Linux Dirty Pipe vulnerability

A heads up. Spotted in my news feed. Applicable to many Linux distros.
IPFire needs to go to kernel 5.15.25 to include fix.

1 Like

Thanks for the heads up. This was flagged up by one of the devs in the monthly conf call yesterday.

Replacing the kernel in CU 164 at this late stage is unlikely to occur due to the unavailability of the IPFire kernel guru at this point in time.
However the patch fix for the bug is quite simple and so it is being looked at to add this as a last minute fix to CU164

Bear in mind that to execute the bug you need access to IPFire so the hacker would need to have the root password or potentially the admin password and access to IPFire via the Console or potentially the WUI.


This is now patched and scheduled for c164: Git - ipfire-2.x.git/commitdiff

Unfortunately our ARM builders are down, so we might need an extra day for a release.


The file corruption issue caused by the bug is probably more important than the security implication as you say.

Keep up the good work!