一、 漏洞 CVE-2022-0847 基础信息
漏洞信息
                                        # N/A

# 漏洞描述

## 概述
Linux 内核中的 `copy_page_to_iter_pipe` 和 `push_pipe` 函数在处理新的管道缓冲区结构时,未正确初始化 "flags" 成员,导致其可能包含失效值。未授权的本地用户可以利用此漏洞写入由只读文件支持的页面缓存中的页面,从而提升其在系统上的权限。

## 影响版本
未指定具体影响版本

## 细节
在 `copy_page_to_iter_pipe` 和 `push_pipe` 函数中,新的管道缓冲区结构的 "flags" 成员未得到适当的初始化。这可能导致该成员包含失效值,从而使未授权的本地用户能够获取并写入由只读文件支持的页面缓存中的页面。

## 影响
未授权的本地用户可以利用此漏洞写入页面缓存中的页面,这些页面是由只读文件支持的。这可能导致用户提升其在系统上的权限。
提示
尽管我们采用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。
神龙会尽力确保数据准确,但也请结合实际情况进行甄别与判断。
神龙祝您一切顺利!
漏洞标题
N/A
来源:美国国家漏洞数据库 NVD
漏洞描述信息
A flaw was found in the way the "flags" member of the new pipe buffer structure was lacking proper initialization in copy_page_to_iter_pipe and push_pipe functions in the Linux kernel and could thus contain stale values. An unprivileged local user could use this flaw to write to pages in the page cache backed by read only files and as such escalate their privileges on the system.
来源:美国国家漏洞数据库 NVD
CVSS信息
N/A
来源:美国国家漏洞数据库 NVD
漏洞类别
初始化不恰当
来源:美国国家漏洞数据库 NVD
漏洞标题
Linux kernel 安全漏洞
来源:中国国家信息安全漏洞库 CNNVD
漏洞描述信息
Linux kernel是美国Linux基金会的开源操作系统Linux所使用的内核。 Linux kernel 存在安全漏洞,该漏洞源于新管道缓冲区结构的“flag”变量在 Linux 内核中的 copy_page_to_iter_pipe 和 push_pipe 函数中缺乏正确初始化。非特权本地用户利用该漏洞可以提升权限至root。以下产品和版本受到影响:Linux Kernel 5.8-5.16.11、5.8-5.15.25、5.8-5.10.102。
来源:中国国家信息安全漏洞库 CNNVD
CVSS信息
N/A
来源:中国国家信息安全漏洞库 CNNVD
漏洞类别
其他
来源:中国国家信息安全漏洞库 CNNVD
二、漏洞 CVE-2022-0847 的公开POC
# POC 描述 源链接 神龙链接
1 This is the story of CVE-2022-0847, a vulnerability in the Linux kernel since 5.8 which allows overwriting data in arbitrary read-only files. This leads to privilege escalation because unprivileged processes can inject code into root processes. https://github.com/Udyz/CVE-2022-0847 POC详情
2 CVE-2022-0847 https://github.com/bbaranoff/CVE-2022-0847 POC详情
3 Vulnerability in the Linux kernel since 5.8 https://github.com/xndpxs/CVE-2022-0847 POC详情
4 CVE-2022-0847-DirtyPipe-Exploit CVE-2022-0847 是存在于 Linux内核 5.8 及之后版本中的本地提权漏洞。攻击者通过利用此漏洞,可覆盖重写任意可读文件中的数据,从而可将普通权限的用户提升到特权 root。 CVE-2022-0847 的漏洞原理类似于 CVE-2016-5195 脏牛漏洞(Dirty Cow),但它更容易被利用。漏洞作者将此漏洞命名为“Dirty Pipe” https://github.com/r1is/CVE-2022-0847 POC详情
5 A root exploit for CVE-2022-0847 (Dirty Pipe) https://github.com/Arinerron/CVE-2022-0847-DirtyPipe-Exploit POC详情
6 66666 https://github.com/2xYuan/CVE-2022-0847 POC详情
7 CVE-2022-0847 exploit one liner https://github.com/crowsec-edtech/Dirty-Pipe POC详情
8 None https://github.com/lucksec/CVE-2022-0847 POC详情
9 CVE-2022-0487 https://github.com/si1ent-le/CVE-2022-0847 POC详情
10 None https://github.com/bohr777/cve-2022-0847dirtypipe-exploit POC详情
11 Linux Kernel Local Privilege Escalation Vulnerability CVE-2022-0847. https://github.com/antx-code/CVE-2022-0847 POC详情
12 An exploit for CVE-2022-0847 dirty-pipe vulnerability https://github.com/cspshivam/CVE-2022-0847-dirty-pipe-exploit POC详情
13 CVE-2022-0847 DirtyPipe Exploit. https://github.com/febinrev/dirtypipez-exploit POC详情
14 CVE-2022-0847: Linux Kernel Privilege Escalation Vulnerability https://github.com/ahrixia/CVE_2022_0847 POC详情
15 The Dirty Pipe Vulnerability https://github.com/knqyf263/CVE-2022-0847 POC详情
16 None https://github.com/puckiestyle/CVE-2022-0847 POC详情
17 Implementation of Max Kellermann's exploit for CVE-2022-0847 https://github.com/0xIronGoat/dirty-pipe POC详情
18 None https://github.com/ITMarcin2211/CVE-2022-0847-DirtyPipe-Exploit POC详情
19 Docker exploit https://github.com/mrchucu1/CVE-2022-0847-Docker POC详情
20 Bash script to check for CVE-2022-0847 "Dirty Pipe" https://github.com/basharkey/CVE-2022-0847-dirty-pipe-checker POC详情
21 CVE-2022-0847 https://github.com/4luc4rdr5290/CVE-2022-0847 POC详情
22 A “Dirty Pipe” vulnerability with CVE-2022-0847 and a CVSS score of 7.8 has been identified, affecting Linux Kernel 5.8 and higher. The vulnerability allows attackers to overwrite data in read-only files. Threat actors can exploit this vulnerability to privilege themselves with code injection. https://github.com/dadhee/CVE-2022-0847_DirtyPipeExploit POC详情
23 None https://github.com/Greetdawn/CVE-2022-0847-DirtyPipe POC详情
24 CVE-2022-0847 https://github.com/Al1ex/CVE-2022-0847 POC详情
25 None https://github.com/Mustafa1986/CVE-2022-0847-DirtyPipe-Exploit POC详情
26 Dirty Pipe (CVE-2022-0847) PoC that hijacks a SUID binary to spawn. a root shell. (and attempts to restore the damaged binary as well) https://github.com/nanaao/Dirtypipe-exploit POC详情
27 None https://github.com/AyoubNajim/cve-2022-0847dirtypipe-exploit POC详情
28 None https://github.com/pentestblogin/pentestblog-CVE-2022-0847 POC详情
29 Dirty Pipe POC https://github.com/gyaansastra/CVE-2022-0847 POC详情
30 Container Excape PoC for CVE-2022-0847 "DirtyPipe" https://github.com/DataDog/dirtypipe-container-breakout-poc POC详情
31 A root exploit for CVE-2022-0847 (Dirty Pipe) https://github.com/babyshen/CVE-2022-0847 POC详情
32 None https://github.com/edsonjt81/CVE-2022-0847-Linux POC详情
33 CVE-2022-0847 POC and Docker and Analysis write up https://github.com/chenaotian/CVE-2022-0847 POC详情
34 CVE-2022-0847-DirtyPipe-Exploit https://github.com/V0WKeep3r/CVE-2022-0847-DirtyPipe-Exploit POC详情
35 None https://github.com/al4xs/CVE-2022-0847-Dirty-Pipe POC详情
36 None https://github.com/Greetdawn/CVE-2022-0847-DirtyPipe- POC详情
37 A Python-based DirtyPipe (CVE-2022-0847) POC to pop a root shell https://github.com/crusoe112/DirtyPipePython POC详情
38 CVE-2022-0847 Python exploit to get root or write a no write permission, immutable or read-only mounted file. https://github.com/nanaao/dirtyPipe-automaticRoot POC详情
39 my personal exploit of CVE-2022-0847(dirty pipe) https://github.com/arttnba3/CVE-2022-0847 POC详情
40 A collection of exploits and documentation that can be used to exploit the Linux Dirty Pipe vulnerability. https://github.com/AlexisAhmed/CVE-2022-0847-DirtyPipe-Exploits POC详情
41 CVE-2022-0847 (Dirty Pipe) is an arbitrary file overwrite vulnerability that allows escalation of privileges by modifying or overwriting arbitrary read-only files e.g. /etc/passwd, /etc/shadow. https://github.com/sa-infinity8888/Dirty-Pipe-CVE-2022-0847 POC详情
42 Dirty Pipe (CVE-2022-0847) zafiyeti kontrolü https://github.com/realbatuhan/dirtypipetester POC详情
43 dirtypipe https://github.com/CYB3RK1D/CVE-2022-0847-POC POC详情
44 CVE-2022-0847 POC https://github.com/breachnix/dirty-pipe-poc POC详情
45 Implementation of CVE-2022-0847 as a shellcode https://github.com/Shotokhan/cve_2022_0847_shellcode POC详情
46 None https://github.com/githublihaha/DirtyPIPE-CVE-2022-0847 POC详情
47 Python script to check if your kernel is vulnerable to Dirty pipe CVE-2022-0847 https://github.com/MrP1xel/CVE-2022-0847-dirty-pipe-kernel-checker POC详情
48 PoC Container Breakout for DirtyPipe Vulnerability CVE-2022-0847 https://github.com/jpts/CVE-2022-0847-DirtyPipe-Container-Breakout POC详情
49 Hacked up Dirty Pipe (CVE-2022-0847) PoC that hijacks a SUID binary to spawn a root shell. (and attempts to restore the damaged binary as well) https://github.com/LudovicPatho/CVE-2022-0847_dirty-pipe POC详情
50 pwncat module that automatically exploits CVE-2022-0847 (dirtypipe) https://github.com/DanaEpp/pwncat_dirtypipe POC详情
51 Dirty Pipe - CVE-2022-0847 https://github.com/tmoneypenny/CVE-2022-0847 POC详情
52 Exploit for Dirty-Pipe (CVE-2022-0847) https://github.com/scopion/dirty-pipe POC详情
53 Presentation slides and supplementary material https://github.com/stfnw/Debugging_Dirty_Pipe_CVE-2022-0847 POC详情
54 DirtyPipe: Exploit for a new Linux vulnerability known as 'Dirty Pipe(CVE-2022-0847)' allows local users to gain root privileges. The vulnerability is tracked as CVE-2022-0847 and allows a non-privileged user to inject and overwrite data in read-only files, including SUID processes that run as root. https://github.com/drapl0n/dirtypipe POC详情
55 Linux “Dirty Pipe” vulnerability gives unprivileged users root access https://github.com/0xr1l3s/CVE-2022-0847 POC详情
56 Dirty Pipe Vulnerability Detection Script - RHSB-2022-002 Dirty Pipe - kernel arbitrary file manipulation - (CVE-2022-0847) https://github.com/mhanief/dirtypipe POC详情
57 None https://github.com/tufanturhan/CVE-2022-0847-L-nux-PrivEsc POC详情
58 Scripted Linux Privilege Escalation for the CVE-2022-0847 "Dirty Pipe" vulnerability https://github.com/rexpository/linux-privilege-escalation POC详情
59 Files required to demonstrate CVE-2022-0847 vulnerability in Linux Kernel v5.8 https://github.com/isaiahsimeone/COMP3320-VAPT POC详情
60 This repository is developed to analysis and understand DirtyPipe exploit CVE-2022-0847 https://github.com/VinuKalana/DirtyPipe-CVE-2022-0847 POC详情
61 A Simple bash script that patches the CVE-2022-0847 (dirty pipe) kernel vulnerability on Debian 11 https://github.com/ih3na/debian11-dirty_pipe-patcher POC详情
62 CVE-2022-0847 used to achieve container escape 利用CVE-2022-0847 (Dirty Pipe) 实现容器逃逸 https://github.com/greenhandatsjtu/CVE-2022-0847-Container-Escape POC详情
63 A collection of exploits and documentation that can be used to exploit the Linux Dirty Pipe vulnerability. https://github.com/flux10n/CVE-2022-0847-DirtyPipe-Exploits POC详情
64 An eBPF detection program for CVE-2022-0847 https://github.com/airbus-cert/dirtypipe-ebpf_detection POC详情
65 exp of CVE-2022-0847 https://github.com/edr1412/Dirty-Pipe POC详情
66 COMPILED https://github.com/eduquintanilha/CVE-2022-0847-DirtyPipe-Exploits POC详情
67 Modified dirtypipe script into auto root without have to search a file manually to hijack suid binary. https://github.com/EagleTube/CVE-2022-0847 POC详情
68 CVE-2022-0847 used to achieve container escape 利用CVE-2022-0847 (Dirty Pipe) 实现容器逃逸 https://github.com/yoeelingBin/CVE-2022-0847-Container-Escape POC详情
69 None https://github.com/cont3mpt/CVE-2022-0847 POC详情
70 Proof-of-concept exploit for the Dirty Pipe vulnerability (CVE-2022-0847) https://github.com/notl0cal/dpipe POC详情
71 CVE-2022-0847(Dirty Pipe) vulnerability exploits. https://github.com/Gustavo-Nogueira/Dirty-Pipe-Exploits POC详情
72 Compled version of CVE-2022-0847 aka Dirty Pipe. Just one shot to root them all :D https://github.com/b4dboy17/Dirty-Pipe-Oneshot POC详情
73 None https://github.com/edsonjt81/CVE-2022-0847-DirtyPipe- POC详情
74 Resources required for building Pluralsight CVE-2022-0847 lab https://github.com/Turzum/ps-lab-cve-2022-0847 POC详情
75 修改版CVE-2022-0847 https://github.com/qwert419/linux- POC详情
76 CVE-2022-0847 https://github.com/DataFox/CVE-2022-0847 POC详情
77 Dirty Pipe Kernel Vulnerability Exploit https://github.com/pmihsan/Dirty-Pipe-CVE-2022-0847 POC详情
78 None https://github.com/ajith737/Dirty-Pipe-CVE-2022-0847-POCs POC详情
79 This is a repo to showcase the dirty pipe Linux Kernel Vulnerability. https://github.com/mutur4/CVE-2022-0847 POC详情
80 None https://github.com/orsuprasad/CVE-2022-0847-DirtyPipe-Exploits POC详情
81 None https://github.com/4bhishek0/CVE-2022-0847-Poc POC详情
82 A simple exploit that uses dirtypipe to inject shellcode into runC entrypoint to implement container escapes. https://github.com/JlSakuya/CVE-2022-0847-container-escape POC详情
83 check cve-2022-0847 https://github.com/jonathanbest7/cve-2022-0847 POC详情
84 POC Exploit to add user to Sudo for CVE-2022-0847 Dirty Pipe Vulnerability https://github.com/0xeremus/dirty-pipe-poc POC详情
85 An eBPF program to detect attacks on CVE-2022-0847 https://github.com/h4ckm310n/CVE-2022-0847-eBPF POC详情
86 Using CVE-2022-0847, "Dirty Pipe Exploit", to pop a reverse bash shell for arbitrary code execution on a foreign machine. https://github.com/joeymeech/CVE-2022-0847-Exploit-Implementation POC详情
87 CVE: CVE-2022-0847 https://github.com/pashayogi/DirtyPipe POC详情
88 Working Dirty Pipe (CVE-2022-0847) exploit tool with root access and file overwrites. https://github.com/n3rada/DirtyPipe POC详情
89 Bash script to check if kernel is vulnerable https://github.com/ayushx007/CVE-2022-0847-dirty-pipe-checker POC详情
90 None https://github.com/ayushx007/CVE-2022-0847-DirtyPipe-Exploits POC详情
91 None https://github.com/solomon12354/CVE-2022-0847-Dirty_Pipe_virus POC详情
92 None https://github.com/nu1l-ptr/CVE-2022-0847-Poc POC详情
93 None https://github.com/letsr00t/CVE-2022-0847 POC详情
94 None https://github.com/solomon12354/LockingGirl-----CVE-2022-0847-Dirty_Pipe_virus POC详情
95 None https://github.com/xsxtw/CVE-2022-0847 POC详情
96 A collection of exploits and documentation that can be used to exploit the Linux Dirty Pipe vulnerability. https://github.com/jxpsx/CVE-2022-0847-DirtyPipe-Exploits POC详情
97 None https://github.com/Asbatel/CBDS_CVE-2022-0847_POC POC详情
98 None https://github.com/muhammad1596/CVE-2022-0847-dirty-pipe-checker POC详情
99 None https://github.com/muhammad1596/CVE-2022-0847-DirtyPipe-Exploits POC详情
100 This is the story of CVE-2022-0847, a vulnerability in the Linux kernel since 5.8 which allows overwriting data in arbitrary read-only files. This leads to privilege escalation because unprivileged processes can inject code into root processes. https://github.com/CPT-Jack-A-Castle/CVE-2022-0847 POC详情
101 Linux Kernel Local Privilege Escalation Vulnerability CVE-2022-0847. https://github.com/ZZ-SOCMAP/CVE-2022-0847 POC详情
102 None https://github.com/JustinYe377/CTF-CVE-2022-0847 POC详情
103 The **Dirty Pipe exploit (CVE-2022-0847)** is a Linux kernel vulnerability (v5.8+) allowing unprivileged attackers to overwrite arbitrary files via a flaw in the pipe mechanism. This leads to privilege escalation, granting root access. Similar to Dirty Cow but easier to exploit. Fix: Update to a patched kernel version. https://github.com/mithunmadhukuttan/Dirty-Pipe-Exploit POC详情
104 CVE-2022-0847 https://github.com/Mephierr/DirtyPipe_exploit POC详情
105 None https://github.com/RogelioPumajulca/CVE-2022-0847 POC详情
106 None https://github.com/osungjinwoo/CVE-2022-0847-Dirty-Pipe POC详情
107 Proof of concept for CVE-2022-0847 https://github.com/karanlvm/DirtyPipe-Exploit POC详情
108 A root exploit for CVE-2022-0847 (Dirty Pipe) https://github.com/cypherlobo/DirtyPipe-BSI POC详情
109 None https://github.com/Threekiii/Awesome-POC/blob/master/%E6%93%8D%E4%BD%9C%E7%B3%BB%E7%BB%9F%E6%BC%8F%E6%B4%9E/Linux%20DirtyPipe%20%E6%9D%83%E9%99%90%E6%8F%90%E5%8D%87%E6%BC%8F%E6%B4%9E%20CVE-2022-0847.md POC详情
110 exp of CVE-2022-0847 https://github.com/zzzchuu/Dirty-Pipe POC详情
三、漏洞 CVE-2022-0847 的情报信息