Cobra Forum

Linux Specialised Support => Security => Topic started by: kalpana on Nov 06, 2023, 03:46 AM

Title: Ubuntu and Dirty Pipe
Post by: kalpana on Nov 06, 2023, 03:46 AM
So, you probably have heard about the latest privilege escalation vulnerability in the Linux kernel:
https://dirtypipe.cm4all.com/

Vulnerability was first introduced in Linux 4.9, got more easy to exploit in Linux 5.8, and was fixed in Linux 5.16.11, 5.15.25, 5.10.102.

Ubuntu 20.04.4 LTS uses Linux 5.4.0

Since I can't seem to find an Ubuntu security advisory about this, is Ubuntu 20.04.4 LTS effected? I think with kernel 5.4.0 we have to assume it is effected. Has it already been patched before the public announcement? If so, what exact package version contains the fix?

(Apparently, 5.4.0.100.104 seems to be the latest kernel image available on Ubuntu 20.04.4 LTS at this time)

Thank you and regards.