Download page ISN 2022-04: Dirty Pipe Escalation of Privilege.
ISN 2022-04: Dirty Pipe Escalation of Privilege
First published 10th March 2022
CVSS 3.1 Base Score: 8.4 (High)
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
A vulnerability in the Linux kernel, nicknamed "Dirty Pipe", affects the following IGEL products:
IGEL OS 11
Details
Dirty Pipe (CVE-2022-0847) is a vulnerability that has been found in Linux kernels since version 5.8. It enables an unprivileged local user to write to files that should be writeable for root only. By adding commands to root’s cron jobs or adding lines to the /etc/passwd file, for example, the attacker could escalate privilege and become root on the system.
Update Instructions
IGEL OS 11: Update to IGEL OS 11.07.100.
Mitigation
This issue can be mitigated by not giving users access to a terminal/virtual console on IGEL OS, which they could use to configure and run the exploit code:
Remove an existing local terminal session:
In IGEL Setup, go to Accessories > Terminals.
Select a local terminal session you want to delete.
Click the trash icon to remove the selected session.
When prompted, confirm that you want to delete the session.
Click Apply.
Or password-protect the local terminal with the Administrator password:
Find the local terminal session under Accessories > Terminals.