3 comments

[ 2.8 ms ] story [ 20.7 ms ] thread
' Dirty Pipe ' allows local-users to gain root-privileges through publicly available exploits.

Is there any chance this can be remote-exploited?

I think you would need a pipe reading from (using splice) a file you're not supposed to write to, which also accepts your input, which you're very unlikely to find, and you would only be able to modify the file being read.
Check your machines, issue is fixed in 5.16.11, 5.15.25, and 5.10.102