CISA adds 7 vulnerabilities to Known Exploited Vulnerabilities Catalog (to include Dirty Pipe Linux kernel vulnerability)

The Cybersecurity and Infrastructure Security Agency (CISA) has added seven vulnerabilities to its Known Exploited Vulnerabilities Catalog, to include Dirty Pipe vulnerability and a Windows zero-day patched earlier this month.

Dirty Pipe

CISA added a High severity privilege escalation vulnerability dubbed “Dirty Pipe” in Linux kernel to the Catalog. Researcher Max Kellermann discovered the Dirty Pipe vulnerability CVE-2022-0847 and said the vulnerability had existed in the Linux kernel since version 5.8.

Kellerman wrote in a blog post the vulnerability “allows overwriting data in arbitrary read-only files” and can “lead to privilege escalation because unprivileged processes can inject code into root processes.”

In April 29, 2021, Kellerman first filed a support ticket about file corruption. However, it was not until February 19, 2022 when the file corruption issue was identified as an exploitable Linux kernel vulnerability.

Other vulnerabilities

One of the other Catalog additions include a Critical vulnerability CVE-2022-29464 in WSO2 products that could allow unrestricted file upload and lead to remote code execution.

Another newly added Microsoft Windows User Profile Service Elevation of Privilege (EoP) vulnerability CVE-2022-26904 was one of two zero-days Microsoft patched earlier this month.

CISA also added another Microsoft EoP vulnerability CVE-2022-21919 that was patched in January 2022.

A full list of the most recently added exploited vulnerabilities as of April 15, 2022:

CVEVulnerability Name
CVE-2022-29464WSO2 Multiple Products Unrestrictive Upload of File Vulnerability
CVE-2022-26904Microsoft Windows User Profile Service Privilege Escalation Vulnerability
CVE-2022-21919Microsoft Windows User Profile Service Privilege Escalation Vulnerability
CVE-2022-0847Linux Kernel Privilege Escalation Vulnerability
CVE-2021-41357Microsoft Win32k Privilege Escalation Vulnerability
CVE-2021-40450Microsoft Win32k Privilege Escalation Vulnerability
CVE-2019-1003029Jenkins Script Security Plugin Sandbox Bypass Vulnerability

Related Articles