Local Privilege Escalation Vulnerability in Linux (Dirty Pipe)

Summary

A local privilege escalation vulnerability, also known as "dirty pipe", has been reported to affect the Linux kernel on QNAP NAS running QTS 5.0.x, QuTS hero h5.0.x, and QuTScloud c5.0.x. If exploited, this vulnerability allows an unprivileged user to gain administrator privileges and inject malicious code.

The following operating system versions are affected:

• QTS 5.0.x on all QNAP x86-based NAS and certain QNAP ARM-based NAS
• QuTS hero h5.0.x on all QNAP x86-based NAS and certain QNAP ARM-based NAS
• QuTScloud c5.0.x

For a full list of the affected models, please check "Kernel Version 5.10.60" in the following link: https://www.qnap.com/go/release-notes/kernel

QNAP NAS running QTS 4.x and QuTS hero h4.x are not affected.

We have already fixed the vulnerability in the following operating system versions:

• QTS 5.0.0.1986 build 20220324 and later
• QuTS hero h5.0.0.1986 build 20220324 and later
• QuTScloud c5.0.1.1998 and later

We will release a security update for QuTScloud as soon as possible.

Recommendation

Currently there is no mitigation available for this vulnerability. We recommend users to check back and install security updates as soon as they become available.

Updating QTS, QuTS hero, or QuTScloud

1. Log on to QTS, QuTS hero, or QuTScloud as administrator.
2. Go to Control Panel > System > Firmware Update.
3. Under Live Update, click Check for Update.
   QTS, QuTS hero, or QuTScloud downloads and installs the latest available update.

Tip: You can also download the update from the QNAP website. Go to Support > Download Center and then perform a manual update for your specific device.