Unrated severityCISA KEVNVD Advisory· Published Mar 7, 2022· Updated Oct 21, 2025
CVE-2022-0847
CVE-2022-0847
Description
A flaw was found in the way the "flags" member of the new pipe buffer structure was lacking proper initialization in copy_page_to_iter_pipe and push_pipe functions in the Linux kernel and could thus contain stale values. An unprivileged local user could use this flaw to write to pages in the page cache backed by read only files and as such escalate their privileges on the system.
Affected products
1- Linux/Linux kerneldescription
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
10- packetstormsecurity.com/files/166229/Dirty-Pipe-Linux-Privilege-Escalation.htmlmitre
- packetstormsecurity.com/files/166230/Dirty-Pipe-SUID-Binary-Hijack-Privilege-Escalation.htmlmitre
- packetstormsecurity.com/files/166258/Dirty-Pipe-Local-Privilege-Escalation.htmlmitre
- packetstormsecurity.com/files/176534/Linux-4.20-KTLS-Read-Only-Write.htmlmitre
- bugzilla.redhat.com/show_bug.cgimitre
- cert-portal.siemens.com/productcert/pdf/ssa-222547.pdfmitre
- dirtypipe.cm4all.commitre
- psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0015mitre
- security.netapp.com/advisory/ntap-20220325-0005/mitre
- www.suse.com/support/kb/doc/mitre
News mentions
5- Fragnesia (CVE-2026-46300): Frequently asked questions about new Linux Kernel XFRM ESP-in-TCP privilege escalationTenable Blog · May 14, 2026
- Dirty Frag (CVE-2026-43284, CVE-2026-43500): Frequently asked questions about this Linux kernel privilege escalation vulnerability chainTenable Blog · May 8, 2026
- Another Universal Linux Local Privilege Escalation (LPE) Vulnerability: Dirty Frag, (Fri, May 8th)SANS Internet Storm Center · May 8, 2026
- Exploits and vulnerabilities in Q1 2026Securelist · May 7, 2026
- Copy Fail (CVE-2026-31431): Frequently asked questions about Linux kernel privilege escalation vulnerabilityTenable Blog · Apr 30, 2026