Indeni’s response to Dirty Pipe Exploit
Notice: This blog post was originally published on Indeni before its acquisition by BlueCat.
The content reflects the expertise and perspectives of the Indeni team at the time of writing. While some references may be outdated, the insights remain valuable. For the latest updates and solutions, explore the rest of our blog
Linux has yet another high-severity vulnerability known as Dirty Pipe that was disclosed on March 7, 2022. Dirty Pipe allows an attacker to overwrite arbitrary data in read-only files and can lead to privilege escalation via the injection of code into root processes. Tracked as CVE-2022-0847, the vulnerability affects all Linux machines running Linux Kernel 5.8 and later versions.
Indeni is aware of this issue. The Indeni product is running the ‘enterprise grade’ Ubuntu release 18.04 LTS (Long Term Support), 4.15 kernel which is not vulnerable to CVE-2022-0847.
Security is in our DNA. We take risk and vulnerability in open-source software very seriously. If you have additional questions related to Dirty Pipe, please do not hesitate to contact us.
Ulrica de Fort-Menares is the Vice President of Product Management for Infrastructure Assurance.
Related content
Unlock DNS Redundancy with BlueCat Micetro’s xDNS
Discover how BlueCat Micetro’s xDNS Redundancy simplifies hybrid cloud DNS management, providing seamless redundancy, robust protection against DNS…
Three technical reasons to let go of legacy tools and unify your DDI
Learn with BlueCat how security by design, cloud integration, and API programmability offer three technical reasons to adopt Unified DDI.
Combine BlueCat Integrity with LiveAction network observability for total awareness
Shift to proactive, intelligent network operations when you combine a DDI foundation with network performance monitoring solutions.
Micetro simplifies hybrid cloud DNS and IP address management
Learn how Micetro can help you simplify and streamline DNS and IP address management across hybrid and multicloud environments.