DOI QR코드

DOI QR Code

A study on Dirty Pipe Linux vulnerability

  • Tanwar, Saurav (Division of Computer Science & Engineering, Sahmyook Univ.) ;
  • Kim, Hee Wan (Division of Computer Science & Engineering, Sahmyook Univ.)
  • Received : 2022.05.11
  • Accepted : 2022.05.17
  • Published : 2022.08.31

Abstract

In this study, we wanted to examine the new vulnerability 'Dirty Pipe' that is founded in Linux kernel. how it's exploited and what is the limitation, where it's existed, and overcome techniques and analysis of the Linux kernel package. The study of the method used the hmark[1] program to check the vulnerabilities. Hmark is a whitebox testing tool that helps to analyze the vulnerability based on static whitebox testing and automated verification. For this purpose of our study, we analyzed Linux kernel code that is downloaded from an open-source website. Then by analyzing the hmark tool results, we identified in which file of the kernel it exists, cvss level, statistically depicted vulnerabilities on graph which is easy to understand. Furthermore, we will talk about some software we can use to analyze a vulnerability and how hmark software works. In the case of the Dirty Pipe vulnerability in Linux allows non-privileged users to execute malicious code capable of a host of destructive actions including installing backdoors into the system, injecting code into scripts, altering binaries used by elevated programs, and creating unauthorized user profiles. This bug is being tracked as CVE-2022-0847 and has been termed "Dirty Pipe"[2] since it bears a close resemblance to Dirty Cow[3], and easily exploitable Linux vulnerability from 2016 which granted a bad actor an identical level of privileges and powers.

Keywords

References

  1. Internet of Things simplified, https://iotcube.net/
  2. References to Advisories, Solutions, and Tools, https://nvd.nist.gov/vuln/detail/CVE-2022-0847
  3. Dirty Cow, https://www.cs.toronto.edu/~arnold/427/18s/427_18S/indepth/dirty-cow/index.html
  4. How To fix the Dirty Pipe Vulnerability in Linux Kernel - CVE-2022-0847, https://thesecmaster.com/how-to-fix-the-dirty-pipe-vulnerability-in-linux-kernel-cve-2022-0847/
  5. How To Mitigate CVE-2022-0847 (The Dirty Pipe Vulnerability), https://www.ivanti.com/blog/how-to-mitigate-cve-2022-0847-the-dirty-pipe-vulnerability
  6. Secure Software Supply Chain Management, https://iotcube.net/userguide/manual/hmark