A new easily exploitable vulnerability (CVE-2022-0847) in the Linux kernel can be used by unprivileged local users to gain privileges on root vulnerable systems using already public exploits.
It was discovered by security researcher Max Kellermann. The flaw, which he named Dirty Pipe due to its similarity to the Dirty Cow flaw, has already been patched in the Linux kernel and Android kernel. Affected Linux distributions are in the process of releasing security updates with the patch.
The vulnerability exploits a flaw in the way the Linux kernel handles the pipe buffer records, and allows attackers to overwrite data in read-only files and SUID binaries to gain access root. The bug is easy to exploit although it cannot be done remotely, attackers need to have prior access to the vulnerable host to be able to launch the exploit.
To mitigate this vulnerability, Linux users and Android device users should stay alert for security updates that implement the patch. The vulnerability affects the Linux kernel 5.8 and later versions (possibly even earlier ones) and it has been fixed in Linux 5.16.11, 5.15.25 and 5.10.102, as well as in the latest Android kernel.
Las organizaciones que desarrollan diversas distribuciones de Linux también han sido notificadas al respecto en febrero y ya están trabajando en la comprobación de sus paquetes para detectar el fallo y solucionarlo.
Se puede encontrar la prueba de concepto (PoC) en el siguiente enlace: https://haxx.in/files/dirtypipez.c
Fountain: https://www.helpnetsecurity.com/2022/03/08/cve-2022-0847/