Skip to main content

Public advisory of scammers impersonating CSA and the SPF

Stay vigilant. Read the public advisory

Cyber Security Agency of Singapore
  1. Home
  2. Alerts & Advisories
  3. Alerts
  4. Dirty Pipe Vulnerability in Linux Kernel
Alerts

Dirty Pipe Vulnerability in Linux Kernel

8 March 2022

Security researchers have discovered a vulnerability (CVE-2022-0847) named "Dirty Pipe" in the Linux Kernel. A proof-of-concept (PoC) exploiting the vulnerability has also been published.

Successful exploitation could allow an attacker with local access to overwrite data in arbitrary read-only files, which will lead the attacker into gaining root privileges. 

The vulnerability affects Linux Kernel version 5.8 and later. The flaw has been fixed in versions 5.16.11, 5.15.25, and 5.10.102.

Administrators and users of affected versions are advised to install the latest security updates immediately when available.

More information is available here:

https://dirtypipe.cm4all.com/

https://www.bleepingcomputer.com/news/security/new-linux-bug-gives-root-on-all-major-distros-exploit-released/

Back to top