Security ID : QSA-22-05
Local Privilege Escalation Vulnerability in Linux (Dirty Pipe)
Release date : March 14, 2022
CVE identifier : CVE-2022-0847
Not affected products: QNAP NAS running QTS 4.x and QuTS hero h4.x
Affected products: All QNAP x86-based NAS and some QNAP ARM-based NAS running QTS 5.0.x, QuTS hero h5.0.x, and QuTScloud c5.0.x
Severity
High
Status
Resolved
Summary
A local privilege escalation vulnerability, also known as "dirty pipe", has been reported to affect the Linux kernel on QNAP NAS running QTS 5.0.x, QuTS hero h5.0.x, and QuTScloud c5.0.x. If exploited, this vulnerability allows an unprivileged user to gain administrator privileges and inject malicious code.
The following operating system versions are affected:
- QTS 5.0.x on all QNAP x86-based NAS and certain QNAP ARM-based NAS
- QuTS hero h5.0.x on all QNAP x86-based NAS and certain QNAP ARM-based NAS
- QuTScloud c5.0.x
For a full list of the affected models, please check "Kernel Version 5.10.60" in the following link: https://www.qnap.com/go/release-notes/kernel
QNAP NAS running QTS 4.x and QuTS hero h4.x are not affected.
We have already fixed the vulnerability in the following operating system versions:
- QTS 5.0.0.1986 build 20220324 and later
- QuTS hero h5.0.0.1986 build 20220324 and later
- QuTScloud c5.0.1.1998 and later
We will release a security update for QuTScloud as soon as possible.
Recommendation
Currently there is no mitigation available for this vulnerability. We recommend users to check back and install security updates as soon as they become available.
Updating QTS, QuTS hero, or QuTScloud
- Log on to QTS, QuTS hero, or QuTScloud as administrator.
- Go to Control Panel > System > Firmware Update.
- Under Live Update, click Check for Update.
QTS, QuTS hero, or QuTScloud downloads and installs the latest available update.
Tip: You can also download the update from the QNAP website. Go to Support > Download Center and then perform a manual update for your specific device.
Revision History:
V1.0 (March 11, 2022) - Published
V1.1 (March 23, 2022) - Security update for QuTS hero 5.0.x available
V1.2 (March 31, 2022) - Security update for QTS 5.0.0 available
V2.0 (May 11, 2022) - Modify security update for QuTScloud c5.0.1