# N/A
# 漏洞描述
## 概述
Linux 内核中的 `copy_page_to_iter_pipe` 和 `push_pipe` 函数在处理新的管道缓冲区结构时,未正确初始化 "flags" 成员,导致其可能包含失效值。未授权的本地用户可以利用此漏洞写入由只读文件支持的页面缓存中的页面,从而提升其在系统上的权限。
## 影响版本
未指定具体影响版本
## 细节
在 `copy_page_to_iter_pipe` 和 `push_pipe` 函数中,新的管道缓冲区结构的 "flags" 成员未得到适当的初始化。这可能导致该成员包含失效值,从而使未授权的本地用户能够获取并写入由只读文件支持的页面缓存中的页面。
## 影响
未授权的本地用户可以利用此漏洞写入页面缓存中的页面,这些页面是由只读文件支持的。这可能导致用户提升其在系统上的权限。
# | POC 描述 | 源链接 | 神龙链接 |
---|---|---|---|
1 | This is the story of CVE-2022-0847, a vulnerability in the Linux kernel since 5.8 which allows overwriting data in arbitrary read-only files. This leads to privilege escalation because unprivileged processes can inject code into root processes. | https://github.com/Udyz/CVE-2022-0847 | POC详情 |
2 | CVE-2022-0847 | https://github.com/bbaranoff/CVE-2022-0847 | POC详情 |
3 | Vulnerability in the Linux kernel since 5.8 | https://github.com/xndpxs/CVE-2022-0847 | POC详情 |
4 | CVE-2022-0847-DirtyPipe-Exploit CVE-2022-0847 是存在于 Linux内核 5.8 及之后版本中的本地提权漏洞。攻击者通过利用此漏洞,可覆盖重写任意可读文件中的数据,从而可将普通权限的用户提升到特权 root。 CVE-2022-0847 的漏洞原理类似于 CVE-2016-5195 脏牛漏洞(Dirty Cow),但它更容易被利用。漏洞作者将此漏洞命名为“Dirty Pipe” | https://github.com/r1is/CVE-2022-0847 | POC详情 |
5 | A root exploit for CVE-2022-0847 (Dirty Pipe) | https://github.com/Arinerron/CVE-2022-0847-DirtyPipe-Exploit | POC详情 |
6 | 66666 | https://github.com/2xYuan/CVE-2022-0847 | POC详情 |
7 | CVE-2022-0847 exploit one liner | https://github.com/crowsec-edtech/Dirty-Pipe | POC详情 |
8 | None | https://github.com/lucksec/CVE-2022-0847 | POC详情 |
9 | CVE-2022-0487 | https://github.com/si1ent-le/CVE-2022-0847 | POC详情 |
10 | None | https://github.com/bohr777/cve-2022-0847dirtypipe-exploit | POC详情 |
11 | Linux Kernel Local Privilege Escalation Vulnerability CVE-2022-0847. | https://github.com/antx-code/CVE-2022-0847 | POC详情 |
12 | An exploit for CVE-2022-0847 dirty-pipe vulnerability | https://github.com/cspshivam/CVE-2022-0847-dirty-pipe-exploit | POC详情 |
13 | CVE-2022-0847 DirtyPipe Exploit. | https://github.com/febinrev/dirtypipez-exploit | POC详情 |
14 | CVE-2022-0847: Linux Kernel Privilege Escalation Vulnerability | https://github.com/ahrixia/CVE_2022_0847 | POC详情 |
15 | The Dirty Pipe Vulnerability | https://github.com/knqyf263/CVE-2022-0847 | POC详情 |
16 | None | https://github.com/puckiestyle/CVE-2022-0847 | POC详情 |
17 | Implementation of Max Kellermann's exploit for CVE-2022-0847 | https://github.com/0xIronGoat/dirty-pipe | POC详情 |
18 | None | https://github.com/ITMarcin2211/CVE-2022-0847-DirtyPipe-Exploit | POC详情 |
19 | Docker exploit | https://github.com/mrchucu1/CVE-2022-0847-Docker | POC详情 |
20 | Bash script to check for CVE-2022-0847 "Dirty Pipe" | https://github.com/basharkey/CVE-2022-0847-dirty-pipe-checker | POC详情 |
21 | CVE-2022-0847 | https://github.com/4luc4rdr5290/CVE-2022-0847 | POC详情 |
22 | A “Dirty Pipe” vulnerability with CVE-2022-0847 and a CVSS score of 7.8 has been identified, affecting Linux Kernel 5.8 and higher. The vulnerability allows attackers to overwrite data in read-only files. Threat actors can exploit this vulnerability to privilege themselves with code injection. | https://github.com/dadhee/CVE-2022-0847_DirtyPipeExploit | POC详情 |
23 | None | https://github.com/Greetdawn/CVE-2022-0847-DirtyPipe | POC详情 |
24 | CVE-2022-0847 | https://github.com/Al1ex/CVE-2022-0847 | POC详情 |
25 | None | https://github.com/Mustafa1986/CVE-2022-0847-DirtyPipe-Exploit | POC详情 |
26 | Dirty Pipe (CVE-2022-0847) PoC that hijacks a SUID binary to spawn. a root shell. (and attempts to restore the damaged binary as well) | https://github.com/nanaao/Dirtypipe-exploit | POC详情 |
27 | None | https://github.com/AyoubNajim/cve-2022-0847dirtypipe-exploit | POC详情 |
28 | None | https://github.com/pentestblogin/pentestblog-CVE-2022-0847 | POC详情 |
29 | Dirty Pipe POC | https://github.com/gyaansastra/CVE-2022-0847 | POC详情 |
30 | Container Excape PoC for CVE-2022-0847 "DirtyPipe" | https://github.com/DataDog/dirtypipe-container-breakout-poc | POC详情 |
31 | A root exploit for CVE-2022-0847 (Dirty Pipe) | https://github.com/babyshen/CVE-2022-0847 | POC详情 |
32 | None | https://github.com/edsonjt81/CVE-2022-0847-Linux | POC详情 |
33 | CVE-2022-0847 POC and Docker and Analysis write up | https://github.com/chenaotian/CVE-2022-0847 | POC详情 |
34 | CVE-2022-0847-DirtyPipe-Exploit | https://github.com/V0WKeep3r/CVE-2022-0847-DirtyPipe-Exploit | POC详情 |
35 | None | https://github.com/al4xs/CVE-2022-0847-Dirty-Pipe | POC详情 |
36 | None | https://github.com/Greetdawn/CVE-2022-0847-DirtyPipe- | POC详情 |
37 | A Python-based DirtyPipe (CVE-2022-0847) POC to pop a root shell | https://github.com/crusoe112/DirtyPipePython | POC详情 |
38 | CVE-2022-0847 Python exploit to get root or write a no write permission, immutable or read-only mounted file. | https://github.com/nanaao/dirtyPipe-automaticRoot | POC详情 |
39 | my personal exploit of CVE-2022-0847(dirty pipe) | https://github.com/arttnba3/CVE-2022-0847 | POC详情 |
40 | A collection of exploits and documentation that can be used to exploit the Linux Dirty Pipe vulnerability. | https://github.com/AlexisAhmed/CVE-2022-0847-DirtyPipe-Exploits | POC详情 |
41 | CVE-2022-0847 (Dirty Pipe) is an arbitrary file overwrite vulnerability that allows escalation of privileges by modifying or overwriting arbitrary read-only files e.g. /etc/passwd, /etc/shadow. | https://github.com/sa-infinity8888/Dirty-Pipe-CVE-2022-0847 | POC详情 |
42 | Dirty Pipe (CVE-2022-0847) zafiyeti kontrolü | https://github.com/realbatuhan/dirtypipetester | POC详情 |
43 | dirtypipe | https://github.com/CYB3RK1D/CVE-2022-0847-POC | POC详情 |
44 | CVE-2022-0847 POC | https://github.com/breachnix/dirty-pipe-poc | POC详情 |
45 | Implementation of CVE-2022-0847 as a shellcode | https://github.com/Shotokhan/cve_2022_0847_shellcode | POC详情 |
46 | None | https://github.com/githublihaha/DirtyPIPE-CVE-2022-0847 | POC详情 |
47 | Python script to check if your kernel is vulnerable to Dirty pipe CVE-2022-0847 | https://github.com/MrP1xel/CVE-2022-0847-dirty-pipe-kernel-checker | POC详情 |
48 | PoC Container Breakout for DirtyPipe Vulnerability CVE-2022-0847 | https://github.com/jpts/CVE-2022-0847-DirtyPipe-Container-Breakout | POC详情 |
49 | Hacked up Dirty Pipe (CVE-2022-0847) PoC that hijacks a SUID binary to spawn a root shell. (and attempts to restore the damaged binary as well) | https://github.com/LudovicPatho/CVE-2022-0847_dirty-pipe | POC详情 |
50 | pwncat module that automatically exploits CVE-2022-0847 (dirtypipe) | https://github.com/DanaEpp/pwncat_dirtypipe | POC详情 |
51 | Dirty Pipe - CVE-2022-0847 | https://github.com/tmoneypenny/CVE-2022-0847 | POC详情 |
52 | Exploit for Dirty-Pipe (CVE-2022-0847) | https://github.com/scopion/dirty-pipe | POC详情 |
53 | Presentation slides and supplementary material | https://github.com/stfnw/Debugging_Dirty_Pipe_CVE-2022-0847 | POC详情 |
54 | DirtyPipe: Exploit for a new Linux vulnerability known as 'Dirty Pipe(CVE-2022-0847)' allows local users to gain root privileges. The vulnerability is tracked as CVE-2022-0847 and allows a non-privileged user to inject and overwrite data in read-only files, including SUID processes that run as root. | https://github.com/drapl0n/dirtypipe | POC详情 |
55 | Linux “Dirty Pipe” vulnerability gives unprivileged users root access | https://github.com/0xr1l3s/CVE-2022-0847 | POC详情 |
56 | Dirty Pipe Vulnerability Detection Script - RHSB-2022-002 Dirty Pipe - kernel arbitrary file manipulation - (CVE-2022-0847) | https://github.com/mhanief/dirtypipe | POC详情 |
57 | None | https://github.com/tufanturhan/CVE-2022-0847-L-nux-PrivEsc | POC详情 |
58 | Scripted Linux Privilege Escalation for the CVE-2022-0847 "Dirty Pipe" vulnerability | https://github.com/rexpository/linux-privilege-escalation | POC详情 |
59 | Files required to demonstrate CVE-2022-0847 vulnerability in Linux Kernel v5.8 | https://github.com/isaiahsimeone/COMP3320-VAPT | POC详情 |
60 | This repository is developed to analysis and understand DirtyPipe exploit CVE-2022-0847 | https://github.com/VinuKalana/DirtyPipe-CVE-2022-0847 | POC详情 |
61 | A Simple bash script that patches the CVE-2022-0847 (dirty pipe) kernel vulnerability on Debian 11 | https://github.com/ih3na/debian11-dirty_pipe-patcher | POC详情 |
62 | CVE-2022-0847 used to achieve container escape 利用CVE-2022-0847 (Dirty Pipe) 实现容器逃逸 | https://github.com/greenhandatsjtu/CVE-2022-0847-Container-Escape | POC详情 |
63 | A collection of exploits and documentation that can be used to exploit the Linux Dirty Pipe vulnerability. | https://github.com/flux10n/CVE-2022-0847-DirtyPipe-Exploits | POC详情 |
64 | An eBPF detection program for CVE-2022-0847 | https://github.com/airbus-cert/dirtypipe-ebpf_detection | POC详情 |
65 | exp of CVE-2022-0847 | https://github.com/edr1412/Dirty-Pipe | POC详情 |
66 | COMPILED | https://github.com/eduquintanilha/CVE-2022-0847-DirtyPipe-Exploits | POC详情 |
67 | Modified dirtypipe script into auto root without have to search a file manually to hijack suid binary. | https://github.com/EagleTube/CVE-2022-0847 | POC详情 |
68 | CVE-2022-0847 used to achieve container escape 利用CVE-2022-0847 (Dirty Pipe) 实现容器逃逸 | https://github.com/yoeelingBin/CVE-2022-0847-Container-Escape | POC详情 |
69 | None | https://github.com/cont3mpt/CVE-2022-0847 | POC详情 |
70 | Proof-of-concept exploit for the Dirty Pipe vulnerability (CVE-2022-0847) | https://github.com/notl0cal/dpipe | POC详情 |
71 | CVE-2022-0847(Dirty Pipe) vulnerability exploits. | https://github.com/Gustavo-Nogueira/Dirty-Pipe-Exploits | POC详情 |
72 | Compled version of CVE-2022-0847 aka Dirty Pipe. Just one shot to root them all :D | https://github.com/b4dboy17/Dirty-Pipe-Oneshot | POC详情 |
73 | None | https://github.com/edsonjt81/CVE-2022-0847-DirtyPipe- | POC详情 |
74 | Resources required for building Pluralsight CVE-2022-0847 lab | https://github.com/Turzum/ps-lab-cve-2022-0847 | POC详情 |
75 | 修改版CVE-2022-0847 | https://github.com/qwert419/linux- | POC详情 |
76 | CVE-2022-0847 | https://github.com/DataFox/CVE-2022-0847 | POC详情 |
77 | Dirty Pipe Kernel Vulnerability Exploit | https://github.com/pmihsan/Dirty-Pipe-CVE-2022-0847 | POC详情 |
78 | None | https://github.com/ajith737/Dirty-Pipe-CVE-2022-0847-POCs | POC详情 |
79 | This is a repo to showcase the dirty pipe Linux Kernel Vulnerability. | https://github.com/mutur4/CVE-2022-0847 | POC详情 |
80 | None | https://github.com/orsuprasad/CVE-2022-0847-DirtyPipe-Exploits | POC详情 |
81 | None | https://github.com/4bhishek0/CVE-2022-0847-Poc | POC详情 |
82 | A simple exploit that uses dirtypipe to inject shellcode into runC entrypoint to implement container escapes. | https://github.com/JlSakuya/CVE-2022-0847-container-escape | POC详情 |
83 | check cve-2022-0847 | https://github.com/jonathanbest7/cve-2022-0847 | POC详情 |
84 | POC Exploit to add user to Sudo for CVE-2022-0847 Dirty Pipe Vulnerability | https://github.com/0xeremus/dirty-pipe-poc | POC详情 |
85 | An eBPF program to detect attacks on CVE-2022-0847 | https://github.com/h4ckm310n/CVE-2022-0847-eBPF | POC详情 |
86 | Using CVE-2022-0847, "Dirty Pipe Exploit", to pop a reverse bash shell for arbitrary code execution on a foreign machine. | https://github.com/joeymeech/CVE-2022-0847-Exploit-Implementation | POC详情 |
87 | CVE: CVE-2022-0847 | https://github.com/pashayogi/DirtyPipe | POC详情 |
88 | Working Dirty Pipe (CVE-2022-0847) exploit tool with root access and file overwrites. | https://github.com/n3rada/DirtyPipe | POC详情 |
89 | Bash script to check if kernel is vulnerable | https://github.com/ayushx007/CVE-2022-0847-dirty-pipe-checker | POC详情 |
90 | None | https://github.com/ayushx007/CVE-2022-0847-DirtyPipe-Exploits | POC详情 |
91 | None | https://github.com/solomon12354/CVE-2022-0847-Dirty_Pipe_virus | POC详情 |
92 | None | https://github.com/nu1l-ptr/CVE-2022-0847-Poc | POC详情 |
93 | None | https://github.com/letsr00t/CVE-2022-0847 | POC详情 |
94 | None | https://github.com/solomon12354/LockingGirl-----CVE-2022-0847-Dirty_Pipe_virus | POC详情 |
95 | None | https://github.com/xsxtw/CVE-2022-0847 | POC详情 |
96 | A collection of exploits and documentation that can be used to exploit the Linux Dirty Pipe vulnerability. | https://github.com/jxpsx/CVE-2022-0847-DirtyPipe-Exploits | POC详情 |
97 | None | https://github.com/Asbatel/CBDS_CVE-2022-0847_POC | POC详情 |
98 | None | https://github.com/muhammad1596/CVE-2022-0847-dirty-pipe-checker | POC详情 |
99 | None | https://github.com/muhammad1596/CVE-2022-0847-DirtyPipe-Exploits | POC详情 |
100 | This is the story of CVE-2022-0847, a vulnerability in the Linux kernel since 5.8 which allows overwriting data in arbitrary read-only files. This leads to privilege escalation because unprivileged processes can inject code into root processes. | https://github.com/CPT-Jack-A-Castle/CVE-2022-0847 | POC详情 |
101 | Linux Kernel Local Privilege Escalation Vulnerability CVE-2022-0847. | https://github.com/ZZ-SOCMAP/CVE-2022-0847 | POC详情 |
102 | None | https://github.com/JustinYe377/CTF-CVE-2022-0847 | POC详情 |
103 | The **Dirty Pipe exploit (CVE-2022-0847)** is a Linux kernel vulnerability (v5.8+) allowing unprivileged attackers to overwrite arbitrary files via a flaw in the pipe mechanism. This leads to privilege escalation, granting root access. Similar to Dirty Cow but easier to exploit. Fix: Update to a patched kernel version. | https://github.com/mithunmadhukuttan/Dirty-Pipe-Exploit | POC详情 |
104 | CVE-2022-0847 | https://github.com/Mephierr/DirtyPipe_exploit | POC详情 |
105 | None | https://github.com/RogelioPumajulca/CVE-2022-0847 | POC详情 |
106 | None | https://github.com/osungjinwoo/CVE-2022-0847-Dirty-Pipe | POC详情 |
107 | Proof of concept for CVE-2022-0847 | https://github.com/karanlvm/DirtyPipe-Exploit | POC详情 |
108 | A root exploit for CVE-2022-0847 (Dirty Pipe) | https://github.com/cypherlobo/DirtyPipe-BSI | POC详情 |
109 | None | https://github.com/Threekiii/Awesome-POC/blob/master/%E6%93%8D%E4%BD%9C%E7%B3%BB%E7%BB%9F%E6%BC%8F%E6%B4%9E/Linux%20DirtyPipe%20%E6%9D%83%E9%99%90%E6%8F%90%E5%8D%87%E6%BC%8F%E6%B4%9E%20CVE-2022-0847.md | POC详情 |
110 | exp of CVE-2022-0847 | https://github.com/zzzchuu/Dirty-Pipe | POC详情 |
111 | A Simple bash script that patches the CVE-2022-0847 (dirty pipe) kernel vulnerability on Debian 11 | https://github.com/ihenakaarachchi/debian11-dirty_pipe-patcher | POC详情 |
112 | Simple Exploit for Dirty Pipe Vulnerability (CVE-2022-0847) This repository contains a simple proof of concept (PoC) for the Dirty Pipe vulnerability (CVE-2022-0847), which affects Linux kernel versions 5.8 to 5.16. This exploit demonstrates local privilege escalation by leveraging improper handling of pipe buffers in the kernel. | https://github.com/byteReaper77/Dirty-Pipe | POC详情 |
113 | None | https://github.com/DelphineTan/Murdoch-CVE-2022-0847 | POC详情 |
114 | DirtyPipe (CVE-2022-0847) exploit written in Rust | https://github.com/morgenm/dirtypipe | POC详情 |
115 | None | https://github.com/Scouserr/cve-2022-0847-poc-dockerimage | POC详情 |
暂无评论