Security researcher Max Kellermann from CM4all recently discovered a new Linux (CVE-2022-0847) vulnerability while tracking down access logs for broken web servers for clients.
CVE-2022-0847 affects Linux kernel 5.8 and later, and even Linux versions on Android devices. It allows unprivileged users to inject or rewrite data in read-only files, resulting in privilege escalation and ultimately root privileges.
The principle of CVE-2022-0847 is similar to CVE-2016-5195 Dirty Cow, which was fixed in 2016, but it is easier to exploit.
The vulnerability author named the vulnerability "Dirty Pipe", the vulnerability has a CVSS score of 7.8, and the hazard level is high.
At present, the PoC/EXP of this vulnerability has been released.
As required by the Android system, a large number of newly released Android 12 phones are using Linux kernel 5.8 and later, so these devices will be affected, including those with Snapdragon 8 Gen 1, Dimensity 8000 series, Dimensity 9000, Exynos 2200 and Google Tensor devices, etc.
Although the vulnerability has been fixed in Linux kernels 5.16.11, 5.15.25 and 5.10.102, a large number of Linux servers are currently not upgraded and are still using the affected kernel version.
It's worth noting that while this vulnerability is slightly more cumbersome to exploit than the Dirty Cow vulnerability, it's only a matter of time before malicious actors can exploit it.
Therefore, researchers recommend that users check the kernel version of the Linux server they are using, and if the version is above 5.8, please upgrade as soon as possible!
Reference link: https://dirtypipe.cm4all.com/
**粗体** _斜体_ [链接](http://example.com) `代码` - 列表 > 引用。你还可以使用@来通知其他用户。