Dirty Pipe Vulnerability in Linux Kernel

Published on 08 Mar 2022

Updated on 08 Mar 2022

Security researchers have discovered a vulnerability (CVE-2022-0847) named "Dirty Pipe" in the Linux Kernel. A proof-of-concept (PoC) exploiting the vulnerability has also been published.

Successful exploitation could allow an attacker with local access to overwrite data in arbitrary read-only files, which will lead the attacker into gaining root privileges. 

The vulnerability affects Linux Kernel version 5.8 and later. The flaw has been fixed in versions 5.16.11, 5.15.25, and 5.10.102.

Administrators and users of affected versions are advised to install the latest security updates immediately when available.

More information is available here:
https://dirtypipe.cm4all.com/
https://www.bleepingcomputer.com/news/security/new-linux-bug-gives-root-on-all-major-distros-exploit-released/