What is Dirty Pipe and why is Linux so concerned about patching it?
In general, Linux is a much more secure operating system than Windows, however, this does not mean that it is exempt from vulnerabilities that hackers can use against users.
It was recently known that there would be a new vulnerability in Linux that would be very serious. That is why the developers and the people who are in charge of security in this operating system would be looking for a way to patch it as quickly as possible.
Today we are going to tell you what this vulnerability is about and why it is so important to patch it as soon as possible.
What is Dirty Pipe?
If you are an old Linux user, surely this name seems familiar to you. In 2016, a similar vulnerability appeared, which was named Dirty Cow. This is a really dangerous vulnerability for users and servers.
This vulnerability would allow the writing of files without the need to be an administrator. To be more specific, this affects the "pipes" that are responsible for allowing a system process to send data to others.
This bug in the system causes it to be possible to overwrite files even if they are read - only. This is a serious problem, as anyone with access to a server could exploit this vulnerability and end up causing damage.
That is why the people in charge of Linux security try to patch it as soon as possible.
They've known each other for a month
As it has become known, this vulnerability is not exactly new, but has already been known for a month. In addition, this vulnerability affects different versions of the kernel. In fact, it affects versions from 5.8 onwards. It is important to mention that this version was released in August 2020.
As it has been known, for versions 5.10.102, 5.12.25 and 5.16.11, this would have already been patched. So it is a matter of time before the error is corrected in the rest of the kernel versions.
What to do to stay safe?
At first, nothing. You don't need to worry about this vulnerability as it is most dangerous on servers. In addition, the developers of the main distributions are already working on correcting this error.
Even if you have a kernel that hasn't been patched yet, this doesn't have to be a problem. You just have to make sure you keep your operating system up to date. This is enough to not have problems of any kind.
Also, for this vulnerability to be exploited, the attacker would have to have access to your computer. So, you have nothing to worry about as this is not a big problem for home users.