all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Dirty Pipe Container Escape PoC

Add to bookmarks
March 25, 2022, midnight |

Datadog Security Labs securitylabs.datadoghq.com

The Dirty Pipe vulnerability is a flaw in the Linux kernel that allows an unprivileged process to write to any file it can read, even if it does not have write permissions on this file. This primitive allows for privilege escalation, for instance by overwriting the /etc/passwd file with a new admin user.




Exploiting Dirty Pipe to add a privileged user to the system by writing to the /etc/passwd file

This vulnerability could be used for breaking out from unprivileged …

container container escape dirty pipe escape poc

Visit resource

More from securitylabs.datadoghq.com / Datadog Security Labs

Amplified exposure: How AWS flaws made Amplify IAM roles vulnerable to takeover 2 weeks, 3 days ago | securitylabs.datadoghq.com
amplify aws disclosure exposed +11
The XZ Utils backdoor (CVE-2024-3094): Everything you need to know, and more 4 weeks, 1 day ago | securitylabs.datadoghq.com
ages backdoor backdoors cve +9
A threat-informed roadmap for securing Kubernetes clusters (KubeCon EU 2024) 1 month, 1 week ago | securitylabs.datadoghq.com
attacks clusters controls kubecon +8
Tales from the cloud trenches: Using malicious AWS activity to spot phishing campaigns 1 month, 2 weeks ago | securitylabs.datadoghq.com
aws campaign campaigns cloud +5
Kubernetes security fundamentals: Authentication 2 months, 2 weeks ago | securitylabs.datadoghq.com
authentication fundamentals kubernetes kubernetes security +1
An analysis of a TeamTNT doppelgänger 3 months ago | securitylabs.datadoghq.com
analysis api api endpoints backdoors +7
Tales from the cloud trenches: Amazon ECS is the new EC2 for crypto mining 3 months, 1 week ago | securitylabs.datadoghq.com
amazon amazon ecs attacks aws +11
From IRC to Instant Messaging: The Rise of Malware Communication via Chat Platforms 3 months, 3 weeks ago | securitylabs.datadoghq.com
chat communication datadog instant messaging +9
Highlights from Datadog Security Labs in 2023 3 months, 4 weeks ago | securitylabs.datadoghq.com
datadog labs security

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

Social Engineer For Reverse Engineering Exploit Study

@ Independent study | Remote
View on infosec-jobs.com

Security Engineer II- Full stack Java with React

@ JPMorgan Chase & Co. | Hyderabad, Telangana, India
View on infosec-jobs.com

Cybersecurity SecOps

@ GFT Technologies | Mexico City, MX, 11850
View on infosec-jobs.com

Senior Information Security Advisor

@ Sun Life | Sun Life Toronto One York
View on infosec-jobs.com

Contract Special Security Officer (CSSO) - Top Secret Clearance

@ SpaceX | Hawthorne, CA
View on infosec-jobs.com

Early Career Cyber Security Operations Center (SOC) Analyst

@ State Street | Quincy, Massachusetts
View on infosec-jobs.com
View more jobs