Mon 07 Mar 2022

The Dirty Pipe Vulnerability

This is the story of CVE-2022-0847, a vulnerability in the Linux kernel since 5.8 which allows overwriting data in arbitrary read-only files. This leads to privilege escalation because unprivileged processes can inject code into root processes.

Source: The Dirty Pipe Vulnerability, an article by Max Kellermann.