Safeguard
Tag

linux-kernel

Safeguard articles tagged "linux-kernel" — guides, analysis, and best practices for software supply chain and application security.

7 articles

Vulnerability Analysis

Dirty Pipe (CVE-2022-0847) Explained: Overwriting Read-Only Files in the Linux Kernel

CVE-2022-0847, Dirty Pipe, let unprivileged users overwrite data in read-only files through an uninitialized pipe flag — a clean path to root. Here is the page-cache mechanism behind it.

Jul 6, 20265 min read
Vulnerability Analysis

Dirty COW Linux kernel privilege escalation (CVE-2016-5195)

Dirty COW (CVE-2016-5195) let local attackers hijack a kernel race condition for root. Nine years old, still found in fleets — here's how to find and fix it.

Jan 10, 20268 min read
Vulnerability Analysis

Dirty Pipe Linux kernel arbitrary write (CVE-2022-0847)

Dirty Pipe (CVE-2022-0847) lets local attackers overwrite read-only files via a pipe buffer flaw, enabling fast, reliable root escalation on Linux and Android.

Jan 10, 20268 min read
Vulnerability Analysis

Linux cgroups release_agent container escape (CVE-2022-0492)

CVE-2022-0492 lets containers with CAP_SYS_ADMIN escape via cgroup v1's release_agent. Impact, timeline, and concrete remediation steps inside.

Jan 9, 20267 min read
Vulnerability Analysis

Linux AF_PACKET privilege escalation (CVE-2020-14386)

CVE-2020-14386 lets a local attacker with CAP_NET_RAW corrupt Linux kernel heap memory via AF_PACKET and escalate privileges. Here's the fix and impact.

Jan 8, 20268 min read
Open Source Security

Linux Kernel Supply Chain Security: How the World's Largest Project Protects Itself

The Linux kernel is the most critical open source project on earth. Its supply chain security practices offer lessons for every project, but also reveal challenges that scale creates.

Sep 8, 20227 min read
Vulnerability Analysis

Dirty Pipe (CVE-2022-0847): A Deep Dive into the Linux Kernel Vulnerability

Dirty Pipe allowed any local user to overwrite data in read-only files, including SUID binaries, leading to trivial root escalation. The bug was elegant, dangerous, and surprisingly recent.

Mar 7, 20225 min read
linux-kernel — Safeguard Blog