Re: Dirty COW vulnerability as specified in Common Vulnerability and Exposures CVE-2016 5195
Description:
Race condition in mm/gup.c in the Linux kernel 2.x through 4.x before 4.8.3 allows local users to gain privileges by leveraging incorrect handling of a copy-on-write (COW) feature to write to a read-only memory mapping, as exploited in the wild in October 2016, aka “Dirty COW.”
**Peplink has verified and confirmed that none of our products allow local accounts in any form, we are unaffected by this vulnerability. **
No customer action is required.
Thank you for your attention.
The Peplink Team
Issued on: November 17th, 2016
1 Like
Evening
Thank you for clarifying this within 24 hours of another member requesting this information.
A security venerability page would be nice. Possible only accessed by customers via IC2, serial number, partner pavilion etc
Thank You
1 Like
Eric, thank you again for doing this.
GNO-2014, if Peplink ever decides that *certain *security information is too sensitive to publish even on a consolidated security vulnerabilities page or forum, I think your idea is a good one. Lock down such sensitive info on a secured site accessible only by confirmed Peplink product owners or partners.
A pleasant weekend to all!
Best,
Roberto Broccoli
1 Like