A week ago a new security flaw in the Linux Kernel came to light, this security flaw affects Linux Kernel 5.8 and later versions, including Android devices and any operating system that uses a Linux system as a base. If an attacker is able to exploit this security flaw, they could gain administrator privileges on the system, thus injecting commands and taking full control of the computer. The manufacturer QNAP has warned on its official website of this security flaw in the Linux Kernel and very soon we will have an emergency update to fix it.
What does this vulnerability called Dirty Pipe do?
The Dirty Pipe security bug affects Linux versions 5.8 and later, so a huge number of devices, including any Android running the latest version, are affected. This also includes the vast majority of NAS servers whose operating systems are based on Linux. This security flaw allows root permissions to be obtained, so they could have full control over the operating system. The security researcher who discovered this flaw also published a proof of concept where local users are allowed to modify settings and escalate privileges to gain administrator permissions. This vulnerability is similar to Dirty COW from 2016, although back then this security flaw was more difficult to exploit.
This security flaw is present on any operating system using Linux Kernel 5.8 or later, such as QNAP NAS servers. As far as we have been able to find out, neither Synology nor ASUSTOR NAS are affected because they use older versions of Linux, so they have been spared from this security flaw. Currently this bug is already corrected in Linux versions 5.16.11, 5.15.25 and 5.10.102 , so it is very important that you update your computers as soon as possible to the latest Kernel version so that you are not affected.
The manufacturer QNAP with the new operating system QTS 5.0 and QuTS hero 5.0, decided to update the Linux Kernel to the latest available versions, with the aim of providing its customers with the best security and also the best possible performance, as explained above. in this article. In this case, this bug affects these latest versions, it is not a security bug of the operating system itself but of the Linux Kernel, in fact, even Android devices are affected by this bug.
QTS and QuTS hero update?
Although this security flaw was fixed last week, the QNAP team is working on updating its QTS OS and QuTS hero with the new Kernel version that fixes these security flaws. In the notice that QNAP has released on its official website, they explain that if this vulnerability is exploited, an unprivileged user could obtain administrator permissions and execute any action. It is very important that the manufacturer releases an update as soon as possible, because this could trigger new ransomware to affect your devices.
Right now there is no possible mitigation for this flaw through your Malware Remover security software, because it is a flaw that is part of the Linux Kernel. This bug affects any manufacturer’s NAS server running QTS 5.0.X and also QuTS hero h5.0.X, i.e. the latest versions of the popular operating system. Additionally, certain ARM-based NAS servers are also affected by this security flaw. Onthis website you can see all the NAS affected by this security flaw in the “Kernel 5.10.60” section, NAS servers that use Kernel version 4.2.8 would not be affected by this security flaw.
What can I do to avoid problems?
If you have your NAS server accessible from the Internet, the first recommendation is to disconnect it from the Internet and not connect to it, unless you use the QVPN VPN server that we can install. Therefore, it is essential that you do the following:
- Disable the NAS server’s UPnP from automatically opening ports.
- Disable the NAS port forwarding rules on your router, except the VPN rule if you want to access remotely.
In this article we have a complete tutorial on how to protect your QNAP NAS server from attacks , it is very important that you follow all the recommendations step by step to be protected and not have problems.
Very soon the manufacturer QNAP will release an update to its QTS and QuTS hero operating systems where they will update the kernel to solve this root error, for now it’s time to wait a few more days, we will keep you informed.
