DirtyPipe

This vulnerability exploits the mishandling of pipes, which allows any user to overwrite data into a file that the user does not have permission. This can be used to modify files like passwd to include a new user with root privileges or modify binaries to include SUIDs. Both forms can lead to Privilege Escalation.

This vulnerability affects kernels above 5.8 but have been patched in the following versions,

5.16.11

5.15.25

5.10.102

The exploit code can be found from the following link and the user can choose between modifying files or using SUID to PE,

https://github.com/AlexisAhmed/CVE-2022-0847-DirtyPipe-Exploits

PreviousDirty Cow NextInsecure File Permissions

Last updated 4 months ago