====================================================================

                              CERT-Renater

                  Note d'Information No. 2016/VULN384
_____________________________________________________________________

DATE                : 10/11/2016

HARDWARE PLATFORM(S): /

OPERATING SYSTEM(S): Systems running VMware Identity Manager,
                        vRealize Automation, vRealize Operations.

=====================================================================
http://lists.vmware.com/pipermail/security-announce/2016/000350.html
____________________________________________________________________


- ------------------------------------------------------------------------
                            VMware Security Advisory

Advisory ID: VMSA-2016-0018
Severity:    Important
Synopsis:    VMware product updates address local privilege escalation
             vulnerability in Linux kernel
Issue date:  2016-11-09
Updated on:  2016-11-09 (Initial Advisory)
CVE number:  CVE-2016-5195

1. Summary

    VMware product updates address local privilege escalation
    vulnerability in Linux kernel.


2. Relevant Products

    VMware Identity Manager
    vRealize Automation
    vRealize Operations

3. Problem Description

    Local privilege escalation vulnerability in Linux kernel

    The Linux kernel which ships with the base operating system of VMware
    Appliances contains a race condition in the way its memory subsystem
    handles copy-on-write (aka “Dirty COW”). Successful exploitation of
    the vulnerability may allow for local privilege escalation. The
    product lines listed in this advisory have been confirmed to be
    affected.

    VMware product lines that are not affected are documented in VMware
    Knowledge Base article 2147515.

    The Common Vulnerabilities and Exposures project (cve.mitre.org) has
    assigned the identifier CVE-2016-5195 to this issue.

    Column 5 of the following table lists the action required to
    remediate the vulnerability in each release, if a solution is
    available.

    VMware      Product    Running             Replace with/  Mitigations/

    Product     Version    on       Severity   Apply patch    Workarounds
    ==========  =========  =======  =========  =============  ==========
    Identity    2.x        VA       Important  patch pending  None
    Manager

    vRealize    7.x        VA       Important  patch pending  None
    Automation
    vRealize    6.x        VA       Important  patch pending  None
    Automation

    vRealize    6.3.0      VA       Important  KB2147630      None
    Operations
    vRealize    6.2.1      VA       Important  KB2147668      None
    Operations
    vRealize    6.2.0a     VA       Important  KB2147667      None
    Operations
    vRealize    6.1.0      VA       Important  KB2147666      None
    Operations
    vRealize    6.0.3      VA       Important  KB2147664      None
    Operatio
    vRealize    6.x        Windows  N/A        not affected   N/A
    Operations
    vRealize    6.x        Linux    N/A        not affected   N/A
    Operations
    vRealize    5.x        VA       Important  patch pending  None
    Operations
    vRealize    5.x        Windows  N/A        not affected   N/A
    Operations
    vRealize    5.x        Linux    N/A        not affected   N/A
    Operations

4. Solution

    Please review the patch/release notes for your product and version
    and verify the checksum of your downloaded file.

    vRealize Operations
    Downloads and Documentation:
    https://kb.vmware.com/kb/2147630
    https://kb.vmware.com/kb/2147668
    https://kb.vmware.com/kb/2147667
    https://kb.vmware.com/kb/2147666
    https://kb.vmware.com/kb/2147664

5. References

    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5195
    https://kb.vmware.com/kb/2147515
    https://kb.vmware.com/kb/2147630
    https://kb.vmware.com/kb/2147668
    https://kb.vmware.com/kb/2147667
    https://kb.vmware.com/kb/2147666
    https://kb.vmware.com/kb/2147664

- ------------------------------------------------------------------------

6. Change log

    2016-11-09 VMSA-2016-0018 Initial security advisory in conjunction
    with the release of vROps patches on 2016-11-09.

- ------------------------------------------------------------------------

7. Contact

    E-mail list for product security notifications and announcements:
    http://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce

    This Security Advisory is posted to the following lists:

     security-announce at lists.vmware.com
     bugtraq at securityfocus.com
     fulldisclosure at seclists.org

    E-mail: security at vmware.com
    PGP key at: https://kb.vmware.com/kb/1055

    VMware Security Advisories
    http://www.vmware.com/security/advisories

    VMware Security Response Policy
    https://www.vmware.com/support/policies/security_response.html

    VMware Lifecycle Support Phases
    https://www.vmware.com/support/policies/lifecycle.html
    Twitter
    https://twitter.com/VMwareSRC

    Copyright 2016 VMware Inc.  All rights reserved.

==========================================================
Serveur de référence du CERT-Renater
https://services.renater.fr/ssi/
==========================================================
+ CERT-RENATER          | tel : 01-53-94-20-44           +
+ 23 - 25 Rue Daviel    | fax : 01-53-94-20-41           +
+ 75013 Paris           | email: cert@support.renater.fr +
==========================================================