CVE-2022-0847 "Dirty Pipe"

Is OpenWrt vulnerable, and how to patch?

OpenWrt 21.02 is on kernel 5.4, so not vulnerable. Snapshots are now on 5.10.103, so as long as you are running a snapshot based on 5.10.102 or greater, you should be OK.


As long as you have no one having shell access to your router, and is not exposed to the internet you will be fine.

I believe a successful exploit requires a local shell user which is not already root. Strangely enough that is rarelely specified by these security researchers :slight_smile: Anyway, it makes OpenWrt systems invulnerable to most local root exploits.

Much the same way Windows used to be invulnerable, but...