Open source security concern: Linux escalation issue “Dirty Pipe”


 

As many of you know, we have been covering more security issues here in OpenChain in recent times. This is largely due to demand by our audience. During our last security webinar it was flagged that the current global environment may lead to an increase in the number and intensive of vulnerabilities discovered.

An issue has been found in the Linux kernel (and therefore many Android devices as well as servers) that allows escalation to root. This allows full control over devices. It is regarded as one of the most severe security issues around the kernel in the last half decade or so. It may be worth talking to your security teams to see how they are solving in, and with your supply chain teams to see how they are ensuring suppliers are doing the same.

Issue tag: CVE-2022-0847

Linux has been bitten by its most high-severity vulnerability in years:

https://arstechnica.com/information-technology/2022/03/linux-has-been-bitten-by-its-most-high-severity-vulnerability-in-years/


Shane Coughlan
OpenChain General Manager
+818040358083
Book a meeting:
https://meetings.hubspot.com/scoughlan