Thursday, March 17, 2022

QNAP Network Attached Storage (NAS) high severity Linux vulnerability

 QNAP is notifying users that Network Attached Storage (NAS) devices are impacted by the high severity Linux vulnerability dubbed “Dirty Pipe” that allows attackers with local access to gain root privileges. 

Dirty Pipe a vulnerability was discovered in the Linux kernels' handling of pipe buffer flags affecting Linux kernel versions 5.8 and later as well as some Android kernel versions. CVE-2022-0847 (CVSS v3 7.8), may allow a non-privileged user to overwrite data in arbitrary read-only files and SUID binaries. Successful exploitation of this vulnerability may allow for root privilege escalation through the editing of administrative files such as /etc/passwd and SUID programs. 

Proof of Concept (PoC) exploits have been made publicly available. Although a patch was released for the flaw, QNAP states that there is no mitigation available at this time, further recommending that users install the security updates as soon as possible. Impacted NAS devices comprise of those running QTS 5.0.x and QuTS hero h5.0.x, including: QTS 5.0.x on all QNAP x86-based NAS and certain QNAP ARM-based NAS; and QuTS hero h5.0.x on all QNAP x86-based NAS and certain QNAP ARM-based NAS.

To learn more go here