If you run Linux in your organization, patch your servers immediately. A Linux vulnerability that affects all kernels since 5.8 August 2020, has been disclosed by security researcher Max Kellerman. The exploit is known as “Dirty Pipe”, it allows non-privileged users the ability to overwrite data of read-only files, which can lead to privilege escalation.
The vulnerability was patched in Linux kernel versions 5.16.11, 5.15.25, and 5.10.102. Check with your Linux distro to see if a kernel version is available that contains the fix and if so, implement as soon as possible.
We did a simple test in our lab environment, and we had an unprivileged user gain root access in less than 15 seconds.
Just to show how ridiculously simple this is and why you need to patch now, here is a screenshot showing the commands we ran and the root privilege we obtained. Note that this was with a fully patched Ubuntu server:
Here is a great page by Max Kellermann explaining the bug: https://dirtypipe.cm4all.com/
If you need any help patching your Linux servers, please reach out to us. We have the expertise and we can help: (877) 303-0480