Do it! Like it! Frenf it!

Evaluate World Peace

profile_pic

Posto Predis to Lega Nerd, Longform, Posto Predis

The Dirty Pipe Vulnerability - Abstract This is the story of CVE-2022-0847, a vulnerability in the Linux kernel since 5.8 which allows overwriting data in arbitrary read-only files. This leads to privilege escalation because unprivileged processes can inject code into root processes. It is similar to CVE-2016-5195 “Dirty Cow” but is easier to exploit. The vulnerability was fixed in Linux 5.16.11, 5.15.25 and 5.10.102. https://dirtypipe.cm4all....