* [Blog](https://www.paloaltonetworks.com/blog)
* [Cloud Security](https://www.paloaltonetworks.com/blog/cloud-security/)
* [Cloud Security](https://www.paloaltonetworks.com/blog/cloud-security/category/cloud-security/)
* DirtyPipe Enables Critica...

# DirtyPipe Enables Critical Attacks on Container Environments

[](https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Fwww.paloaltonetworks.com%2Fblog%2Fcloud-security%2Fdirty-pipe-linux-vulnerability%2F)  
[](https://twitter.com/share?text=DirtyPipe+Enables+Critical+Attacks+on+Container+Environments&url=https%3A%2F%2Fwww.paloaltonetworks.com%2Fblog%2Fcloud-security%2Fdirty-pipe-linux-vulnerability%2F)  
[](https://www.linkedin.com/shareArticle?mini=true&url=https%3A%2F%2Fwww.paloaltonetworks.com%2Fblog%2Fcloud-security%2Fdirty-pipe-linux-vulnerability%2F&title=DirtyPipe+Enables+Critical+Attacks+on+Container+Environments&summary=&source=)  
[](https://www.paloaltonetworks.com//www.reddit.com/submit?url=https://www.paloaltonetworks.com/blog/cloud-security/dirty-pipe-linux-vulnerability/&ts=markdown)  
\[\](mailto:?subject=DirtyPipe Enables Critical Attacks on Container Environments)  
Link copied  
By [Yuval Avrahami](https://www.paloaltonetworks.com/blog/author/yuval-avrahami/?ts=markdown "Posts by Yuval Avrahami")  
Mar 14, 2022  
4 minutes  
[Cloud Security](https://www.paloaltonetworks.com/blog/cloud-security/category/cloud-security/?ts=markdown)  
[Cloud Workload Protection](https://www.paloaltonetworks.com/blog/category/cloud-workload-protection/?ts=markdown)  
[DirtyPipe](https://www.paloaltonetworks.com/blog/tag/dirtypipe/?ts=markdown)  
[Linux-Kernel](https://www.paloaltonetworks.com/blog/tag/linux-kernel/?ts=markdown)

On Mar. 3rd, Linux publicly disclosed [DirtyPipe](https://dirtypipe.cm4all.com/), a critical kernel vulnerability introduced in Linux 5.8 and tracked as CVE-2022-0847. Unprivileged local attackers can exploit DirtyPipe to take over a vulnerable machine by injecting code into root processes, or by overwriting read-only, immutable, or root-owned files. The vulnerability is relatively easy to exploit and enables significant attacks against container environments.

Malicious containers can exploit DirtyPipe to overwrite their image on the underlying host. This may allow them to compromise both current and future ones neighboring containers, given they share the same image, base image, or file layers. Prisma Cloud researchers analyzed the vulnerability and discovered that DirtyPipe can also be weaponized to create a malicious container image that breaks out upon execution. Given the severity of the issue, we cannot rule out that existing containers may escape as well.

Environments running untrusted or publicly exposed containers are especially at risk, as they are most likely to host malicious containers. Unfortunately, there are no mitigations at the moment. Hardening containers with user namespaces or by running them as a non-root doesn't prevent an attack. Users are encouraged to update to a fixed version kernel as soon as possible: v5.16.11, v5.15.25, and v5.10.102. There is a silver lining though: hosts running a Linux version older than v5.8 aren't affected. If you're running a non-vulnerable version, be careful not to upgrade to a vulnerable one.

Prisma Cloud identifies and alerts on hosts running a vulnerable Kernel version. Users are encouraged to head over to 'Compute/Monitor/Vulnerabilities' to identify vulnerable hosts.

## Root Cause Analysis

DirtyPipe stems from missing variable initialization in the kernel's implementation of pipes. The Kernel may mistakenly reuse flags that dictate whether a pipe can write to a memory page. As a result, an attacker can trick the Kernel into marking read-only memory pages exposed to the attacker's pipe as writable. We recommend reading the [excellent advisory](https://dirtypipe.cm4all.com/) from Max Kellermann, the one who found the issue, for the full details.

There are some minor exploitation constraints. An attacker cannot:

1. Overwrite files that it cannot read.
2. Enlarge a file.
3. Write to offsets that are multiples of the system's page size, including 0.

Unfortunately, these limitations are unlikely to stop the vast majority of exploits.

## DirtyPipe Attacks on Container Environments

DirtyPipe enables severe attacks on container environments, as highlighted by the screenshots below.
![Figure 1: a malicious container overwriting files on a neighboring container that shares the same base image](https://www.paloaltonetworks.com/blog/wp-content/uploads/2022/03/text-description-automatically-generated-2.png)
Figure 1: a malicious container overwriting files on a neighboring container that shares the same base image ![Figure 2: a malicious container injecting random data to a process on a neighboring container running the same image, crashing it. Code execution can be gained by injecting shellcode](https://www.paloaltonetworks.com/blog/wp-content/uploads/2022/03/text-description-automatically-generated-3.png)
Figure 2: a malicious container injecting random data to a process on a neighboring container running the same image, crashing it. Code execution can be gained by injecting shellcode ![Figure 3: a malicious image that breaks out upon execution and overwrites a binary under /bin on the host, with the /bin new md5 value as proof](https://www.paloaltonetworks.com/blog/wp-content/uploads/2022/03/graphical-user-interface-text-application-descr-1.png)
Figure 3: a malicious image that breaks out upon execution and overwrites a binary under /bin on the host, with the /bin new md5 value as proof

At the moment, we're not sharing the details of our container escape exploit to prevent malicious parties from weaponizing it.

While we haven't identified a way for an already running container to escape, others might. There're definitely indirect methods, for example by compromising a neighboring privileged container that has access to the underlying host.

### Conclusion

DirtyPipe is a critical vulnerability in the Linux kernel with significant impact on container environments. Both container escapes and cross-container attacks are possible. Environments running untrusted or publicly exposed containers are especially at risk. Users are encouraged to update to a fixed Kernel version as soon as possible. Note that Linux versions older than 5.8 aren't affected.

## Get Started with Prisma Cloud

Prisma Cloud customers are encouraged to head over to 'Compute/Monitor/Vulnerabilities' to identify vulnerable hosts. New customers can see Prisma Cloud's Compute capabilities in action, by requesting a [free trial here](https://www.paloaltonetworks.com/prisma/request-a-prisma-cloud-trial?ts=markdown).
![Figure 4: Prisma Cloud identifies hosts vulnerable to DirtyPipe](https://www.paloaltonetworks.com/blog/wp-content/uploads/2022/03/graphical-user-interface-text-application-email.png)
Figure 4: Prisma Cloud identifies hosts vulnerable to DirtyPipe

## Learn More

Whether you're new to containers or a cloud-native veteran, [The 2024 Definitive Guide to Container Security](https://www.paloaltonetworks.com/resources/ebooks/container-security-definitive-guide?ts=markdown) is your essential resource for understanding, implementing and mastering security in a containerized environment. This book-length guide lays out in-depth insights and practical advice to empower developers, DevOps, cloud teams and security professionals to effectively protect their cloud-native applications.

*** ** * ** ***

## Related Blogs

### [Cloud NGFW](https://www.paloaltonetworks.com/blog/network-security/category/cloud-ngfw/?ts=markdown), [Cloud Workload Protection](https://www.paloaltonetworks.com/blog/category/cloud-workload-protection/?ts=markdown)

[#### The New Security Operating Model for Cloud and AI Workloads](https://www.paloaltonetworks.com/blog/network-security/the-new-security-operating-model-for-cloud-and-ai-workloads/)

### [Announcement](https://www.paloaltonetworks.com/blog/category/announcement/?ts=markdown), [Cloud Native Application Protection Platform](https://www.paloaltonetworks.com/blog/category/cloud-native-application-protection-platforms/?ts=markdown), [Cloud Security](https://www.paloaltonetworks.com/blog/cloud-security/category/cloud-security/?ts=markdown), [CNAPP](https://www.paloaltonetworks.com/blog/cloud-security/category/cnapp/?ts=markdown), [Reports](https://www.paloaltonetworks.com/blog/category/reports/?ts=markdown)

[#### Where Cloud Security Stands Today and Where AI Breaks It](https://www.paloaltonetworks.com/blog/2025/12/cloud-security-2025-report-insights/)

### [Cloud NGFW](https://www.paloaltonetworks.com/blog/network-security/category/cloud-ngfw/?ts=markdown), [Cloud Workload Protection](https://www.paloaltonetworks.com/blog/category/cloud-workload-protection/?ts=markdown)

[#### Cloud NGFW for Azure by Palo Alto Networks | Scalable FWaaS Security](https://www.paloaltonetworks.com/blog/network-security/cloud-ngfw-for-azure-by-palo-alto-networks-scalable-fwaas-security/)

### [API Security](https://www.paloaltonetworks.com/blog/cloud-security/category/api-security/?ts=markdown), [Cloud Runtime Security](https://www.paloaltonetworks.com/blog/cloud-security/category/cloud-runtime-security/?ts=markdown), [Cloud Workload Protection](https://www.paloaltonetworks.com/blog/category/cloud-workload-protection/?ts=markdown), [CWPP](https://www.paloaltonetworks.com/blog/cloud-security/category/cwpp/?ts=markdown), [Web Application \& API Security](https://www.paloaltonetworks.com/blog/cloud-security/category/web-application-api-security/?ts=markdown)

[#### The Expanding API Attack Surface](https://www.paloaltonetworks.com/blog/cloud-security/api-security-visibility-prioritization-protection/)

### [AI Security](https://www.paloaltonetworks.com/blog/category/ai-security/?ts=markdown), [AI Security Posture Management](https://www.paloaltonetworks.com/blog/cloud-security/category/ai-security-posture-management/?ts=markdown), [Cloud Security](https://www.paloaltonetworks.com/blog/cloud-security/category/cloud-security/?ts=markdown)

[#### Don't Let Inactive AI Models Linger: Reduce Risk and Cost with Cortex Cloud](https://www.paloaltonetworks.com/blog/cloud-security/cloud-security-inactive-ai-model-risk/)

### [AI Security](https://www.paloaltonetworks.com/blog/category/ai-security/?ts=markdown), [Cloud Runtime Security](https://www.paloaltonetworks.com/blog/cloud-security/category/cloud-runtime-security/?ts=markdown), [Cloud Security](https://www.paloaltonetworks.com/blog/cloud-security/category/cloud-security/?ts=markdown)

[#### Resilience by Design: Security in the Age of Offensive AI](https://www.paloaltonetworks.com/blog/cloud-security/resilence-by-design/)

### Subscribe to Cloud Security Blogs!

Sign up to receive must-read articles, Playbooks of the Week, new feature announcements, and more.
![spinner](https://www.paloaltonetworks.com/blog/wp-content/themes/panwblog2023/dist/images/ajax-loader.gif) Sign up  
Please enter a valid email.  
By submitting this form, you agree to our [Terms of Use](https://www.paloaltonetworks.com/legal-notices/terms-of-use?ts=markdown) and acknowledge our [Privacy Statement](https://www.paloaltonetworks.com/legal-notices/privacy?ts=markdown). Please look for a confirmation email from us. If you don't receive it in the next 10 minutes, please check your spam folder.  
This site is protected by reCAPTCHA and the Google [Privacy Policy](https://policies.google.com/privacy) and [Terms of Service](https://policies.google.com/terms) apply.  
{#footer} {#footer}

## Products and Services

* [AI-Powered Network Security Platform](https://www.paloaltonetworks.com/network-security?ts=markdown)

* [Secure AI by Design](https://www.paloaltonetworks.com/precision-ai-security/secure-ai-by-design?ts=markdown)

* [Prisma AIRS](https://www.paloaltonetworks.com/prisma/prisma-ai-runtime-security?ts=markdown)

* [AI Access Security](https://www.paloaltonetworks.com/sase/ai-access-security?ts=markdown)

* [Cloud Delivered Security Services](https://www.paloaltonetworks.com/network-security/security-subscriptions?ts=markdown)

* [Advanced Threat Prevention](https://www.paloaltonetworks.com/network-security/advanced-threat-prevention?ts=markdown)

* [Advanced URL Filtering](https://www.paloaltonetworks.com/network-security/advanced-url-filtering?ts=markdown)

* [Advanced WildFire](https://www.paloaltonetworks.com/network-security/advanced-wildfire?ts=markdown)

* [Advanced DNS Security](https://www.paloaltonetworks.com/network-security/advanced-dns-security?ts=markdown)

* [Enterprise Data Loss Prevention](https://www.paloaltonetworks.com/sase/enterprise-data-loss-prevention?ts=markdown)

* [Enterprise IoT Security](https://www.paloaltonetworks.com/network-security/enterprise-device-security?ts=markdown)

* [Medical IoT Security](https://www.paloaltonetworks.com/network-security/medical-device-security?ts=markdown)

* [Industrial OT Security](https://www.paloaltonetworks.com/network-security/medical-device-security?ts=markdown)

* [SaaS Security](https://www.paloaltonetworks.com/sase/saas-security?ts=markdown)

* [Next-Generation Firewalls](https://www.paloaltonetworks.com/network-security/next-generation-firewall?ts=markdown)

* [Hardware Firewalls](https://www.paloaltonetworks.com/network-security/hardware-firewall-innovations?ts=markdown)

* [Software Firewalls](https://www.paloaltonetworks.com/network-security/software-firewalls?ts=markdown)

* [Strata Cloud Manager](https://www.paloaltonetworks.com/network-security/strata-cloud-manager?ts=markdown)

* [SD-WAN for NGFW](https://www.paloaltonetworks.com/network-security/sd-wan-subscription?ts=markdown)

* [PAN-OS](https://www.paloaltonetworks.com/network-security/pan-os?ts=markdown)

* [Panorama](https://www.paloaltonetworks.com/network-security/panorama?ts=markdown)

* [Secure Access Service Edge](https://www.paloaltonetworks.com/sase?ts=markdown)

* [Prisma SASE](https://www.paloaltonetworks.com/sase?ts=markdown)

* [Application Acceleration](https://www.paloaltonetworks.com/sase/app-acceleration?ts=markdown)

* [Autonomous Digital Experience Management](https://www.paloaltonetworks.com/sase/adem?ts=markdown)

* [Enterprise DLP](https://www.paloaltonetworks.com/sase/enterprise-data-loss-prevention?ts=markdown)

* [Prisma Access](https://www.paloaltonetworks.com/sase/access?ts=markdown)

* [Prisma Browser](https://www.paloaltonetworks.com/sase/prisma-browser?ts=markdown)

* [Prisma SD-WAN](https://www.paloaltonetworks.com/sase/sd-wan?ts=markdown)

* [Remote Browser Isolation](https://www.paloaltonetworks.com/sase/remote-browser-isolation?ts=markdown)

* [SaaS Security](https://www.paloaltonetworks.com/sase/saas-security?ts=markdown)

* [AI-Driven Security Operations Platform](https://www.paloaltonetworks.com/cortex?ts=markdown)

* [Cloud Security](https://www.paloaltonetworks.com/cortex/cloud?ts=markdown)

* [Cortex Cloud](https://www.paloaltonetworks.com/cortex/cloud?ts=markdown)

* [Application Security](https://www.paloaltonetworks.com/cortex/cloud/application-security?ts=markdown)

* [Cloud Posture Security](https://www.paloaltonetworks.com/cortex/cloud/cloud-posture-security?ts=markdown)

* [Cloud Runtime Security](https://www.paloaltonetworks.com/cortex/cloud/runtime-security?ts=markdown)

* [Prisma Cloud](https://www.paloaltonetworks.com/prisma/cloud?ts=markdown)

* [AI-Driven SOC](https://www.paloaltonetworks.com/cortex?ts=markdown)

* [Cortex XSIAM](https://www.paloaltonetworks.com/cortex/cortex-xsiam?ts=markdown)

* [Cortex XDR](https://www.paloaltonetworks.com/cortex/cortex-xdr?ts=markdown)

* [Cortex XSOAR](https://www.paloaltonetworks.com/cortex/cortex-xsoar?ts=markdown)

* [Cortex Xpanse](https://www.paloaltonetworks.com/cortex/cortex-xpanse?ts=markdown)

* [Unit 42 Managed Detection \& Response](https://www.paloaltonetworks.com/cortex/managed-detection-and-response?ts=markdown)

* [Managed XSIAM](https://www.paloaltonetworks.com/cortex/managed-xsiam?ts=markdown)

* [Threat Intel and Incident Response Services](https://www.paloaltonetworks.com/unit42?ts=markdown)

* [Proactive Assessments](https://www.paloaltonetworks.com/unit42/assess?ts=markdown)

* [Incident Response](https://www.paloaltonetworks.com/unit42/respond?ts=markdown)

* [Transform Your Security Strategy](https://www.paloaltonetworks.com/unit42/transform?ts=markdown)

* [Discover Threat Intelligence](https://www.paloaltonetworks.com/unit42/threat-intelligence-partners?ts=markdown)

## Company

* [About Us](https://www.paloaltonetworks.com/about-us?ts=markdown)
* [Careers](https://jobs.paloaltonetworks.com/en/)
* [Contact Us](https://www.paloaltonetworks.com/company/contact-sales?ts=markdown)
* [Corporate Responsibility](https://www.paloaltonetworks.com/about-us/corporate-responsibility?ts=markdown)
* [Customers](https://www.paloaltonetworks.com/customers?ts=markdown)
* [Investor Relations](https://investors.paloaltonetworks.com/)
* [Location](https://www.paloaltonetworks.com/about-us/locations?ts=markdown)
* [Newsroom](https://www.paloaltonetworks.com/company/newsroom?ts=markdown)

## Popular Links

* [Blog](https://www.paloaltonetworks.com/blog/?ts=markdown)
* [Communities](https://www.paloaltonetworks.com/communities?ts=markdown)
* [Content Library](https://www.paloaltonetworks.com/resources?ts=markdown)
* [Cyberpedia](https://www.paloaltonetworks.com/cyberpedia?ts=markdown)
* [Event Center](https://events.paloaltonetworks.com/)
* [Manage Email Preferences](https://start.paloaltonetworks.com/preference-center)
* [Products A-Z](https://www.paloaltonetworks.com/products/products-a-z?ts=markdown)
* [Product Certifications](https://www.paloaltonetworks.com/legal-notices/trust-center/compliance?ts=markdown)
* [Report a Vulnerability](https://www.paloaltonetworks.com/security-disclosure?ts=markdown)
* [Sitemap](https://www.paloaltonetworks.com/sitemap?ts=markdown)
* [Tech Docs](https://docs.paloaltonetworks.com/)
* [Unit 42](https://unit42.paloaltonetworks.com/)
* [Do Not Sell or Share My Personal Information](https://panwedd.exterro.net/portal/dsar.htm?target=panwedd)
  ![PAN logo](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/pan-logo-dark.svg)
* [Privacy](https://www.paloaltonetworks.com/legal-notices/privacy?ts=markdown)
* [Trust Center](https://www.paloaltonetworks.com/legal-notices/trust-center?ts=markdown)
* [Terms of Use](https://www.paloaltonetworks.com/legal-notices/terms-of-use?ts=markdown)
* [Documents](https://www.paloaltonetworks.com/legal?ts=markdown)

Copyright © 2026 Palo Alto Networks. All Rights Reserved

* [![Youtube](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/youtube-black.svg)](https://www.youtube.com/user/paloaltonetworks)
* [![Podcast](https://www.paloaltonetworks.com/content/dam/pan/en_US/images/icons/podcast.svg)](https://www.paloaltonetworks.com/podcasts/threat-vector?ts=markdown)
* [![Facebook](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/facebook-black.svg)](https://www.facebook.com/PaloAltoNetworks/)
* [![LinkedIn](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/linkedin-black.svg)](https://www.linkedin.com/company/palo-alto-networks)
* [![Twitter](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/twitter-x-black.svg)](https://twitter.com/PaloAltoNtwks)
* EN  
  Select your language