CVE Series: Dirty Pipe (CVE-2022-0847)

Course Description

Our Dirty Pipe (CVE-2022-0847) course is designed for defensive and offensive security professionals. Seasoned penetration testers, red teamers, security and vulnerability analysts, and system administrators will learn how to protect against this critical vulnerability and exploit it in their testing activities. You will need a functional understanding of Linux OS and the command line to practice techniques for exploiting the Dirty Pipe vulnerability with publicly available exploit code.

The Dirty Pipe vulnerability was publicly disclosed on March 7th, 2022, when a log file corruption problem was identified as a Linux kernel bug. Any Linux kernel since 5.8 is vulnerable to the Dirty Pipe attack, including Android mobile devices. As a result, the Dirty Pipe vulnerability has earned a high CVSS score of 7.8.

Following in the footsteps of other privilege escalation vulnerabilities like the Polkit, and local kernel flaws like Dirty Cow, this newly disclosed Dirty Pipe attack is dangerous and easier for adversaries to exploit. The bug lies in the pipeline where an OS process can transfer data to another. Researchers have found that any user can use an SSH key to quickly escalate privileges and gain root access in minutes. With these privileges, the adversary can do a lot of damage, such as execute ransomware attacks, collect and exfiltrate sensitive data, and destroy assets.

So what can you do about this critical vulnerability? Our course discusses the official patch released by the major Linux distros and what security professionals should consider as more research develops on mitigation strategies. Get hands-on experience exploiting this vulnerability in a secure virtual lab environment and develop the skills you need to protect your environment.

After completing this course, you will be able to:

This course is taught by Raymond Evans, a member of the CyDefe team. CyDefe develops and operates capture-the-flag (CTF) style environments, and this course focuses on presenting learners with virtual labs where you can dirctly apply what you’ve learned.

This on-demand course gives you the hands-on experience needed to protect and defend your organization against the critical Dirty Pipe vulnerability. In one hour, offensive and defensive security professionals can become more prepared to defend their organization against what researchers are saying is one of the most dangerous threats to hit Linux distributions in over five years. In this course, you will see just how quick and easy it is to exploit this vulnerability from the perspective of an adversary. After completing your training, you will be able to not only exploit and mitigate this critical vulnerability, but also describe its significance to organizational stakeholders.

Understand the Dirty Pipe vulnerability and its root cause.

Understand the Dirty Pipe vulnerability and its root cause.

Identify the Dirty Pipe vulnerability, detect exploits, and determine if your organization is impacted by this Linux kernel flaw.

Identify the Dirty Pipe vulnerability, detect exploits, and determine if your organization is impacted by this Linux kernel flaw.

Communicate the potential impact to stakeholders across your organization.

Exploit this vulnerability using publicly available exploit code.

Execute various mitigation tactics to reduce risk.

Remediate this vulnerability on both Linux systems and Android devices.

Share effective exploitation and mitigation strategies.

This on-demand course gives you the hands-on experience needed to protect and defend your organization against the critical Dirty Pipe vulnerability. In one hour, offensive and defensive security professionals can become more prepared to defend their organization against what researchers are saying is one of the most dangerous threats to hit Linux distributions in over five years. In this course, you will see just how quick and easy it is to exploit this vulnerability from the perspective of an adversary. After completing your training, you will be able to not only exploit and mitigate this critical vulnerability, but also describe its significance to organizational stakeholders.

Module 1: Dirty Pipe Exploitation

Module 2: Dirty Pipe Mitigation