The "dirty pipe" vulnerability

by
corbet
from LWN.net on (#5WV43)
Max Kellermann has disclosed a disconcerting kernel vulnerability:

Two weeks ago, I found a vulnerability in the Linux kernel sinceversion 5.8 commit f6dd975583bd ("pipe: merge anon_pipe_buf*_ops") dueto uninitialized variables. It enables anybody to write arbitrarydata to arbitrary files, even if the file is O_RDONLY, immutable or ona MS_RDONLY filesystem. It can be used to inject code into arbitraryprocesses.

This vulnerability has been named "dirty pipe"; Kellermann has put up a web page describing it indetail. Updates from distributors are already being released.

External Content
Source RSS or Atom Feed
Feed Location http://lwn.net/headlines/rss
Feed Title LWN.net
Feed Link https://lwn.net/
Reply 0 comments