QNAP Warns Severe Linux Bug Affects Most Of Its NAS Devices

<img src="https://b1265760.smushcdn.com/1265760/wp-content/uploads/ISB-Logo_White-171x76-2.png?lossy=1&strip=1&webp=1" class="logo-image logo-image-dark" alt="Information Security Buzz" width="171" height="76" srcset="https://b1265760.smushcdn.com/1265760/wp-content/uploads/ISB-Logo_White-171x76-2-150x67.png?lossy=1&strip=1&webp=1 150w, https://b1265760.smushcdn.com/1265760/wp-content/uploads/ISB-Logo_White-171x76-2.png?lossy=1&strip=1&webp=1 171w" sizes="(max-width: 171px) 100vw, 171px" />

<img src="https://b1265760.smushcdn.com/1265760/wp-content/uploads/ISB-Logo_171K.png?lossy=1&strip=1&webp=1" class="logo-image" alt="Information Security Buzz" width="171" height="76" srcset="https://b1265760.smushcdn.com/1265760/wp-content/uploads/ISB-Logo_171K-150x67.png?lossy=1&strip=1&webp=1 150w, https://b1265760.smushcdn.com/1265760/wp-content/uploads/ISB-Logo_171K.png?lossy=1&strip=1&webp=1 171w" sizes="(max-width: 171px) 100vw, 171px" />

<img src="https://b1265760.smushcdn.com/1265760/wp-content/uploads/ISB-Logo_White-171x76-2.png?lossy=1&strip=1&webp=1" class="logo-image logo-image-dark" alt="Information Security Buzz" width="171" height="76" srcset="https://b1265760.smushcdn.com/1265760/wp-content/uploads/ISB-Logo_White-171x76-2-150x67.png?lossy=1&strip=1&webp=1 150w, https://b1265760.smushcdn.com/1265760/wp-content/uploads/ISB-Logo_White-171x76-2.png?lossy=1&strip=1&webp=1 171w" sizes="(max-width: 171px) 100vw, 171px" />

<img src="https://b1265760.smushcdn.com/1265760/wp-content/uploads/ISB-Logo_171K.png?lossy=1&strip=1&webp=1" class="logo-image" alt="Information Security Buzz" width="171" height="76" srcset="https://b1265760.smushcdn.com/1265760/wp-content/uploads/ISB-Logo_171K-150x67.png?lossy=1&strip=1&webp=1 150w, https://b1265760.smushcdn.com/1265760/wp-content/uploads/ISB-Logo_171K.png?lossy=1&strip=1&webp=1 171w" sizes="(max-width: 171px) 100vw, 171px" />

bug bounty

In Local Privilege Escalation Vulnerability in Linux (Dirty Pipe), Taiwanese hardware vendor QNAP is reporting that most of its (NAS) devices are vulnerable to a high severity Linux vulnerability which allows local access users to gain root privileges. Excerpts:

A local privilege escalation vulnerability, also known as “dirty pipe”, has been reported to affect the Linux kernel on QNAP NAS running QTS 5.0.x and QuTS hero h5.0.x.

Currently there is no mitigation available for this vulnerability. We recommend users to check back and install security updates as soon as they become available.

About the Author

ISBuzz Team

The opinions expressed in this post belongs to the individual contributors and do not necessarily reflect the views of Information Security Buzz.

Information Security Buzz is an independent resource that provides the experts’ comments, analysis, and opinion on the latest Cybersecurity news and topics

Working With Us

Write For Us

The Pages