"Dirty Pipe" Linux vulnerability

Etorix

Etorix

Wizard
Joined
Dec 30, 2020
Messages
2,134
A critical vulnerability has been found in Linux kernels from 5.8 to 5.16.11/5.15.25/5.10.102.

arstechnica.com

Linux has been bitten by its most high-severity vulnerability in years

Dirty Pipe has the potential to smudge people using Linux and Linux derivitives.
arstechnica.com arstechnica.com

As of TrueNAS SCALE 2.02.2, the console reports "5.10.93+truenas", so I guess SCALE is an affected "Linux derivative". Correct?
 
Kris Moore

Kris Moore

SVP of Engineering
Administrator
Moderator
iXsystems
Joined
Nov 12, 2015
Messages
1,471
Yes, we'll be looking at scheduling a fix here in the near future. However this exploit does require the user already have local shell access, not a remote exploit that I can see. So be sure to secure your SSH sessions to only trusted users in the meantime.
 
E

elvisimprsntr

Guru
Joined
Jun 2, 2019
Messages
591
Latest nightly is running newer kernel.


TrueNAS-SCALE-22.12-MASTER-20220310-132924
Click to expand...

Code:
root@NAS-3[~]# uname -a
Linux NAS-3 5.10.103+truenas #1 SMP Tue Mar 8 20:31:49 UTC 2022 x86_64 GNU/Linux
 
You must log in or register to reply here.

Similar threads

H
Is Scale Affected by Dirty Pipe Exploit?
Replies
4
Views
1K
elvisimprsntr
E
G
How to make GPU allocatable
2
Replies
33
Views
17K
odoyle
odoyle
J
vulnerability scanning tool and interpretation/impact of results
Replies
1
Views
752
Patrick M. Hausen
Patrick M. Hausen
JoshDW19
Blog First Official RELEASE of TrueNAS on Linux!
Replies
0
Views
4K
JoshDW19
JoshDW19
5
TrueNAS-SCALE-22.02.4 iSCSI w/ vSphere 7 hosts fail to create VMFS/path issues
Replies
6
Views
3K
Jaehoon Choi
J
Top