Posts by Gergely Eberhardt

IT security expert. I love tinkering with anything that is built from multiple parts.

Gergely Eberhardt

To initialize or not to initialize - the dirty pipe vulnerability

Around February 2022, an innocent-looking Linux kernel vulnerability corrupted some log files. Digging in and analyzing the root causes led to discovering the dirty pipe vulnerability. This allows attackers with local access to escalate to root. Oh no, was it an overflow again? Not this time; read on to find out!