Dirty Pipe flaw also attacks containers

The dangerous Linux privilege escalation flaw dubbed Dirty Pipe that was recently exposed could also impact applications and systems that use containerization through tools such as Docker, researchers have warned. This follows another similar fix last week that may also put containers at risk. Dirty Pipe “could grant an attacker the ability to effectively modify containers that run on a shared image, or compromise an image on a host so that new containers receive modified files,” said the company’s researcher Rory McCune. Aqua Security cloud security software in a blog post.

The origin of Dirty Pipe

The Dirty Pipe vulnerability, identified as CVE-2022-0847, is located in the messaging pipeline or Linux kernel channel. It is an inter-process communication mechanism by which one of them can send data to another. One of these can then open a pipe and write data to it, which the kernel will store in a buffer, then wait for a different process to read it from there.

Max Kellermann, a developer at a software company called CM4all, discovered the flaw while investigating reports of file corruption from users of an HTTP server he developed. After eliminating all possible cases in his own software, the investigation led him to the Linux kernel where he found a commit included in kernel version 5.8 that unintentionally changed the behavior of the inter-process communication channel mechanism .

It turns out that this problem can be exploited in a controlled way to inject arbitrary data and write or modify files that shouldn’t be accessible to the user opening the channel, such as read-only files. “When I realized what the real problem was, I was able to discover more: it is possible to overwrite the page cache even in the absence of writes, without time constraints and with positions of (almost) arbitrary data,” Max Kellermann said in a note. The latter published an exploit PoC on how a read-only file can be overwritten by this bug, which has a similar impact to another vulnerability discovered in 2016 in the Linux copy-on-write mechanism and dubbed Dirty COW. Other researchers took the exploit further and demonstrated how it can easily be used to modify protected files and gain root rights, the highest privilege on Linux systems.

The flaw affects all Linux-based systems that use a kernel version newer than 5.8, including Android. All distros and Google have released patches, which should be installed ASAP. The vulnerability is rated as high severity, but can be particularly dangerous on systems such as shared web hosting servers where many customers have low-privilege accounts and shell access.

Containers already under pressure

Linux containers are powerful and allow applications to be isolated from the host system without using hypervisor-based virtualization. One of the main features of these container systems is the use of a read-only base image (file system) to spin up multiple containers which then use layered file systems to store all changes to those special containers. The original image that is the basis of all containers must remain intact.

According to Rory McCune, the Dirty Pipe exploit gives attackers the ability to violate this integrity by making changes to the base image from inside a container. This will impact all other containers started from the same image. “This exploit can also affect existing containers,” says the Aqua Security researcher. “For example, if you had a host with 10 nginx containers using a shared image, and the attacker modifies the nginx.conf file in one, it will instantly modify the files in the others as well, as long as they are still using the file from the underlying image”. Additionally, container systems allow file system volumes to be mounted from the host system as read-only. By exploiting Dirty Pipe, attackers with access to a container would have the ability to modify the data of these read-only mounts.

Another privilege vulnerability patched last week, identified as CVE-2022-0492, affects control groups (cgroups), a fundamental building block of containers. Exploitation of this vulnerability may lead to a container leak on systems that do not use additional security hardening such as AppArmor, SELinux, or Seccomp. “While Docker will enable AppArmor and seccomp by default, Kubernetes has disabled the seccomp profile by default,” Rory McCune pointed out in a separate analysis. “So for Kubernetes, this needs to be re-enabled in each workload or at the cluster level using mutant admission controllers like OPA Gatekeeper or Kyverno.”