Recently CVE-2022-0847 was assigned to the “Dirty Pipe” Linux kernel vulnerability. This CVE has been mitigated by fixes included in a new kernel package; linux-image-5.10.0-12-amd64 (5.10.103-1)
which is now in the PureOS repositories.
Please upgrade at your earliest convenience.
8 Likes
As this post kindly describes:
echo 'byzantium-security' | xargs -d' ' -Irepository curl -s http://repo.pureos.net/pureos/dists/byzantium-security/main/binary-amd64/Packages.xz | xzcat | grep 'Package: linux-image-5.10.0-12-amd64'
I decided to proceed with following (if this path of mine 100% correct/needed):
sudo apt update
sudo apt install linux-image-5.10.0-12-amd64
sudo apt-mark auto linux-image-5.10.0-12-amd64
sudo apt upgrade linux-image-amd64
sudo apt-mark auto linux-image-amd64
sudo reboot
uname -srvmo
apt info linux-image-amd64