Is anyone able to detect the Dirty Cow(cve-2016-5195) vulnerability on RHEL 5/6 using the current Red Hat QID (236124)?
It seems to detect just fine on RHEL 7, but we haven't seen it fire on RHEL 5/6.
The Advisory released by Red Hat for CVE-2016-5195 was made public through: CVE-2016-5195 - Red Hat Customer Portal with separate advisories and corresponding dates for the various versions listed here:
QID 236124 - Red Hat Update for kernel (RHSA-2016:2098) (Dirty Cow) is the first Red Hat QID that has been published in production for the RHEL 7 as listed on http://rhn.redhat.com/errata/RHSA-2016-2098.html
Separate QIDs are currently being worked on and will be released soon for RHEL5 and 6. Once they are in production, you will be able to search the Knowledgebase for CVE-2016-5195 for a full list of QIDs and the Operating System they tie to.
Thank you for your response. Is there an update when QIDs for RHEL 5/6 will be available?
I've created a dynamic search list for Dirty CoW - CVE-2016-5195 and have 27 QIDs as of today.
Also, have detections on RHEL 5,6,7 with a few test scans.
Retrieving data ...