Does the "Dirty COW" vulnerability (CVE-2016-5195) affect the API Management suite of products, including API Gateway?

Document ID : KB000015393
Last Modified Date : 14/02/2018
Show Technical Document Details

CVE-2016-5195 is also known as "Dirty COW", and is a privilege escalation vulnerability in the Linux kernel.

Some key details from the "Dirty COW" website:

"CVE-2016-5195 is the official reference to this bug. CVE (Common Vulnerabilities and Exposures) is the Standard for Information Security Vulnerability Names maintained by MITRE."

A note on what the "Dirty COW" vulnerability is (and why it's called that) from Red Hat:

"A race condition was found in the way the Linux kernel's memory subsystem handled the copy-on-write (COW) breakage of private read-only memory mappings. An unprivileged, local user could use this flaw to gain write access to otherwise read-only memory mappings and thus increase their privileges on the system."



Is the CA API Gateway vulnerable to CVE-2016-5195 (aka "Dirty COW")?

An API Gateway running version 7.x - 8.x without staying current on the monthly platform patches.

The monthly platform patch issued in October 2016 included the fixed kernel from Red Hat which removes the vulnerability to "Dirty COW". The monthly platform patches are cumulative, so you just need to run the latest one for your platform to benefit from the fix for "Dirty COW", plus a multitude of other security-related fixes issued by Red Hat for the included third-party tools included in Red Hat Enterprise Linux.

Administrators should stay as current as possible on the monthly platform patches in order to keep the CA API Management products as secure as possible.

It is important to know that this is not a vulnerability in the CA product code, but a vulnerability in the underlying Linux kernel as part of the host operating system, which many CA API Management products run on top of.

Additional Information: