Linux kernel vulnerability: Dirty pipe gives root rights

On the 8th of March 2022 a vulnerability was found in the Linux kernel version 5.8 up to version 5.10.102, 5.15.25 or 5.16.11, which was classified as critical. Neither stepping stone Ltd nor her customers are affected by this vulnerability.

The vulnerability (CVE-2022-0847), classified as critical by «Common Vulnerabilities and Exposures» (CVE), is present in Linux kernel version 5.8 and higher and affects all systems including Android smartphones. In the meantime, there are kernel versions that have already fixed the bug called "Dirty Pipe" (Linux kernel versions 5.10.102, 5.15.25 or 5.16.11). stepping stone Ltd and her customers are not affected by this vulnerability.

This flaw in the kernel allows attackers to modify files in a Linux system to which they should not have access. An attacker could thus obtain root rights and then permanently infect a system.

The error was discovered by software developer Max Kellermann due to repeated support tickets about broken archive files. During the analysis he identified that the cause was an error in the administration of so-called pipes in the Linux kernel. There is a news article about this on heise online, which explains the background and correlations clearly. Max Kellermann has also published a detailed article on the «Dirty Pipe Vulnerability».