QNAP Warns Against 'Dirty Pipe' Linux Flaw That Affects Several NAS Devices
Here’s a look at what you need to know
- QNAP has issued an advisory about a new Dirty Pipe Linux vulnerability that affects a wide range of Network Attached Storage (NAS) devices.
- It allows attackers to overwrite data in arbitrary read-only files.
- The Dirty Pipe security flaw affects all NAS devices running kernel version 5.10.60.
- QNAP plans to release security updates soon to address this vulnerability.
QNAP, a company specializing in developing networking solutions, has issued an advisory about a new Linux vulnerability that affects most of its Network Attached Storage (NAS) devices. The company warned that this high severity Linux exploit called “Dirty Pipe” could be abused by attackers to gain root privileges on affected systems.
The Dirty Pipe vulnerability, tracked as CVE-2022-0847, was discovered by a security researcher by Max Kellermann back in April 2021. It allows non-privileged users to overwrite data in arbitrary read-only files, leading to local privilege escalation. The attacker can exploit this vulnerability to carry out various malicious actions such as creating unauthorized user accounts, installing backdoors, injecting code into scripts, and altering binaries used by privileged apps or services.
Essentially, the security vulnerability resides in a Linux mechanism called pipeline, which the OS uses for unidirectional communication between processes. The flaw has since been fixed in the latest Linux kernel versions, but it could potentially target devices running Linux kernel version 5.8 or newer.
The Dirty Pipe flaw affects all QNAP NAS devices running QTS 5.0.x and QuTS hero h5.0.x
QNAP says that the Dirty Pipe exploit affects all devices running QTS 5.0.x and QuTS hero h5.0.x, and you can check out the full list of all affected models in the release notes for Kernel Version 5.10.60.
“If exploited, this vulnerability allows an unprivileged user to gain administrator privileges and inject malicious code,” QNAP explained in a security advisory. “Currently there is no mitigation available for this vulnerability. We recommend users to check back and install security updates as soon as they become available.”
The company has advised all users to wait for its security patches that should help to mitigate the vulnerability on Network Attached Storage (NAS) devices. Meanwhile, it recommends that users with Internet-exposed NAS devices should disable the “Port Forwarding function of the router” and the “UPnP function of the QNAP NAS,” at least until a fix is available.
More in Security
Microsoft Entra ID Governance Service is Now Generally Available
Jun 7, 2023 | Rabia Noureen
Google Workspace Introduces Passkey Support to Protect Users Against Phishing Attacks
Jun 7, 2023 | Rabia Noureen
Microsoft Discloses New 'Migraine' Flaw That Bypasses Built-In Protections on macOS
Jun 1, 2023 | Rabia Noureen
Microsoft Warns Chinese Volt Typhoon Hacking Group Infects Critical US Infrastructure
May 26, 2023 | Rabia Noureen
Microsoft Entra Introduces New Identity and Access Management Capabilities
May 24, 2023 | Rabia Noureen
New Microsoft 365 Defender Feature Automatically Blocks Adversary-in-the-Middle Campaigns
May 18, 2023 | Rabia Noureen
Most popular on petri