| Info |
|---|
A newly revealed vulnerability impacted the way the "flags" “flags” member of the new pipe buffer structure lacked proper initialization and was registered as CVE-2022-0847. |
| Status |
|---|
| colour | Green |
|---|
| title | LAST TESTED ON CHECKMK 2.23.0P10p15 |
|---|
|
| Panel |
|---|
| borderColor | black |
|---|
| bgColor | #f8f8f8 |
|---|
| title | Table of Contents |
|---|
|
|
...
A flaw was found in how the "flags" “flags” member of the new pipe buffer structure lacked proper initialization in copy_page_to_iter_pipe and push_pipe functions in the Linux kernel, and could thus contain stale values. An unprivileged local user could use this flaw to write to pages in the page cache backed by read-only files and, as such, escalate their privileges on the system.
...
| Tip |
|---|
|
| Dirty-Pipe only works with kernels 5.8+, while the appliance is Debian 9 based (Kernel Kernel 4.9.0-17) |
Related articles
...