Earticle

초록

영어

In this study, we wanted to examine the new vulnerability ‘Dirty Pipe’ that is founded in Linux kernel. how it’s exploited and what is the limitation, where it’s existed, and overcome techniques and analysis of the Linux kernel package. The study of the method used the hmark[1] program to check the vulnerabilities. Hmark is a whitebox testing tool that helps to analyze the vulnerability based on static whitebox testing and automated verification. For this purpose of our study, we analyzed Linux kernel code that is downloaded from an open-source website. Then by analyzing the hmark tool results, we identified in which file of the kernel it exists, cvss level, statistically depicted vulnerabilities on graph which is easy to understand. Furthermore, we will talk about some software we can use to analyze a vulnerability and how hmark software works. In the case of the Dirty Pipe vulnerability in Linux allows non-privileged users to execute malicious code capable of a host of destructive actions including installing backdoors into the system, injecting code into scripts, altering binaries used by elevated programs, and creating unauthorized user profiles. This bug is being tracked as CVE-2022-0847 and has been termed "Dirty Pipe"[2] since it bears a close resemblance to Dirty Cow[3], and easily exploitable Linux vulnerability from 2016 which granted a bad actor an identical level of privileges and powers.

목차

Abstract
1. Introduction
2. Exploit and Limitation
3. Measurement Tools and Analysis Method
4. Countermeasures and Conclusion
REFERENCES

키워드

저자

• Saurav Tanwar [ Student, Division of Computer Science & Engineering, Sahmyook Univ., Korea ]
• Hee Wan Kim [ Prof., Division of Computer Science & Engineering, Sahmyook Univ., Korea ] Corresponding author

참고문헌

발행기관

간행물

표지보기 관심저널 등록

• 간행물명

  International Journal of Internet, Broadcasting and Communication

• 간기

  계간

• pISSN

  2288-4920

• eISSN

  2288-4939

• 수록기간

  2009~2025

• 십진분류

  KDC 326 DDC 380