Mitel Product Security Advisory 16-0019

CVE-2016-5195: Linux Kernel Privilege Escalation

Advisory ID: 16-0019
Publish Date: 2016-10-27
Revision: 1.3 (updated 2016-12-06)

Summary

Mitel has become aware of a Linux Kernel Privilege Escalation vulnerability associated with the Copy on Write function, which affects multiple Linux distributions and versions. This vulnerability, nicknamed “Dirty COW” has the following CVE ID assigned:

  • CVE-2016-5195

Detailed Description

As per Red Hat

"A race condition as found in the way the Linux kernel's memory subsystem handled the copy-on-write (COW) breakage of private read-only memory mappings. An unprivileged local user could use this flaw to gain write access to otherwise read-only memory mappings and thus increase their privileges on the system"

Affected Products

Security Bulletins are currently available for the following products:

Product Name Product Versions Security Bulletin Last Updated 
Mitel Standard Linux MSL 10.1.52.0 and earlier
MSL 10.3.41.0 and earlier
MSL 10.4.17.0 and earlier
MSL 10.5.14.0 and earlier 
16-0019-0012016-12-02
MiVoice MX-ONE  v6.0 – v6.2 16-0019-002  2016-12-02 
Clearspan RHEL 5, CentOS 6  16-0019-003  2016-12-02
MiVoice Office 400 Virtual Appliance V4.0 – 4.1 16-0019-004 2016-12-02 
Open Interface Platform Virtual
Appliance 
8.6.1.2 16-0019-005 2016-12-02 
MiVoice Office 250  Release 6.2 (incl. SP1) 16-0019-006 2016-12-02 
MiVoice Business for VMware Virtual
Appliance 
All 16-0019-007 2016-12-02 
MiVoice Business for Stratus  All versions running Red Hat
Linux 6.3  
16-0019-007  2016-12-02
MiVoice Business for Industry
Standard Server 
All 16-0019-007 2016-12-02 
MiVoice Business for Multi-instance
platform - Server Manager 
All 16-0019-007 2016-12-02 
MiVoice Border Gateway 8.1, 9.0 - 9.416-0019-0082016-12-02 
MiCollab Client v7.0 PR1 - v7.2.2 16-0019-009 2016-12-06 
Oria 4.0, 5.1-5.2 16-0019-010 2016-12-02 
NuPoint NPM 7 SP2 (17.2.0.3) -
NPM 8 (18.0.0.49) - (18.2.2.6 
16-0019-011 2016-12-06 
MiCollab AWVAWV 5.0 (5.0.5.7),
AWV 6.x (6.0.0.61) - (6.2.2.8) 
16-0019-012  2016-12-06
MiVoice 5000 Manager v2.4, v3.1 - 3.3 16-0019-013 2016-12-06 

This section will be updated as additional Security Bulletins are issued.

Products Not Affected

Products using the Windows Operating System are not affected.

Risk Assessment

Red Hat has assigned CVE-2016-5195 with a CVSS v2 Base Score of 6.9. This vulnerability requires local access to exploit, although general exploits for this vulnerability have been released which might allow for the exploitation of this vulnerability via unpatched web applications or other interfaces. At this time, Mitel has no knowledge of Mitel systems that have been compromised.

The risk associated with affected Mitel products will vary from product to product.

Mitigation / Recommended Action

This advisory will be updated to communicate remediation versions for affected products as identified.

The maintainers of various distributions are releasing kernel updates to address this vulnerability. Customers running Mitel Applications on their own operating systems are advised to contact the respective vendor to determine which updates should be applied.

Additional recommendations will be issued as Mitel continues its investigation.

External References

https://bugzilla.redhat.com/show_bug.cgi?id=1384344
https://dirtycow.ninja/

Related CVEs / CWEs / Advisories

CVE-2016-5195

Stay One Step Ahead Get notifications of the latest security advisories sent right to your inbox every week!