CVE-2022-0847-DirtyPipe-Exploit icon indicating copy to clipboard operation
CVE-2022-0847-DirtyPipe-Exploit copied to clipboard

Published 20 hours ago verified publisher icon Arinerron

Does not work on Redhat 7.

Open hackdefendr opened this issue 3 years ago • 3 comments

Tested on a vanilla VM and a configured image, both running Redhat 7. Authentication fails for both, so the exploit does not work.

Note: Any claims that CrowdStrike allows this exploit are 100% false.

hackdefendr avatar Mar 08 '22 21:03 hackdefendr

Can you send the output of uname -a and head -n1 /etc/passwd after running the exploit please?

Arinerron avatar Mar 09 '22 06:03 Arinerron

I'm thinking that because RHEL 7 still runs a v3 Kernel is why this is not working.

$ ./exploit

Backing up /etc/passwd to /tmp/passwd.bak ...
Setting root password to "aaron"...
Password: su: Authentication failure

$ uname -a Linux 3.10.0-1160.53.1.el7.x86_64 #1 SMP Thu Dec 16 10:19:28 UTC 2021 x86_64 x86_64 x86_64 GNU/Linux

$ head -n1 /etc/passwd root:x:0:0:root:/root:/bin/bash

hackdefendr avatar Mar 09 '22 15:03 hackdefendr

Yes, your kernel version is not vulnerable. The vulnerability affects kernel releases from 5.8 onwards.

rewks avatar Mar 09 '22 16:03 rewks