Security News > 2022 > August > "As Nasty as Dirty Pipe" — 8 Year Old Linux Kernel Vulnerability Uncovered

"As Nasty as Dirty Pipe" — 8 Year Old Linux Kernel Vulnerability Uncovered
2022-08-22 13:05

Details of an eight-year-old security vulnerability in the Linux kernel have emerged that the researchers say is "As nasty as Dirty Pipe.".

"DirtyCred is a kernel exploitation concept that swaps unprivileged kernel credentials with privileged ones to escalate privilege," researchers Zhenpeng Lin, Yuhang Wu, and Xinyu Xing noted.

The novel exploitation method, according to the researchers, pushes the dirty pipe to the next level, making it more general as well as potent in a manner that could work on any version of the affected kernel.

"Second, while it is like the dirty pipe that could bypass all the kernel protections, our exploitation method could even demonstrate the ability to escape the container actively that Dirty Pipe is not capable of."

Dirty Pipe, tracked as CVE-2022-0847 and affecting Linux kernel versions starting from 5.8, refers to a security vulnerability in the pipe subsystem that allows underprivileged processes to write to arbitrary readable files, leading to privilege escalation.

The exploitable vulnerability was so called after the Dirty Cow vulnerability discovered in 2016 based on their similarities.


News URL

https://thehackernews.com/2022/08/as-nasty-as-dirty-pipe-8-year-old-linux.html

Related Vulnerability

DATE CVE VULNERABILITY TITLE RISK
2022-03-10 CVE-2022-0847 Improper Initialization vulnerability in multiple products
A flaw was found in the way the "flags" member of the new pipe buffer structure was lacking proper initialization in copy_page_to_iter_pipe and push_pipe functions in the Linux kernel and could thus contain stale values.
7.8

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Linux 17 384 2365 1508 667 4924
Kernel 4 2 8 5 0 15