CVE-2022-0847 PoC — Linux kernel 安全漏洞

Source

https://github.com/Mustafa1986/CVE-2022-0847-DirtyPipe-Exploit

Associated Vulnerability

Title:Linux kernel 安全漏洞 (CVE-2022-0847)
Description:A flaw was found in the way the "flags" member of the new pipe buffer structure was lacking proper initialization in copy_page_to_iter_pipe and push_pipe functions in the Linux kernel and could thus contain stale values. An unprivileged local user could use this flaw to write to pages in the page cache backed by read only files and as such escalate their privileges on the system.

Readme

A vulnerability was found in Linux Kernel up to 5.10.101/5.15.24/5.16.10 (Operating System) and classified as critical. This issue affects some unknown processing of the component Pipe Handler. Impacted is confidentiality, integrity, and availability.

The weakness was presented 03/08/2022. The advisory is shared at dirtypipe.cm4all.com. The identification of this vulnerability is CVE-2022-0847. The exploitation is known to be easy. The attack may be initiated remotely. Required for exploitation is a simple authentication. Technical details are unknown but a public exploit is available.

Upgrading to version 5.10.102, 5.15.25 or 5.16.11 eliminates this vulnerability. Applying a patch is able to eliminate this problem. The bugfix is ready for download at lore.kernel.org. The best possible mitigation is suggested to be upgrading to the latest version.
* POC https://github.com/Mustafa1986/CVE-2022-0847-DirtyPipe-Exploit/blob/main/CVE-2022-0847.gif

File Snapshot


 [4.0K]  /data/pocs/3c9251cd0911a6aa284a7b7ca7c775b091cc5a77
├── [ 86K]  CVE-2022-0847.gif
├── [4.9K]  dirtypipe.c
└── [ 959]  README.md

0 directories, 3 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. Local POC snapshots are reserved for subscribers — if the original source is unavailable, the local mirror is part of the paid plan.

View subscription plans →

Goal Reached Thanks to every supporter — we hit 100%!