V100R001C30SPC201

 OceanStor 9000 V100R001C01 V300R005C00SPC170
V100R001C30
V300R005C00
 OceanStor 9000E
V100R002C00 V300R005C00SPC170
V100R002C19
 OceanStor 9000S
V100R002C00 V300R006C00SPC200
V100R002C19

OceanStor N8500

V200R001C09

OceanStor BCManager V200R001C00SPC201

V200R001C91

V200R001C91SPC900

OceanStor Onebox

V100R003C10

OceanStor CSE V100R002C00LSFM01SPC109

OceanStor ReplicationDirector

V200R001C00

OceanStor BCManager V200R001C00SPC201B013

Onebox Solution

V100R005C00

OceanStor CSE V100R002C00LSFM01SPC109

V1R5C00RC2

RH1288 V2

V100R002C00

V100R002C00SPC611

RH1288 V3

V100R003C00

V100R003C00SPC622

RH1288A V2

V100R002C00

V100R002C00SPC716

RH2285 V2

V100R002C00

V100R002C00SPC505

RH2285H V2

V100R002C00

V100R002C00SPC606

RH2288 V2

V100R002C00

V100R002C00SPC606

RH2288 V3

V100R003C00

V100R003C00SPC622

RH2288A V2

V100R002C00

V100R002C00SPC716

RH2288E V2

V100R002C00

V100R002C00SPC300

RH2288H V2

V100R002C00

V100R002C00SPC710

RH2288H V3

V100R003C00

V100R003C00SPC530

RH2485 V2

V100R002C00

V100R002C00SPC700

RH5885 V3

V100R003C01

V100R003C01SPC119

V100R003C10

V100R003C10SPC109

RH5885H V3

V100R003C00

V100R003C00SPC206

V100R003C10

V100R003C10SPC105

RH8100 V3

V100R003C00

V100R003C00SPC213

X6000

V100R002C00

Upgrade to

XH621 V2 V100R001C00SPC300     XH310 V2 V100R001C00SPC301    XH311 V2 V100R001C00SPC301    XH320 V2 V100R001C00SPC300  XH321 V2 V100R002C00SPC503  XH310 V3 V100R003C00SPC600

X6800

V100R003C00

XH620 V3 V100R003C00SPC615

eCloud CC

V100R001C01LSHU01

V100R001C01LPAT14

V100R001C30

Upgrade to V100R002C02

V100R001C31

eLog

V200R003C10

Upgrade to elog V2R5C00SPC200

V200R003C20

eOMC910

V100R003C00

eOMC910_TD V100R003C00SPC200

eSight

V300R003C20

V300R003C20CP0062

V300R005C00SPC200

eSight Network

V300R006C00

V300R006C00SPC501

V300R007C00

V300R007C00SPC100

eSpace 8950

V200R003C00

V200R003C00SPCf00

inCloud Eye

V200R001C21

Upgrade to V200R001C30U1

V200R001C30

Digital inCloud platform V200R001C30

inCloud Payment

V200R001C30

Digital inCloud platform V200R001C30

inCloud Shield

V200R001C30

Digital inCloud platform V200R001C30



An attacker can exploit this vulnerability to escalate the privilege levels to obtain administrator privilege.

The vulnerability classification has been performed by using the CVSSv3 scoring system (http://www.first.org/cvss/specification-document).

Base Score: 7.8 (AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)

Temporal Score: 7.2 (E:F/RL:O/RC:C)

1.This vulnerability can be exploited only when the following conditions are present:

Local low level user access to the device

2.Vulnerability details:

Please refer to this link:

https://github.com/dirtycow/dirtycow.github.io/wiki/VulnerabilityDetails

Customers should contact Huawei TAC (Huawei Technical Assistance Center) to request the upgrades. For TAC contact information, please refer to Huawei worldwide website at http://www.huawei.com/en/psirt/report-vulnerabilities.

This vulnerability was discovered by Phil Oester.

2020-06-24 V1.5 UPDATED Updated the "Software Versions and Fixes" section
2017-05-31 V1.4 UPDATED Updated the "Software Versions and Fixes" section

2017-02-22 V1.3 UPDATED Updated the "Software Versions and Fixes" section
2017-01-18 V1.2 UPDATED Updated the "Software Versions and Fixes" section
2016-12-21 V1.1 UPDATED Updated the "Software Versions and Fixes" section
2016-12-07 V1.0 INITIAL

Huawei adheres to protecting the ultimate interests of users with best efforts and the principle of responsible disclosure and deal with product security issues through our response mechanism.

To enjoy Huawei PSIRT services and obtain Huawei product vulnerability information, please visit http://www.huawei.com/en/psirt.

To report a security vulnerability in Huawei products and solutions, please send it to PSIRT@huawei.com. For details, please visit http://www.huawei.com/en/psirt/report-vulnerabilities.

This document is provided on an "AS IS" basis and does not imply any kind of guarantee or warranty, either express or implied, including the warranties of merchantability or fitness for a particular purpose. In no event shall Huawei or any of its directly or indirectly controlled subsidiaries or its suppliers be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages. Your use of the document, by whatsoever means, will be totally at your own risk. Huawei is entitled to amend or update this document from time to time.