Checkmk is not affected by Dirty Pipe Exploit (CVE-2022-0847)

Problem

A flaw was found in how the “flags” member of the new pipe buffer structure lacked proper initialization in copy_page_to_iter_pipe and push_pipe functions in the Linux kernel, and could thus contain stale values. An unprivileged local user could use this flaw to write to pages in the page cache backed by read-only files and, as such, escalate their privileges on the system.

Solution

As of the time of writing this article, the appliances (virtual or physical) are not affected by the Dirty-Pipe-Exploit.

Related articles

• Page:
  Troubleshooting CVE-Check CVE-2021-44228 Log4j is crashing on Windows
• Page:
  Checkmk is not affected by Spring4Shell (CVE-2022-22965)
• Page:
  Checkmk is not affected by Log4j (CVE-2021-44228)
• Page:
  Checkmk is not affected by Dirty Pipe Exploit (CVE-2022-0847)
• Page:
  Considerations before running the agent as an unprivileged user