The Dirty Pipe Vulnerability

Condobloke

Well-Known Member
Joined
Apr 30, 2017
Messages
5,914
Reaction score
4,919
Credits
36,970


OP
Condobloke

Condobloke

Well-Known Member
Joined
Apr 30, 2017
Messages
5,914
Reaction score
4,919
Credits
36,970
A new Linux vulnerability known as 'Dirty Pipe' allows local users to gain root privileges through publicly available exploits.

Today,7th March 2022, security researcher Max Kellermann responsibly disclosed the 'Dirty Pipe' vulnerability and stated that it affects Linux Kernel 5.8 and later versions, even on Android devices.


Timeline​

 

KGIII

Super Moderator
Staff member
Gold Supporter
Joined
Jul 23, 2020
Messages
8,616
Reaction score
7,360
Credits
70,058
LOL We overlapped. I mention the timeline in the other thread. Yeah, the timeline confuses me. If you follow the security releases, they're often fixed in a matter of days - depending on severity. This one was almost a full year.

But, I think I am making sense of it now... They didn't realize it was exploitable at first. I'm gonna see if I can find the first bug report.
 

KGIII

Super Moderator
Staff member
Gold Supporter
Joined
Jul 23, 2020
Messages
8,616
Reaction score
7,360
Credits
70,058
Yeah, that's what it appears to be. The bug came in and it wasn't until almost a year later that they realized it could be exploited.

Which makes me wonder...

Did *anyone else* realize it was exploitable before that?
 

CrazedNerd

Well-Known Member
Joined
Mar 31, 2021
Messages
1,157
Reaction score
530
Credits
9,974
Haven't read it yet, but what's vulnerable is interesting to me, thank you.
 
OP
Condobloke

Condobloke

Well-Known Member
Joined
Apr 30, 2017
Messages
5,914
Reaction score
4,919
Credits
36,970
MALIBAL Linux Laptops

Linux Laptops Custom Built for You
MALIBAL is an innovative computer manufacturer that produces high-performance, custom laptops for Linux.

For more info, visit: https://www.malibal.com

Members online


Top