CVE-2016-5195

ENISA EUVD: EUVD-2016-6146 ↗

Exploited in the Wild ✓ Confirmed 0-Day ★ Google Project Zero

Triaged: March 3, 2026 9 articles Published: 2016-11-10

VulnLookup ↗ NVD ↗ EUVD ↗ MITRE ↗ Advisory ↗ P0 Sheet ↗ CISA KEV ↗

EPSS Score

Source: FIRST.org · 2026-05-23

93.93%

probability

This CVE has a 93.93% probability of being exploited in the next 30 days.

0% Top 99.9th percentile of all CVEs 100%

CVSS v3.1

Source: VulnerabilityLookup (CIRCL)

HIGH

Attack Vector

Local

Attack Complexity

High

Privileges Required

Low

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

High

CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

CVSS v2 (legacy)

7.2

HIGH

Access Vector

Local

Access Complexity

Low

Authentication

None

Confidentiality

Complete

Integrity

Complete

Availability

Complete

AV:L/AC:L/Au:N/C:C/I:C/A:C

Description

VulnerabilityLookup (CNA)

Race condition in mm/gup.c in the Linux kernel 2.x through 4.x before 4.8.3 allows local users to gain privileges by leveraging incorrect handling of a copy-on-write (COW) feature to write to a read-only memory mapping, as exploited in the wild in October 2016, aka "Dirty COW."

Affected Products

n/a

canonical

ubuntu linux

linux

linux kernel

redhat

enterprise linux

redhat

enterprise linux aus

redhat

enterprise linux eus

n/a

Attack Intelligence

CWE-362 · Race Condition CWE-691 · Insufficient Control Flow Management

Google Project Zero

Patched

Oct. 18, 2016

Reported by

Phil Oester

Root Cause Analysis

???

Exploits & PoC

timwr/CVE-2016-5195

CVE-2016-5195 (dirtycow/dirtyc0w) proof of concept for Android

1003 2021-02-03

firefart/dirtycow

Dirty Cow exploit - CVE-2016-5195

930 2025-07-30

scumjr/dirtycow-vdso

PoC for Dirty COW (CVE-2016-5195)

510 2022-03-16

gbonacini/CVE-2016-5195

A CVE-2016-5195 exploit example.

338 2017-03-21

r1is/CVE-2022-0847

CVE-2022-0847-DirtyPipe-Exploit CVE-2022-0847 是存在于 Linux内核 5.8 及之后版本中的本地提权漏洞。攻击者通过利用此漏洞，可覆盖重写任意可读文件中的数据，从而可将普通权限的用户提升到特权 root。 CVE-2022-0847 的漏洞原

280 2023-02-02

hyln9/VIKIROOT

CVE-2016-5195 (Dirty COW) PoC for Android 6.0.1 Marshmallow

271 2017-01-27

Brucetg/DirtyCow-EXP

编译好的脏牛漏洞（CVE-2016-5195）EXP

141 2018-05-27

DavidBuchanan314/cowroot

Universal Android root tool based on CVE-2016-5195. Watch this space.

32 2016-10-29

aishee/scan-dirtycow

Scan vuls kernel CVE-2016-5195 - DirtyCow

16 2016-10-29

xlucas/dirtycow.cr

CVE-2016-5195 exploit written in Crystal

13 2016-10-25

pgporada/ansible-role-cve

Mitigates CVE-2016-5195 aka DirtyCOW

10 2016-10-23

whu-enjoy/CVE-2016-5195

这里保留着部分脏牛漏洞的利用代码

10 2016-11-17

imust6226/dirtcow

脏牛Linux本地提权漏洞复现(CVE-2016-5195)

9 2019-10-30

sideeffect42/DirtyCOWTester

Dirty COW (CVE-2016-5195) vulnerability testing utility for Linux-based systems.

7 2016-12-18

jas502n/CVE-2016-5195

Linux 本地提权漏洞

7 2019-08-13

oleg-fiksel/ansible_CVE-2016-5195_check

6 2016-11-26

talsim/root-dirtyc0w

DirtyCow root privilege escalation (CVE-2016-5195)

5 2024-10-11

droidvoider/dirtycow-replacer

CVE-2016-5195 dirtycow by timwr automated multi file patch tool

4 2017-03-18

esc0rtd3w/org.cowpoop.moooooo

Android APK Based On Public Information Using DirtyCOW CVE-2016-5195 Exploit

3 2017-01-19

arttnba3/CVE-2016-5195

my personal POC of CVE-2016-5195(dirtyCOW)

3 2024-06-17

LinuxKernelContent/DirtyCow

Below code takes advantage of a known vulnerability [Dirty COW (CVE-2016-5195)] 🔥

3 2023-07-10

FloridSleeves/os-experiment-4

os experiment 4 CVE-2016-5195

2 2017-06-16

DanielEbert/CVE-2016-5195

DirtyCOW Exploit for Android

2 2021-02-22

LiEnby/PSSRoot

One-Click-Root program based on CVE-2016-5195, that works on the old 'PlayStation Certified' android devices

2 2025-06-27

ASRTeam/CVE-2016-5195

1 2016-10-21

arbll/dirtycow

Ready to use, weaponized dirtycow (CVE-2016-5195)

1 2017-10-11

titanhp/Dirty-COW-CVE-2016-5195-Testing

Dirty COW (CVE-2016-5195) Testing

1 2017-10-19

th3-5had0w/DirtyCOW-PoC

An exploit script of CVE-2016-5195

1 2022-02-17

TotallyNotAHaxxer/CVE-2016-5195

Ported golang version of dirtycow.c

1 2022-04-08

malinthag62/The-exploitation-of-Dirty-Cow-CVE-2016-5195

The Repository contains documents that explains the explotation of CVE-2016-5195

1 2022-05-18

0x3n19m4/CVE-2016-5195

CVE-2016-5195 linux kernel exploit

1 2025-05-02

KosukeShimofuji/CVE-2016-5195

Dirty Cow

0 2016-10-21

istenrot/centos-dirty-cow-ansible

Ansible playbook to mitigate CVE-2016-5195 on CentOS

0 2016-10-22

ldenevi/CVE-2016-5195

Recent Linux privilege escalation exploit

0 2016-11-06

ndobson/inspec_CVE-2016-5195

Inspec profile for detecting CVE-2016-5195 aka Dirty COW

0 2016-12-09

sribaba/android-CVE-2016-5195

0 2017-01-15

acidburnmi/CVE-2016-5195-master

0 2017-12-06

xpcmdshell/derpyc0w

Example exploit for CVE-2016-5195

0 2018-04-11

zakariamaaraki/Dirty-COW-CVE-2016-5195-

Exploit the dirtycow vulnerability to login as root

0 2021-01-04

shanuka-ashen/Dirty-Cow-Explanation-CVE-2016-5195-

0 2020-05-11

dulanjaya23/Dirty-Cow-CVE-2016-5195-

This is a Dirty Cow (CVE-2016-5195) privilege escalation vulnerability exploit

0 2020-05-12

KaviDk/dirtyCow

Dirtycow also is known as CVE-2016-5195

0 2022-05-31

KasunPriyashan/Y2S1-Project-Linux-Exploitaion-using-CVE-2016-5195-Vulnerability

0 2022-01-17

vinspiert/scumjrs

PoC for Dirty COW (CVE-2016-5195)

0 2022-03-19

passionchenjianyegmail8/scumjrs

PoC for Dirty COW (CVE-2016-5195)

0 2022-04-26

1equeneRise/scumjr9

PoC for Dirty COW (CVE-2016-5195)

0 2022-05-19

fei9747/CVE-2016-5195

0 2022-11-29

h1n4mx0/Research-CVE-2016-5195

0 2023-10-26

EDLLT/CVE-2016-5195-master

0 2023-11-29

ZhiQiAnSecFork/DirtyCOW_CVE-2016-5195

0 2023-12-15

sakilahamed/Linux-Kernel-Exploit-LAB

More specific : Dirty COW (CVE-2016-5195)

0 2024-03-30

ASUKA39/CVE-2016-5195

DirtyCOW 笔记

0 2024-04-05

Samuel-G3/Escalamiento-de-Privilegios-usando-el-Kernel-Exploit-Dirty-Cow

Exploit para escalada de privilegios en Linux basado en la vulnerabilidad Dirty Cow (CVE-2016-5195). Incluye binario, código fuente e instrucciones pa

0 2025-06-25

mohammadamin382/dirtycow-lab

Educational PoC for Dirty COW (CVE-2016-5195) with logging, ptrace fallback, and binary payload support.

0 2025-08-01

MarioAlejos-Cs/dirtycow-lab

Explotación vulnerabilidad Dirty COW (CVE-2016-5195) en Ubuntu 16.04.1.

0 2025-08-22

pardhu045/linux-privilege-escalation

Linux privilege escalation using Dirty COW exploit (CVE-2016-5195).

0 2025-09-13

ramahmdr/dirtycow

Dirty Cow exploit - CVE-2016-5195

0 2026-01-22

elhaddadalaa788-alt/kernel-exploit-dirtycow-project-subm

Dirty COW Privilege Escalation (CVE-2016-5195)

0 2026-02-01

theo543/OSDS_Paper_CVE-2016-5195

0 2026-02-06

maur0amaya/Escalamiento-de-Privilegios-usando-el-Kernel-Exploit-Dirty-Cow

Este proyecto tiene como objetivo demostrar de forma práctica el funcionamiento del exploit Dirty COW (CVE-2016-5195), una vulnerabilidad crítica del

0 2026-05-15

60 repos — triés par ⭐ Rechercher sur GitHub ↗

http://rhn.redhat.com/errata/RHSA-2016-2107.html

vendor-advisory x_refsource_REDHAT

https://www.exploit-db.com/exploits/40616/

exploit x_refsource_EXPLOIT-DB

https://access.redhat.com/errata/RHSA-2017:0372

vendor-advisory x_refsource_REDHAT

https://bto.bluecoat.com/security-advisory/sa134

x_refsource_CONFIRM

https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05352241

x_refsource_CONFIRM

http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html

x_refsource_CONFIRM

Signal Intelligence

Confidenceⓘ

95%

EPSS 93.93%

CVSS v3.1 7

Mentions 9

Last Seen May 14, 2026

CNA Information

CNA Assigner

Chrome

Analyst Note

Dirty COW (CVE-2016-5195) is a well-documented race condition in the Linux kernel's copy-on-write mechanism that was actively exploited in the wild in October 2016 and reported by Google Project Zero. The vulnerability has extensive public documentation, proof-of-concept exploits, and confirmed real-world exploitation, making it unquestionably a confirmed vulnerability.