A new privilege escalation vulnerability in the Linux kernel (CVE-2022-0847, dubbed “Dirty Pipe”) can be easily exploited by local unprivileged users on unpatched systems to run as root. This ubiquitous vulnerability was disclosed along with a POC exploit, and others are now available.
This brief Security Flash video with Casey Ellis (Founder, Chairman, and CTO of Bugcrowd) and Adam Foster (Application Security Engineer at Bugcrowd) dives deep on the subject, answering questions such as:
Every minute that goes by, your unknown vulnerabilities leave you more exposed to cyber attacks.