What impact does applying the fix for the Dirty COW vulnerability have on CA Spectrum?

Document ID : KB000014076
Last Modified Date : 14/02/2018
Show Technical Document Details
Introduction:

A race condition was found in the way the Linux kernel's memory subsystem handled the copy-on-write (COW) breakage of private read-only memory mappings. An unprivileged local user could use this flaw to gain write access to otherwise read-only memory mappings and thus increase their privileges on the system.

This could be abused by an attacker to modify existing setuid files with instructions to elevate privileges. An exploit using this technique has been found in the wild. This flaw affects most modern Linux distributions.

Question:

What impact does applying the fix for the Dirty COW vulnerability CVE-2016-5195 have on a Linux system where CA Spectrum is currently installed?

Environment:
RedHat 5.xRedHat 6.xRedHat 7.x
Answer:

Spectrum is not certified to the Kernel level. As long as Spectrum is installed on a supported version of RedHat, there is no impact on Spectrum for applying the fix for the Dirty COW vulnerability CVE-2016-5195. 

Additional Information:

Reference the following two links for more information on the Dirty COW vulnerability CVE-2016-5195.

https://access.redhat.com/security/cve/cve-2016-5195

https://access.redhat.com/security/vulnerabilities/2706661