Mitel Product Security Advisory 16-0019
CVE-2016-5195: Linux Kernel Privilege Escalation
Advisory ID: 16-0019
Publish Date: 2016-10-27
Revision: 1.3 (updated 2016-12-06)
Summary
Mitel has become aware of a Linux Kernel Privilege Escalation vulnerability associated with the Copy on Write function, which affects multiple Linux distributions and versions. This vulnerability, nicknamed “Dirty COW” has the following CVE ID assigned:
- CVE-2016-5195
Detailed Description
As per Red Hat
"A race condition as found in the way the Linux kernel's memory subsystem handled the copy-on-write (COW) breakage of private read-only memory mappings. An unprivileged local user could use this flaw to gain write access to otherwise read-only memory mappings and thus increase their privileges on the system"
Affected Products
Security Bulletins are currently available for the following products:
| Product Name | Product Versions | Security Bulletin | Last Updated |
| Mitel Standard Linux | MSL 10.1.52.0 and earlier MSL 10.3.41.0 and earlier MSL 10.4.17.0 and earlier MSL 10.5.14.0 and earlier | 16-0019-001 | 2016-12-02 |
| MiVoice MX-ONE | v6.0 – v6.2 | 16-0019-002 | 2016-12-02 |
| Clearspan | RHEL 5, CentOS 6 | 16-0019-003 | 2016-12-02 |
| MiVoice Office 400 Virtual Appliance | V4.0 – 4.1 | 16-0019-004 | 2016-12-02 |
| Open Interface Platform Virtual Appliance | 8.6.1.2 | 16-0019-005 | 2016-12-02 |
| MiVoice Office 250 | Release 6.2 (incl. SP1) | 16-0019-006 | 2016-12-02 |
| MiVoice Business for VMware Virtual Appliance | All | 16-0019-007 | 2016-12-02 |
| MiVoice Business for Stratus | All versions running Red Hat Linux 6.3 | 16-0019-007 | 2016-12-02 |
| MiVoice Business for Industry Standard Server | All | 16-0019-007 | 2016-12-02 |
| MiVoice Business for Multi-instance platform - Server Manager | All | 16-0019-007 | 2016-12-02 |
| MiVoice Border Gateway | 8.1, 9.0 - 9.4 | 16-0019-008 | 2016-12-02 |
| MiCollab Client | v7.0 PR1 - v7.2.2 | 16-0019-009 | 2016-12-06 |
| Oria | 4.0, 5.1-5.2 | 16-0019-010 | 2016-12-02 |
| NuPoint | NPM 7 SP2 (17.2.0.3) - NPM 8 (18.0.0.49) - (18.2.2.6 | 16-0019-011 | 2016-12-06 |
| MiCollab AWV | AWV 5.0 (5.0.5.7), AWV 6.x (6.0.0.61) - (6.2.2.8) | 16-0019-012 | 2016-12-06 |
| MiVoice 5000 Manager | v2.4, v3.1 - 3.3 | 16-0019-013 | 2016-12-06 |
This section will be updated as additional Security Bulletins are issued.
Products Not Affected
Products using the Windows Operating System are not affected.
Risk Assessment
Red Hat has assigned CVE-2016-5195 with a CVSS v2 Base Score of 6.9. This vulnerability requires local access to exploit, although general exploits for this vulnerability have been released which might allow for the exploitation of this vulnerability via unpatched web applications or other interfaces. At this time, Mitel has no knowledge of Mitel systems that have been compromised.
The risk associated with affected Mitel products will vary from product to product.
Mitigation / Recommended Action
This advisory will be updated to communicate remediation versions for affected products as identified.
The maintainers of various distributions are releasing kernel updates to address this vulnerability. Customers running Mitel Applications on their own operating systems are advised to contact the respective vendor to determine which updates should be applied.
Additional recommendations will be issued as Mitel continues its investigation.
External References
https://bugzilla.redhat.com/show_bug.cgi?id=1384344
https://dirtycow.ninja/
Related CVEs / CWEs / Advisories
CVE-2016-5195