Indeni’s response to Dirty Pipe Exploit
Notice: This blog post was originally published on Indeni before its acquisition by BlueCat.
The content reflects the expertise and perspectives of the Indeni team at the time of writing. While some references may be outdated, the insights remain valuable. For the latest updates and solutions, explore the rest of our blog
Linux has yet another high-severity vulnerability known as Dirty Pipe that was disclosed on March 7, 2022. Dirty Pipe allows an attacker to overwrite arbitrary data in read-only files and can lead to privilege escalation via the injection of code into root processes. Tracked as CVE-2022-0847, the vulnerability affects all Linux machines running Linux Kernel 5.8 and later versions.
Indeni is aware of this issue. The Indeni product is running the ‘enterprise grade’ Ubuntu release 18.04 LTS (Long Term Support), 4.15 kernel which is not vulnerable to CVE-2022-0847.
Security is in our DNA. We take risk and vulnerability in open-source software very seriously. If you have additional questions related to Dirty Pipe, please do not hesitate to contact us.
Ulrica de Fort-Menares is the Vice President of Product Management for Infrastructure Assurance.
Related content
How to choose a protective DNS solution for your network
Learn how to choose the protective DNS solution that’s right for your network, including capabilities and integrations—without vendor hype.
Route traffic intelligently with DNS-based GSLB for BlueCat Edge
Discover how DNS-based GSLB with BlueCat Edge empowers networking teams to control traffic steering, reduce costs, and improve resilience.
Exciting product update: Introducing BlueCat Integrity X
Introducing BlueCat Integrity X, a single platform for complete visibility and control over critical network services.
What is protective DNS (PDNS) and why is PDNS important?
Discover what protective DNS is, how it prevents threats like phishing and malware, and why it’s essential for enterprise network security.