Comprehensive up-to-date news coverage

HomeNewsScience and Space8-Year-Old 'As Nasty as Dirty Pipe' Linux Kernel Vulnerability Revealed

8-Year-Old ‘As Nasty as Dirty Pipe’ Linux Kernel Vulnerability Revealed

Published on

Follow us on Google News for latest updates and information.

In Science and Space: Researchers have discovered information about an eight-year-old security flaw in the Linux kernel that they describe as “as terrible as Dirty Pipe.”

Researchers Zhenpeng Lin, Yuhang Wu, and Xinyu Xing highlighted that “DirtyCred is a kernel exploitation concept that replaces unprivileged kernel credentials with privileged ones to increase privilege.” In order to gain privileges, DirtyCred takes advantage of the heap memory reuse mechanism rather than overwriting any crucial data fields on the kernel heap.

The security bug, dubbed DirtyCred by a group of Northwestern University academics, takes use of a vulnerability that was previously undiscovered (CVE-2022-2588) to elevate privileges to the highest level.

This entails three steps –

A security flaw in the pipe subsystem known as “Dirty Pipe,” which affects Linux kernel versions starting at 5.8 and is tagged as CVE-2022-0847 (CVSS score: 7.8), enables processes with low privileges to write to any readable file, escalating their privileges.

Because of its resemblance to the 2016 Dirty Cow weakness, the exploitable vulnerability was given that name. The researchers advise separating privileged credentials from unprivileged ones using virtual memory to prevent cross-cache attacks because objects are isolated based on their nature rather than their rights.

See also  Trump may have inadvertently admitted to stealing documents

Latest articles

The Charlottesville-Albemarle Black Business Expo offers exposure and educational opportunities to black entrepreneurs

News Tech: The Charlottesville-Albemarle Black Business Expo promotes the growth of locally owned...

The finance vice president candidates discuss communication and openness in the second debate

In Science and Space: The candidates for vice president in the finance debate...

Nigel Clarke, Jamaica’s finance minister, wants to make the country a center for growth and development

News Tech: According to Dr. Nigel Clarke, Minister of Finance and Public Service,...

Turn off Search Suggestions in Google Chrome

Hello everyone, in this article we will show you how Turn off Google Chrome...

More like this

The Charlottesville-Albemarle Black Business Expo offers exposure and educational opportunities to black entrepreneurs

News Tech: The Charlottesville-Albemarle Black Business Expo promotes the growth of locally owned...

The finance vice president candidates discuss communication and openness in the second debate

In Science and Space: The candidates for vice president in the finance debate...

Nigel Clarke, Jamaica’s finance minister, wants to make the country a center for growth and development

News Tech: According to Dr. Nigel Clarke, Minister of Finance and Public Service,...

Turn off Search Suggestions in Google Chrome

Hello everyone, in this article we will show you how Turn off Google Chrome...

Shares of TPG RE Finance Trust ( NYSE:TRTX ) fell 8.9% last week as a three-year decline in earnings and shareholder returns continued.

News Tech: The primary goal of stock selection for many investors is to...

Edit text messages in iOS 16 Messages

Hello everyone, in this article we will show you how Edit text messages in...