Computer Security & Cryptography
Every year, a substantial number of security threats and vulnerabilities reported in Linux operating systems. This research is exploring on one of those vulnerability which found in Linux kernel since version 5.8 known as Dirty Pipe, which permit to over writing the data in arbitrary read only files. This vulnerability working without write permission also works with immutable files, read only btrfs snapshots, and read only mounts including CD-ROM mounts. This happens because of page cache is writable by the kernel always. This will be more beneficial for attackers to perform local privilege escalation. In this research analyze the exploitation of Dirty Pipe vulnerability and its origin and discuss mitigation methods for this vulnerability.