Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!


"As Nasty as Dirty Pipe" — 8 Year Old Linux Kernel Vulnerability Uncovered
New on LowEndTalk? Please Register and read our Community Rules.

All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.

"As Nasty as Dirty Pipe" — 8 Year Old Linux Kernel Vulnerability Uncovered

Tony40Tony40 Member

Details of an eight-year-old security vulnerability in the Linux kernel have emerged that the researchers say is "as nasty as Dirty Pipe."

Dubbed DirtyCred by a group of academics from Northwestern University, the security weakness exploits a previously unknown flaw (CVE-2022-2588) to escalate privileges to the maximum level.

"DirtyCred is a kernel exploitation concept that swaps unprivileged kernel credentials with privileged ones to .... https://thehackernews.com/2022/08/as-nasty-as-dirty-pipe-8-year-old-linux.html

Comments

  • LeviLevi Member

    So, is this strong reference to anal 5ex really can be exploited remotely? Because description is so dubious that it is almost not possible to understand.

    "DirtyCred is a kernel exploitation concept that swaps unprivileged kernel credentials with privileged ones to escalate privilege," researchers Zhenpeng Lin, Yuhang Wu, and Xinyu Xing noted. "Instead of overwriting any critical data fields on kernel heap, DirtyCred abuses the heap memory reuse mechanism to get privileged."

  • ErisaErisa Member
    edited August 2022

    @LTniger said:
    So, is this strong reference to anal 5ex really can be exploited remotely? Because description is so dubious that it is almost not possible to understand.

    "DirtyCred is a kernel exploitation concept that swaps unprivileged kernel credentials with privileged ones to escalate privilege," researchers Zhenpeng Lin, Yuhang Wu, and Xinyu Xing noted. "Instead of overwriting any critical data fields on kernel heap, DirtyCred abuses the heap memory reuse mechanism to get privileged."

    Looks like its worst case scenario is privilege escalation and container escape, I don't see anything hinting about it being remotely exploitable. The attacker needs to be able to run unprivileged commands on your machine and then can use this to escalate those privileges to root, escaping containers if necessary.

  • I mean, still potentially nasty if someone can compromise an unprivileged account remotely first using some other attack.

    Thanked by 1Erisa
  • Criminals should switch from the super obvious criminal mask to the penguin mask. That's just common sense.

  • jarjar Patron Provider, Top Host, Veteran

    @LTniger said: this strong reference to anal 5ex

    So yous ever uhh... take the dirt road home?

    Thanked by 1netomx
Sign In or Register to comment.