The Dirty Pipe Vulnerability by Max Kellermann This is the | PT SWARM
The Dirty Pipe Vulnerability
by Max Kellermann
This is the story of CVE-2022-0847, a vulnerability in the Linux kernel since 5.8 which allows overwriting data in arbitrary read-only files. This leads to privilege escalation because unprivileged processes can inject code into root processes. It is similar to CVE-2016-5195 “Dirty Cow” but is easier to exploit. The vulnerability was fixed in Linux 5.16.11, 5.15.25 and 5.10.102.
Contents: • Abstract • Corruption pt. I • Access Logging • Corruption pt. II • Corruption pt. III • Man staring at code • Man staring at kernel code • Pipes and Buffers and Pages • Uninitialized • Corruption pt. IV • Exploiting • Timeline
Positive Technologies Offensive Team: twitter.com/ptswarm. This is the channel where we share articles/vulnerabilities/scripts/etc, not necessarily authored by us, that we find interesting...