Vulnerability CVE-2022-0847: Information

Description

A flaw was found in the way the "flags" member of the new pipe buffer structure was lacking proper initialization in copy_page_to_iter_pipe and push_pipe functions in the Linux kernel and could thus contain stale values. An unprivileged local user could use this flaw to write to pages in the page cache backed by read only files and as such escalate their privileges on the system.

Severity: HIGH (7.8) Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

URL: https://nvd.nist.gov/vuln/detail/CVE-2022-0847
Published: March 10, 2022
Modified: Jan. 12, 2024
Error type identifier: CWE-665

Fixed packages

Package name
Branch
Fixed in version
Version from repository
Errata ID
Task #
State
kernel-image-mpsisyphus5.11.4-alt16.8.12-alt1ALT-PU-2021-1447-1267461Fixed
kernel-image-mpp105.11.4-alt16.1.19-alt1ALT-PU-2021-1447-1267461Fixed
kernel-image-mpp95.11.16-alt15.12.16-alt1ALT-PU-2021-1869-1271829Fixed
kernel-image-mpp115.11.4-alt16.8.8-alt1ALT-PU-2021-1447-1267461Fixed
kernel-image-rpi-defsisyphus5.15.25-alt15.15.92-alt2ALT-PU-2022-1419-1296090Fixed
kernel-image-rpi-defp105.15.25-alt15.15.92-alt2ALT-PU-2022-1421-1296181Fixed
kernel-image-rpi-defp115.15.25-alt15.15.92-alt2ALT-PU-2022-1419-1296090Fixed
kernel-image-rpi-unsisyphus5.12.6-alt16.6.23-alt1ALT-PU-2021-1888-1273055Fixed
kernel-image-rpi-unp105.15.28-alt16.1.77-alt1ALT-PU-2022-1540-1296849Fixed
kernel-image-rpi-unp95.12.6-alt15.12.17-alt1ALT-PU-2021-1896-1273084Fixed
kernel-image-rpi-unp115.12.6-alt16.6.23-alt1ALT-PU-2021-1888-1273055Fixed
kernel-image-rtsisyphus5.10.104-alt1.rt636.1.92-alt1.rt32ALT-PU-2022-1461-1296495Fixed
kernel-image-rtp105.10.104-alt1.rt635.10.217-alt1.rt109ALT-PU-2022-1462-1296497Fixed
kernel-image-rtp115.10.104-alt1.rt636.1.90-alt2.rt30ALT-PU-2022-1461-1296495Fixed
kernel-image-std-defsisyphus5.15.25-alt16.1.92-alt1ALT-PU-2022-1388-1295936Fixed
kernel-image-std-defp105.10.102-alt15.10.218-alt1ALT-PU-2022-1411-1295939Fixed
kernel-image-std-defc9f25.10.104-alt0.c9f.25.10.214-alt0.c9f.2ALT-PU-2022-1467-1296399Fixed
kernel-image-std-defp115.15.25-alt16.1.91-alt1ALT-PU-2022-1388-1295936Fixed
kernel-image-std-kvmsisyphus5.10.102-alt15.10.176-alt1ALT-PU-2022-1432-1296283Fixed
kernel-image-std-kvmp115.10.102-alt15.10.176-alt1ALT-PU-2022-1432-1296283Fixed
kernel-image-un-defsisyphus5.11.7-alt16.6.32-alt1ALT-PU-2021-1525-1267984Fixed
kernel-image-un-defsisyphus_riscv645.19.16-alt2.rv646.6.32-alt1.0.portALT-PU-2022-6777-1-Fixed
kernel-image-un-defp105.15.25-alt16.1.90-alt1ALT-PU-2022-1410-1295937Fixed
kernel-image-un-defp95.10.102-alt15.10.218-alt1ALT-PU-2022-1413-1295943Fixed
kernel-image-un-defc10f15.15.25-alt16.1.85-alt0.c10f.1ALT-PU-2022-1410-1295937Fixed
kernel-image-un-defp115.11.7-alt16.6.31-alt1ALT-PU-2021-1525-1267984Fixed
linux-toolssisyphus_riscv646.0-alt16.9-alt1ALT-PU-2022-6483-1-Fixed
linux-toolsp106.1-alt0.p10.16.1-alt0.p10.1ALT-PU-2023-4282-2323593Fixed

References to Advisories, Solutions, and Tools

Hyperlink
Resource
https://bugzilla.redhat.com/show_bug.cgi?id=2060795
  • Issue Tracking
  • Patch
  • Third Party Advisory
https://dirtypipe.cm4all.com/
  • Exploit
  • Third Party Advisory
http://packetstormsecurity.com/files/166229/Dirty-Pipe-Linux-Privilege-Escalation.html
  • Exploit
  • Third Party Advisory
  • VDB Entry
http://packetstormsecurity.com/files/166230/Dirty-Pipe-SUID-Binary-Hijack-Privilege-Escalation.html
  • Exploit
  • Third Party Advisory
  • VDB Entry
http://packetstormsecurity.com/files/166258/Dirty-Pipe-Local-Privilege-Escalation.html
  • Exploit
  • Third Party Advisory
  • VDB Entry
https://www.suse.com/support/kb/doc/?id=000020603
  • Third Party Advisory
https://security.netapp.com/advisory/ntap-20220325-0005/
  • Third Party Advisory
https://cert-portal.siemens.com/productcert/pdf/ssa-222547.pdf
  • Third Party Advisory
https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0015
  • Third Party Advisory
http://packetstormsecurity.com/files/176534/Linux-4.20-KTLS-Read-Only-Write.html

      1. Configuration 1

        cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
        Start including
        5.16
        End excliding
        5.16.11
        cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
        Start including
        5.15
        End excliding
        5.15.25
        cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
        Start including
        5.8
        End excliding
        5.10.102

        Configuration 2

        cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*

        Configuration 3

        cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*
        cpe:2.3:o:redhat:enterprise_linux_eus:8.2:*:*:*:*:*:*:*
        cpe:2.3:o:redhat:enterprise_linux_server_tus:8.2:*:*:*:*:*:*:*
        cpe:2.3:o:redhat:enterprise_linux_server_aus:8.2:*:*:*:*:*:*:*
        cpe:2.3:o:redhat:enterprise_linux_for_real_time:8:*:*:*:*:*:*:*
        cpe:2.3:o:redhat:enterprise_linux_server_tus:8.4:*:*:*:*:*:*:*
        cpe:2.3:o:redhat:enterprise_linux_eus:8.4:*:*:*:*:*:*:*
        cpe:2.3:o:redhat:enterprise_linux_for_real_time_for_nfv_tus:8.4:*:*:*:*:*:*:*
        cpe:2.3:o:redhat:enterprise_linux_for_real_time_for_nfv_tus:8.2:*:*:*:*:*:*:*
        cpe:2.3:o:redhat:enterprise_linux_for_real_time_tus:8.4:*:*:*:*:*:*:*
        cpe:2.3:o:redhat:enterprise_linux_for_real_time_tus:8.2:*:*:*:*:*:*:*
        cpe:2.3:o:redhat:enterprise_linux_server_aus:8.4:*:*:*:*:*:*:*
        cpe:2.3:o:redhat:enterprise_linux_for_real_time_for_nfv:8:*:*:*:*:*:*:*
        cpe:2.3:o:redhat:enterprise_linux_server_update_services_for_sap_solutions:8.2:*:*:*:*:*:*:*
        cpe:2.3:o:redhat:enterprise_linux_server_update_services_for_sap_solutions:8.4:*:*:*:*:*:*:*
        cpe:2.3:o:redhat:enterprise_linux_server_update_services_for_sap_solutions:8.1:*:*:*:*:*:*:*
        cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:8.2:*:*:*:*:*:*:*
        cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus:8.2:*:*:*:*:*:*:*
        cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian:8.0:*:*:*:*:*:*:*
        cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus:8.4:*:*:*:*:*:*:*
        cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:8.0:*:*:*:*:*:*:*
        cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:8.4:*:*:*:*:*:*:*
        cpe:2.3:o:redhat:enterprise_linux_server_for_power_little_endian_update_services_for_sap_solutions:8.1:*:*:*:*:*:*:*
        cpe:2.3:o:redhat:enterprise_linux_server_for_power_little_endian_update_services_for_sap_solutions:8.2:*:*:*:*:*:*:*
        cpe:2.3:o:redhat:enterprise_linux_server_for_power_little_endian_update_services_for_sap_solutions:8.4:*:*:*:*:*:*:*

        Configuration 4

        cpe:2.3:a:redhat:codeready_linux_builder:-:*:*:*:*:*:*:*
        Running on/with:
        cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*
        Running on/with:
        cpe:2.3:o:redhat:enterprise_linux_eus:8.2:*:*:*:*:*:*:*
        Running on/with:
        cpe:2.3:o:redhat:enterprise_linux_eus:8.4:*:*:*:*:*:*:*
        Running on/with:
        cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian:8.0:*:*:*:*:*:*:*
        Running on/with:
        cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:8.2:*:*:*:*:*:*:*
        Running on/with:
        cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:8.4:*:*:*:*:*:*:*

        Configuration 5

        cpe:2.3:a:redhat:virtualization_host:4.0:*:*:*:*:*:*:*
        Running on/with:
        cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*

        Configuration 6

        cpe:2.3:a:ovirt:ovirt-engine:4.4.10.2:*:*:*:*:*:*:*

        Configuration 7

        cpe:2.3:o:netapp:h300s_firmware:-:*:*:*:*:*:*:*
        Running on/with:
        cpe:2.3:h:netapp:h300s:-:*:*:*:*:*:*:*

        Configuration 8

        cpe:2.3:o:netapp:h500s_firmware:-:*:*:*:*:*:*:*
        Running on/with:
        cpe:2.3:h:netapp:h500s:-:*:*:*:*:*:*:*

        Configuration 9

        cpe:2.3:o:netapp:h700s_firmware:-:*:*:*:*:*:*:*
        Running on/with:
        cpe:2.3:h:netapp:h700s:-:*:*:*:*:*:*:*

        Configuration 10

        cpe:2.3:o:netapp:h300e_firmware:-:*:*:*:*:*:*:*
        Running on/with:
        cpe:2.3:h:netapp:h300e:-:*:*:*:*:*:*:*

        Configuration 11

        cpe:2.3:o:netapp:h500e_firmware:-:*:*:*:*:*:*:*
        Running on/with:
        cpe:2.3:h:netapp:h500e:-:*:*:*:*:*:*:*

        Configuration 12

        cpe:2.3:o:netapp:h700e_firmware:-:*:*:*:*:*:*:*
        Running on/with:
        cpe:2.3:h:netapp:h700e:-:*:*:*:*:*:*:*

        Configuration 13

        cpe:2.3:o:netapp:h410s_firmware:-:*:*:*:*:*:*:*
        Running on/with:
        cpe:2.3:h:netapp:h410s:-:*:*:*:*:*:*:*

        Configuration 14

        cpe:2.3:o:netapp:h410c_firmware:-:*:*:*:*:*:*:*
        Running on/with:
        cpe:2.3:h:netapp:h410c:-:*:*:*:*:*:*:*

        Configuration 15

        cpe:2.3:o:siemens:scalance_lpe9403_firmware:*:*:*:*:*:*:*:*
        Running on/with:
        cpe:2.3:h:siemens:scalance_lpe9403:-:*:*:*:*:*:*:*

        Configuration 16

        cpe:2.3:o:sonicwall:sma1000_firmware:*:*:*:*:*:*:*:*
        Running on/with:
        cpe:2.3:h:sonicwall:sma1000:-:*:*:*:*:*:*:*
    VKontakte|Telegram|YouTube|Forum|GitHub|Bugzilla
    Version: v24.5.3
    Back to top