Northwestern University researchers have discovered that DirtyCred, an eight-year-old Linux kernel exploitation
concept entailing the abuse of the CVE-2022-2588 vulnerability for privilege escalation, is as severe as the Dirty Pipe vulnerability, tracked as CVE-2022-0847, The Hacker News
DirtyCred has been able to obtain privileges through the exploitation of the heap memory reuse mechanism involving freeing of in-use unprivileged credentials, deployment of privileged credentials in the slot with free memory, and privileged user operation, according to researchers, who noted that the technique is more general and more flexible in functionality, compared with Dirty Pipe.
"First, rather than tying to a specific vulnerability, this exploitation method allows any vulnerabilities with double-free ability to demonstrate dirty-pipe-like ability. Second, while it is like the dirty pipe that could bypass all the kernel protections, our exploitation method could even demonstrate the ability to escape the container actively that Dirty Pipe is not capable of," added researchers.