Dirty Pipe (CVE-2022-0847)

Tags:linuxvulnerability Related to:cve,privilage-escalation,kernel,containers,android

See also:

Summary

Priv esc vuln Affects linux kernal > 5.8 Patched in 5.16.11, 5.15.25, 5.10.102

Content

Located in messaging pipeline or pipe (what is it ? ) - Interprocess communication

process open pipe and write data to it. Kernel store in a buffer and wait for different process to read from there

vuln lets buffer to write arbitrary data to pipe. Can be used to write or modify read only files.

Can lead to priv esc

References (optional )

Dirty pipe | By Max Kellerman Hackersploit - Dirty pipe News - using exploit to root android News - dirty pipe impacts containers

Vuln checker Exploit