32.Lock Code Circular

A new Linux kernel exploitation called Dirty Cred was revealed at last week’s Black Hat security conference.

 

Zhenpeng Lin, a PhD student, and a team of researchers worked on an alternative approach to the infamous Dirty Pipe vulnerability that affected Linux kernel versions 8 and later.

Dity Pipe is a major flaw that allows attackers to elevate least-privileged accounts to the maximum level (root) by exploiting the way the kernel uses pipes to pass data. Attackers can use it to modify system files and inject arbitrary code that gets executed as root on vulnerable machines.