Linux has yet another high-severity vulnerability known as Dirty Pipe that was disclosed on March 7, 2022. Dirty Pipe allows an attacker to overwrite arbitrary data in read-only files and can lead to privilege escalation via the injection of code into root processes. Tracked as CVE-2022-0847, the vulnerability affects all Linux machines running Linux Kernel 5.8 and later versions.
Security is in our DNA. We take risk and vulnerability in open-source software very seriously. If you have additional questions related to Dirty Pipe, please do not hesitate to contact us.