Skip to main content

Government officials will never ask you to transfer money or disclose bank log-in details over a phone call.

Call the 24/7 ScamShield Helpline at 1799 if you are unsure if something is a scam.

Cyber Security Agency of Singapore
  1. Home
  2. Alerts & Advisories
  3. Alerts
  4. Dirty Pipe Vulnerability in Linux Kernel
Alerts

Dirty Pipe Vulnerability in Linux Kernel

8 March 2022

Security researchers have discovered a vulnerability (CVE-2022-0847) named "Dirty Pipe" in the Linux Kernel. A proof-of-concept (PoC) exploiting the vulnerability has also been published.

Successful exploitation could allow an attacker with local access to overwrite data in arbitrary read-only files, which will lead the attacker into gaining root privileges. 

The vulnerability affects Linux Kernel version 5.8 and later. The flaw has been fixed in versions 5.16.11, 5.15.25, and 5.10.102.

Administrators and users of affected versions are advised to install the latest security updates immediately when available.

More information is available here:

https://dirtypipe.cm4all.com/

https://www.bleepingcomputer.com/news/security/new-linux-bug-gives-root-on-all-major-distros-exploit-released/

Back to top