Three vulnerabilities in McAfee Products have been discovered and resolved.
AFFECTED SOFTWARE
The vulnerability is remediated in these versions:
Intel Security recommends that all customers verify that they have applied the latest updates. Impacted users should install the relevant patches or hotfixes. For full instructions and information, see Knowledge Base article SB10176, Security Bulletin: Fixes for privilege escalation via MAP_PRIVATE COW breakage (CVE-2016-5195) (https://kc.mcafee.com/corporate/index?page=content&id=SB10176)
AFFECTED SOFTWARE
- DLP Prevent 10.0.100
- DXL 3.0.0, 3.0.01
- MAR 1.1.0
- TIE Server 2.0.0
The vulnerability is remediated in these versions:
- DLP Prevent 10.0.101
- DXL 3.0.0 Build 334
- DXL 3.0.1 Build 182
- MAR 1.1.0 -245
- TIE Server 2.0.0.653
- CVE-2016-5195 (CVSS: 6.7; Severity: Medium) is a race condition found in the way the Linux kernel's memory subsystem handled the copy-on-write (COW) breakage of private read-only memory mappings. An unprivileged, local user could use this flaw to gain write access to otherwise read-only memory mappings and thus increase their privileges on the system.
Intel Security recommends that all customers verify that they have applied the latest updates. Impacted users should install the relevant patches or hotfixes. For full instructions and information, see Knowledge Base article SB10176, Security Bulletin: Fixes for privilege escalation via MAP_PRIVATE COW breakage (CVE-2016-5195) (https://kc.mcafee.com/corporate/index?page=content&id=SB10176)