Critical vulnerability found in Linux kernel that allows root access

Security researcher Max Kellermann has found a critical Linux vulnerability, which could allow a local user to gain root access. An update has been released, but probably many servers are still running old versions, making them vulnerable.

The vulnerability is designated CVE-2022-0847 and was made public by Max Kellerman. In a blog, he describes in detail how he discovered and exploited the leak. According to Kellerman, all versions of the Linux kernel from 5.8 onwards have this problem. The vulnerability allows a local user to modify read-only files and add their own code.

A security researcher posted on Twitter see how he could use this vulnerability to eliminate the need for the root user to enter a password on a system. In this way root access could be obtained. Bleeping Computer also managed to gain root access in Ubuntu via Dirty Pipe.

The vulnerability was reported to the Linux kernel and Android security team on February 20, because this vulnerability could also be exploited on Android. The two security teams have now released a patch. In the Linux kernels 5.16.11, 5.15.25, and 5.10.102 this vulnerability is no longer present.

The Dirty Pipe nickname for CVE-2022-0847 comes from another Linux kernel vulnerability ‘Dirty Cow’. According to researchers, Dirty Pipe is very similar to Dirty Cow, which researchers used to gain root access on Android a few years ago. This vulnerability was widely used for malware, which again poses a risk with Dirt Pipe.