Privilege Escalation Vulnerability in Linux Kernel

A privilege escalation vulnerability known as "Dirty Pipe" has been identified in the Linux kernel and affects all Linux distributions.

Threat ID:: CC-4049
Threat Severity:: Information only
Published:: 8 March 2022 5:06 PM

Report a cyber attack: call 0300 303 5222 or email [email protected]

Summary

A privilege escalation vulnerability known as "Dirty Pipe" has been identified in the Linux kernel and affects all Linux distributions.

Affected platforms

The following platforms are known to be affected:

Versions: All Linux distributions from Linux kernel 5.8 up to (but not including) 5.16.11, 5.15.25 and 5.10.102

Linux

Threat details

Introduction

A vulnerability has been disclosed in the Linux kernel that allows for local privilege escalation. The vulnerability allows a locally authenticated attacker to inject custom content into sensitive files to remove permissions and execute commands as root.

Proof of concept code has been released that has the potential to be developed into an exploit.

Remediation advice

Affected organisations are encouraged to contact their relevant Linux IT suppliers and apply the relevant updates.

CVE Vulnerabilities

Status Published

CVE-2022-0847

A flaw was found in the way the "flags" member of the new pipe buffer structure was lacking proper initialization in copy_page_to_iter_pipe and push_pipe functions in the Linux kernel and could thus contain stale values. An unprivileged local user could use this flaw to write to pages in the page cache backed by read only files and as such escalate their privileges on the system.

Last edited: 8 March 2022 5:06 pm