• A Summary of Census II: Open Source Software Application Libraries the World Depends On

  It has been estimated that Free and Open Source Software (FOSS) constitutes 70-90% of any given piece of modern software solutions. FOSS is an increasingly vital resource in nearly all industries, public and private sectors, among tech and non-tech companies alike. Therefore, ensuring the health and security of FOSS is critical to the future of nearly all industries in the modern economy.

  In March of 2022, The Linux Foundation, in partnership with the Laboratory for Innovation Science at Harvard (LISH), released the final results of an ongoing study, “Census II of Free and Open Source Software – Application Libraries.” This follows the preliminary release, “Vulnerabilities in the Core,’ a Preliminary Report and Census II of Open Source Software” in February 2020 and now identifies more than one thousand of the most widely deployed open source application libraries found from scans of commercial and enterprise applications. This study informs what open source projects are commonly used in applications warrant proactive analysis of operations and security support.

• 'Dirty Pipe' Linux vulnerability discovered | ZDNet

  On Monday, a cybersecurity researcher released the details of a Linux vulnerability that allows an attacker to overwrite data in arbitrary read-only files.

• New Linux bug gives root on all major distros, exploit released [Ed: Microsoft booster Lawrence Abrams makes it sound a lot more severe than it actually is]

  A new Linux vulnerability known as 'Dirty Pipe' allows local users to gain root privileges through publicly available exploits.

• 'Dirty Pipe' Linux vulnerability allows an attacker to overwrite data - SiliconANGLE

  A newly revealed vulnerability in the Linux kernel allows an attacker to overwrite data in arbitrary read-only files.

  Detailed today by security researchers Max Kellermann and dubbed “Dirty Pipe,” the vulnerability leads to privilege escalation, since unprivileged processes can inject code into root processes. The vulnerability, officially named CVE-2022-0847, affects Linux Kernel 5.8 and later versions, even on Android devices, but has been fixed in Linux versions 5.16.11, 5.15.25 and 5.10.102.

  Kellermann explains that he found the vulnerability after receiving a support ticket about corrupt files a year ago. The customer complained that the access logs downloaded could not be decompressed. Kellermann confirmed the issue, fixed the issue manually and then closed the ticket, but the issue then occurred again and again.

• Serious 'Dirty Pipe' Bug Patched in Linux Kernel | Decipher

  A newly disclosed vulnerability in the Linux kernel could allow an attacker to write any data into an arbitrary file and gain elevated privileges. The bug affects the major Linux distributions going back to version 5.8 and Android, but a fix was included in the latest Linux kernel and Android releases in late February.
  Many vulnerabilities are discovered by researchers who are digging into a particular app or code base, looking for potential issues. But this flaw (CVE-2022-0847) has an unusual origin story. It began in February 2021 when Max Kellermann received a support ticket from a customer of IONOS, the hosting provider where he works. The customer was having an issue decompressing nightly log files, and Kellermann discovered a corrupt file on the log server. He found a cyclic redundancy check (CRC) error in the file, which he fixed and then moved on. The same issue happened several more times in the next couple of months, and Kellermann found each time that the contents of the file looked correct, save for the CRC error.

• Linux has been bitten by its most high-severity vulnerability in years | Ars Technica

  Linux has yet another high-severity vulnerability that makes it easy for untrusted users to execute code capable of carrying out a host of malicious actions including installing backdoors, creating unauthorized user accounts, and modifying scripts or binaries used by privileged services or apps.

• Linux distributions patch kernel privilege escalation flaw • The Register

  A Linux local privilege escalation flaw dubbed Dirty Pipe has been discovered and disclosed along with proof-of-concept exploit code.

  The flaw, CVE-2022-0847, was introduced in kernel version 5.8 and fixed in versions 5.16.11, 5.15.25 and 5.10.102.

  It can be exploited by a normal logged-in user or a rogue running program to gain root-level privileges; it can also be used by malicious apps to take over vulnerable Android devices. Max Kellermann said he found the programming blunder and reported it to the kernel security team in February, which issued patches within a few days. By now these should be filtering through to affected Linux distros.

  The bug can be abused to add or overwrite data in sensitive read-only files, such as removing the root password from /etc/passwd allowing anyone on the system to get superuser access, or temporarily altering a setuid binary to grant root privileges.

• This major Linux security vulnerability has been fixed, so patch now | TechRadar

  If you're running a Linux distro on your computer or use an Android smartphone, you should install the latest updates immediately as a severe security vulnerability has been found and patched in the Linux kernel.

  The vulnerability, tracked as CVE-2022-0847 and dubbed “Dirty Pipe”, was discovered by a software developer named Max Kellerman at the web hosting company IONOS earlier this year.

• Researchers Warn of Linux Kernel 'Dirty Pipe' Arbitrary File Overwrite Vulnerability

  Linux distributions are in the process of issuing patches to address a newly disclosed security vulnerability in the kernel that could allow an attacker to overwrite arbitrary data into any read-only files and allow for a complete takeover of affected systems.

  Dubbed "Dirty Pipe" (CVE-2022-0847, CVSS score: 7.8) by IONOS software developer Max Kellermann, the flaw "leads to privilege escalation because unprivileged processes can inject code into root processes."

  Kellerman said the bug was discovered after digging into a support issue raised by one of the customers of the cloud and hosting provider that concerned a case of a "surprising kind of corruption" affecting web server access logs.

• SUSE statement on "Dirty Pipe" attack | SUSE Communities

  On Monday, March 7th, security researcher Max Kellermann published a new software vulnerability that affect users of the Linux Kernel.
  The vulnerability, called Dirty Pipe (CVE-2022-0847) , impacts Linux Kernels 5.8 and later, and allows local attackers to overwrite files even if they had only read permissions, allowing for easy privilege escalation.

  The issue is triggered by a combination of two bugs, one bug in Linux Kernels 4.9 and newer and made exploitable by the second bug introduced in Linux Kernel 5.8.

Apparently, the vulnerability in the Linux kernel has been around since version 5.8, which was released in August 2020. It’s tracked as CVE-2022-0847. It allows overwriting data in arbitrary read-only files, which means attackers can escalate privileges, giving them access they shouldn’t have. Once privileges are escalated, they can do all sorts of things on a system.

Creating an SSH key is just one of many actions an attacker can take when exploiting the vulnerability. One can hijack a SUID binary to create a root shell, and another can allow untrusted users to overwrite data in read-only files. These are severe attacks that could do all sorts of damage to a system.

“It’s about as severe as it gets for a local kernel vulnerability,” Brad Spengler, president of Open Source Security, wrote in an email to Ars Technica. “Just like Dirty Cow, there’s essentially no way to mitigate it, and it involves core Linux kernel functionality.”

• Linux Has Been Bitten By Its Most High-Severity Vulnerability in Years [Ed: Slashdot promotes the most misleading story]

• Lilbits: Archiving Android apps, postmarketOS for the F(x)tec Pro1, and the Dirty Pipe Linux vulnerability - Liliputing

  A serious vulnerability has been found in recent builds of the Linux kernel, allowing any local user to gain root access on an unpatched device… which could include a number of Android phones running Linux kernel 5.8 or later.

• Easily exploitable Linux bug gives root access to attackers (CVE-2022-0847) [Ed: Well, attackers that already have full machine access]

  An easily exploitable vulnerability (CVE-2022-0847) in the Linux kernel can be used by local unprivileged users to gain root privileges on vulnerable systems by taking advantage of already public exploits.

  Discovered by security researcher Max Kellermann, the flaw – which he dubbed Dirty Pipe, due to its similarity to the Dirty Cow flaw – has already been patched in the Linux kernel and the Android kernel. Affected Linux distributions are in the process of pushing out security updates with the patch.

• Dirty Pipeline Is an Awful Linux Mess [Ed: Steven J. Vaughan-Nichols has just joined this Linux FUD fest]

  As I write this, there’s already a nasty exploit out there using the latest Linux kernel vulnerability, Dirty Pipeline, for any J. Random Luser to overwrite root’s password field in /etc/passwd. The experts at LWN.net called it a “disconcerting kernel vulnerability.” I call it a “shoot me now” security problem.

  But let’s not do that, shall we? Here’s the 411 on Dirty Pipeline, aka CVE-2022-0847. Web host sysadmin and programmer Max Kellermann found the security hole back in 2021, but he wasn’t at first sure what was going on. After a lot of blood, sweat, tears, and research Kellermann tracked down the problem to changes in the Linux kernel that became critical in Linux 5.8. With this update, Kellermann wrote, “it became possible to overwrite data in the page cache, simply by writing new data into the pipe prepared in a special way.”

• “Dirty Pipe” Linux kernel bug lets anyone write to any file

  Max Kellermann, a coder and security researcher for German content management software creators CM4all, has just published a fascinating report about a Linux kernel bug that was patched recently.

  He called the vulnerability Dirty Pipe, because it involves insecure interaction between a true Linux file (one that’s saved permanently on disk) and a Linux pipe, which is a memory-only data buffer that can be used like a file.

  Very greatly simplified, if you have a pipe that you are allowed to write to and a file that you aren’t…

  …then, sometimes, writing into the pipe’s memory buffer may inadvertently also modify the kernel’s temporary in-memory copies – the so-called cache pages – of various parts of the disk file.

• Bug in the Linux Kernel Allows Privilege Escalation, Container Escape | Threatpost

  A missing check allows unprivileged attackers to escape containers and execute arbitrary commands in the kernel.

  To go along with the “Dirty Pipe” Linux security bug coming to light, two researchers from Huawei – Yiqi Sun and Kevin Wang – have discovered a vulnerability in the “control groups” feature of the Linux kernel which allows attackers to escape containers, escalate privileges and execute arbitrary commands on a host machine.

  The bug (CVE-2022-0492) exists in the Linux kernel’s “cgroup_release_agent_write” feature, which is found in the “kernel/cgroup/cgroup-v1.c” function.

• Dirty Pipe: What you need to know about the major exploit affecting Pixel 6 and Galaxy S22 devices

  The security world has been abuzz this week about a new Linux exploit called “Dirty Pipe,” which also affects Android 12 devices like Galaxy S22 and Pixel 6. Here’s everything you need to know about “Dirty Pipe,” which devices it affects, and how best to avoid it.

• Linux Dirty Pipe kernel bug exposes Android to potential malware vector

  If Android were a car engine, and you popped the hood and poked around a bit, you'd find the label "Linux" etched on the engine block. The open-source operating system provides the starting point that Android's built on top of, but sharing code also means sharing vulnerabilities. Now a newly discovered Linux kernel bug is raising concerns for the security of Android devices, as it leaves a door open for malware intrusion.

• The Dirty Pipe Vulnerability

  This is the story of CVE-2022-0847, a vulnerability in the Linux kernel since 5.8 which allows overwriting data in arbitrary read-only files. This leads to privilege escalation because unprivileged processes can inject code into root processes.

  It is similar to CVE-2016-5195 “Dirty Cow” but is easier to exploit.

  The vulnerability was fixed in Linux 5.16.11, 5.15.25 and 5.10.102.

• Serious flaw in Linux kernel patched, exploits released

  esearcher Max Kellermann of Ionos, the parent company of CM4all, a website builder, said in a detailed advisory issued on Monday that he had found the vulnerability after starting an investigation into file corruption reported by a customer.

  The flaw was introduced in kernel version 5.8 and has been patched in all recent stable releases: 5.16.11, 5.15.25 and 5.10.102. The Android mobile operating system is also vulnerable to this bug.

• ‘Dirty Pipe’ Linux Vulnerability Allows Overwriting Data In Arbitrary Read-Only Files

  Security researchers detailed a Linux vulnerability allowing an attacker to overwrite data in arbitrary read-only files. The vulnerability, known as CVE-2022-0847 or “Dirty Pipe” leads to privilege escalation as unprivileged processes can inject code into root processes. According to security researcher Max Kellermann, it is similar to CVE-2016-5195 “Dirty Cow” but is easier to exploit. Dirty Pipe has been a vulnerability in Linux Kernel since 5.8 and has been fixed in Linux 5.16.11, 5.15.25 and 5.10.102.

• "Dirty Pipe" Is The Worst Linux Exploit In Years - Invidious

  There are some crazy Linux exploits and this is certainly Dirty Pipe is certainly high up there, this exploit is similiar to an earlier exploit called Dirty Cow and allows you to almost complete bypass system permissions.

• Cyber Security Today, March 9, 2022 – Warnings to Linux and HP device administrators, Samsung confirms data theft and more | IT World Canada News

  Linux administrators and developers are urged to update to the latest version of the kernel or their Linux distribution after the discovery of a major vulnerability. The problem is in Linux kernels going back to version 5.8. It allows an attacker to overwrite supposedly read-only files. That could lead to an escalation of data access privileges because an attacker could inject malware into root processes. The vulnerability has been disclosed to the Linux kernel security team and the Android security team. The bug has to be patched in Android.

• Dirty Pipe Privilege Escalation Vulnerability in Linux

  CISA is aware of a privilege escalation vulnerability in Linux kernel versions 5.8 and later known as “Dirty Pipe” (CVE-2022-0847). A local attacker could exploit this vulnerability to take control of an affected system.

• Dirty Pipe Makes Linux Privilege Escalation Easy

  A major Linux vulnerability dubbed “Dirty Pipe” could allow even the least privileged users to perform malicious actions.

  Researcher Max Kellermann of Ionos revealed the new vulnerability earlier this week. The name is reminiscent of the “Dirty Cow” vulnerability discovered in 2016 that allowed attackers to gain root access on any Android Phone regardless of the OS version, but Dirty Pipe could be even easier to exploit than its predecessor.

  Kellermann managed to exploit the Linux kernel bug, which allows any user, including the least privileged ones such as the “nobody” account, to perform malicious actions such as adding an SSH-key to the root user’s account to access the server remotely with full privileges.

• What Is the Dirty Pipe Exploit in Linux and How Can You Fix It?

  Linux has fallen prey to yet another highly-severe privilege escalation vulnerability in recent succession to the Control Groups loophole that allowed threat actors to escape containers and execute arbitrary code. This new vulnerability weaponizes the piping mechanism in Linux and uses it to gain write access with root privileges.

  It is raising eyebrows throughout the Linux community and has been named as a nominee for being one of the most serious threats discovered in Linux since 2016.

• Linux vulnerability allowed root-level access | SC Media

  A German coder and security researcher recently posted his findings related to a Linux kernel bug that could give root-level access to remote attackers.

  In a post, Max Kellerman called the bug in CVE-2022-0847 “Dirty Pipe,” which allowed overwriting data in arbitrary read-only files, which can lead to privilege escalation. The vulnerability was patched in 5.10.102, 5.15.25 and 5.16.11, but is still vulnerable in 5.8, 5.10, 5.15 and 5.16.

• Dirty Pipe root Linux vulnerability can also impact containers | CSO Online

  The dangerous Linux privilege escalation flaw dubbed Dirty Pipe that was recently disclosed could also impact applications and systems that use containerization through tools such as Docker, researchers warn. This follows a different privilege escalation vulnerability that was patched last week and could lead to container escapes.

• This Week in IT - Linux Gets Its Pipes Dirty

  This week in IT, all Linux distributions are affected by a serious security flaw, called Dirty Pipe, that can completely destroy systems. Google buys cybersecurity specialist Mandiant, swiping it from underneath Microsoft’s nose. Apple unveils its new all-powerful M1 Ultra chip. And Microsoft makes it easier for startups to participate in its Founders Hub program.

• Linux bug Dirty Pipe a 'serious vulnerability,' could affect Steam Decks [Ed: Shoveling up FUD to distract from Microsoft's back doors]

  A Linux kernel bug cataloged as CVE-2022-0847 – which is being referred to as Dirty Pipe due to its similarity to another exploit, Dirty Cow – was recently discovered, though it has reportedly been present in all kernels since version 5.8.

  The bug was reported to the Linux kernel security team by the individual who discovered it, Max Kellermann of CM4all parent company IONOS, back in February. A fix for the issue was provided by Kellermann three days after the bug was reported, and can be found here.

• Dirty Pipe: The Latest Serious Linux Kernel Vulnerability is Being Patched

  Recently, a very serious vulnerability found in the Linux kernel received the name of Dirty Pipe. It is basically, an escalation of privileges that is put into check the system.

• CVE-2022-0847: Arbitrary File Overwrite Vulnerability in Linux Kernel | MarketScreener

  On March 7, 2022, CM4all security researcher Max Kellermann published technical details on CVE-2022-0847, an arbitrary file overwrite vulnerability in versions 5.8+ of the Linux kernel. Nicknamed "Dirty Pipe," the vulnerability arises from incorrect Unix pipe handling, where unprivileged processes can corrupt read-only files. Successful exploitation allows local attackers to escalate privileges by modifying or overwriting typically inaccessible files - potentially including root passwords and SUID binaries.

• Week in review: Linux bug gives root access to attackers, UPS devices’ vulns, IoT security for OEMs [Ed: Still in some headlines]

• Linux Kernel Bug Called 'Dirty Pipe' Discovered, Emergency Patch Released

  The Dirty Pipe vulnerability allows attackers to overwrite data in read-only files and to privilege themselves with code injection.

  A new high-severity vulnerability for Linux known as ‘Dirty Pipe’ should be kept in mind by all users. It is similar to CVE-2016-5195 ‘Dirty Cow’ but is easier to exploit. Furthermore, due to the ease with which this vulnerability may be used to obtain root access, it will only be a matter of time before threat actors start exploiting it in their attacks.

• QNAP warns severe Linux bug affects most of its NAS devices

  Taiwanese hardware vendor QNAP warns most of its Network Attached Storage (NAS) devices are impacted by a high severity Linux vulnerability dubbed 'Dirty Pipe' that allows attackers with local access to gain root privileges.

  The 'Dirty Pipe' security bug affects Linux Kernel 5.8 and later versions, even on Android devices. If successfully exploited, it allows non-privileged users to inject and overwrite data in read-only files, including SUID processes that run as root.

• 'Dirty Pipe' Linux Flaw Affects a Wide Range of QNAP NAS Devices

  Network-attached storage (NAS) appliance maker QNAP on Monday warned of a recently disclosed Linux vulnerability affecting its devices that could be abused to elevate privileges and gain control of affected systems.

• ‘Dirty Pipe’ security patched kernels available

  All users that use any 5.10 kernel are strongly advised to upgrade to the latest version – 5.10.104 – in the antiX repos. This applies to 64 bit and 32 bit pae and non-pae kernels for antiX-17, antiX-19, antiX-21 and testing/sid users.

• Dirty Pipe: What you need to know about the major exploit affecting Pixel 6 and Galaxy S22 devices [Updated] [Ed: Microsoft friendly media finding new excuses to recycle last week's panic]

• Dirty Pipe Exploit Rings Alarm Bells in the Linux Community

• Dirty Pipe Flaw in Linux Kernel Lets Hackers Overwrite Root Files, Escalate Privileges

• LINUX HAS BEEN SMOKED BY A DIRTY PIPE

• Android Smartphone Users, Watch Out for This New Security Risk Called ‘Dirty Pipe’

• QNAP Issues Warning Over Dirty Pipe Linux Exploit

• JFrog : DirtyPipe (CVE-2022-0847) – the new DirtyCoW?

• Dirty Pipe vulnerability: Is your Chromebook affected?

• ‘Dirty Pipe’ vulnerability can leave your Galaxy S22 open to hacker attacks

• Linux has a big hole

• ANDROID 12 FLAW ALLOWS HACKING SOME SMARTPHONES INCLUDING GALAXY S22

• Android smartphones affected by vulnerability in Linux

• Expert Reacted On ‘Dirty Pipe’ Linux Vulnerability

• Dirty Pipe Vulnerability: Everything You Should be Knowing

• PSA: Dirty Pipe, the Linux kernel root vulnerability, can be abused on the Samsung Galaxy S22 and Google Pixel 6 Pro

• Pixel 6 Pro and Galaxy S22 fully owned in Dirty Pipe exploit demo

• Nasty Linux netfilter firewall security hole found

• Most QNAP NAS Devices Affected by ‘Dirty Pipe’ Linux Flaw

• QNAP NAS devices vulnerable to dangerous 'DirtyPipe' Linux bug

• NAS Vendor Says Several of Its Products Likely Contain Linux 'Dirty Pipe' Flaw

• New Linux bug elevated privileges and arbitrary code execution [Ed: Why is this scare back so suddenly?]

  In April 2021, a bug in the Linux kernel was discovered by Max Kellermann, who later published his findings. However, like most discovered bugs, it is only months after its discovery that it is announced to the world, giving security experts time to update systems and introduce fixes. The new bug, called CVE-2022-0847, has now been fixed and is only an issue for systems using Linux kernel versions between 5.8 and has now been fixed in 5.16.11, 5.15.25, and 5.10102.