[Unaffected] Security Notice for Dirty COW. CVE-2016-5195

Re: Dirty COW vulnerability as specified in Common Vulnerability and Exposures CVE-2016 5195

Race condition in mm/gup.c in the Linux kernel 2.x through 4.x before 4.8.3 allows local users to gain privileges by leveraging incorrect handling of a copy-on-write (COW) feature to write to a read-only memory mapping, as exploited in the wild in October 2016, aka “Dirty COW.”

**Peplink has verified and confirmed that none of our products allow local accounts in any form, we are unaffected by this vulnerability. **

No customer action is required.

Thank you for your attention.

The Peplink Team
Issued on: November 17th, 2016

1 Like

Thank you for clarifying this within 24 hours of another member requesting this information.
A security venerability page would be nice. Possible only accessed by customers via IC2, serial number, partner pavilion etc
Thank You

1 Like

Eric, thank you again for doing this.

GNO-2014, if Peplink ever decides that *certain *security information is too sensitive to publish even on a consolidated security vulnerabilities page or forum, I think your idea is a good one. Lock down such sensitive info on a secured site accessible only by confirmed Peplink product owners or partners.

A pleasant weekend to all!


Roberto Broccoli

1 Like