Linux Kernel 5.8 and later are vulnerable to 'Dirty Pipe', a vulnerability which allows local users to get root access. Use Lansweeper to find vulnerable installations in your network: [ Ссылка ]

The vulnerability has been fixed in Linux kernels 5.16.11, 5.15.25, 5.10.102, and higher.

CVE-2022-0847 also known as Dirty Pipe allows local users to inject and overwrite data in read-only files, this can lead to privilege escalation because unprivileged processes can inject code into root processes. Max Kellermann, who disclosed the vulnerability, also mentions that the vulnerability is similar to CVE-2016-5195 "Dirty Cow" but is easier to exploit.

Several proofs of concept were disclosed today, including in the original disclosure, showing that the vulnerability is relatively easy to take advantage of.

To fix the vulnerability, new Linux kernel versions were released. To ensure that your Linux devices are safe, kernel versions 5.16.11, 5.15.25, 5.10.102 or higher need to be installed. Together with our Dirty Pipe vulnerability report, you can easily identify which Linux devices have which kernel version and whether they require.

Get the Linux Vulnerability Report here: [ Ссылка ]

Start your free trial today ► [ Ссылка ]

Lansweeper enables you to manages your entire IT network, saving an incredible amount of time by automating key tasks. It features best in class fully automatic asset scanning and network inventory software, to keep you on top of your IT-environment.

Recommended by sysadmins all over the world, download your Lansweeper free trial today and start managing your IT assets the right way.

Useful Links
Website ► [ Ссылка ]
Knowledgebase ► [ Ссылка ]
Forum ► [ Ссылка ]
Blog ► [ Ссылка ]

Let’s Connect
Facebook ► [ Ссылка ]
Twitter ► [ Ссылка ]
Linkedin ► [ Ссылка ]
Contact ► Sales@lansweeper.com

свернуть