Checking a RHEL system for the Dirty COW vulnerability

Tags linux how-to


Find out if the currently running kernel is vulnerable to Dirty COW (CVE-2016-5195).


Red Hat Enterprise Linux systems running stock kernels from Red Hat.


  1. Download the test script: wget
  2. Run that test script: bash
  3. If the test script says the running kernel is vulnerable, then update the kernel, typically with yum update, and reboot to the updated kernel.
    • Use uname -r to get the running kernel version and yum info kernel to see if a newer version is installed but not running.
    • If the kernel was previously updated but the system was not rebooted to activate it, reboot to activate it.

Additional notes

This script only works if the system is running a standard kernel. For example, if you have installed kernel-ml or kernel-lt from ELRepo, the script will report a false negative for vulnerable kernels.

Information Assurance (IA) article on CVE-2016-5195.


Article ID: 1836
Wed 5/27/20 11:25 AM
Mon 2/1/21 7:24 AM