by vicarius
log in join community
by @mhzcyber
07 Sep 2023
#cve_analysis

Write a blog analysis for a CVE

publish

The De Vinci of DirtyPipe Local Privilege Escalation - CVE-2022-0847

by @mhzcyber
by @mhzcyber
07 Sep 2023
#cve_analysis

Write a blog analysis for a CVE

publish

The De Vinci of DirtyPipe Local Privilege Escalation - CVE-2022-0847

CVEs

CVE-2022-0847
7.8 High Severity

OS

Fedora
FedoraFedoraproject
41.0.1.0.*
40.0.0.0.*
*.*
3334.*
37.*
30.*
40.*
38.*
28.*
31.*
LK
Linux KernelLinux
6.17.10.*
6.12.60.*
6.17.9.*
6.17.8.*
6.12.58.*
6.12.56.*
6.1.158.*
5.4.301.*
5.15.196.*
5.10.246.*
HF
H410S FirmwareNetapp
-.*
HF
H700S FirmwareNetapp
-.*
HF
H500S FirmwareNetapp
-.*
HF
H300S FirmwareNetapp
-.*
HF
H410C FirmwareNetapp
-.*
ELS
Enterprise Linux Server TUSRedhat
8.8.*
8.4.*
8.6.*
7.7.*
7.4.*
6.6.*
8.2.*
9.2.*
7.3.*
7.6.*
ELE
Enterprise Linux EUSRedhat
5.9.Z.*
5.6.Z.*
8.8.*
8.4.*
8.4.*
8.6.*
8.6.*
7.7.*
9.6.*
7.4.*
ELS
Enterprise Linux Server AUSRedhat
8.8.*
8.4.*
8.6.*
7.7.*
9.6.*
7.4.*
5.9.*
6.6.*
8.2.*
5.6.*
SLF
Scalance LPE9403 FirmwareSiemens
*.*
2.0.*
-.*
ELF
Enterprise Linux for IBM Z Systems EUSRedhat
10.0 S390X.*
9.6 S390X.*
6.4 S390X.*
5.9 S390X.*
7.3 S390X.*
7.2 S390X.*
6.7 S390X.*
7.6 S390X.*
7.5 S390X.*
7.4 S390X.*
ELF
Enterprise Linux for IBM Z SystemsRedhat
10.0 S390X.*
6.5 S390X.*
6.4 S390X.*
5.9 S390X.*
7.3 S390X.*
7.6 S390X.*
7.5 S390X.*
7.4 S390X.*
7.7 S390X.*
6.0 S390X.*
ELF
Enterprise Linux for Power Little Endian EUSRedhat
10.0 Ppc64le.*
9.6 Ppc64le.*
7.3 Ppc64le.*
7.2 Ppc64le.*
7.6 Ppc64le.*
7.5 Ppc64le.*
7.4 Ppc64le.*
8.2 Ppc64le.*
8.1 Ppc64le.*
7.7 Ppc64le.*
ELF
Enterprise Linux for Power Little EndianRedhat
10.0 Ppc64le.*
7.0 Ppc64le.*
9.0 Ppc64le.*
8.8 Ppc64le.*
9.2 Ppc64le.*
8.0 Ppc64le.*
8.6.*
7.0.*
8.0.*
9.0.*
ELS
Enterprise Linux Server for Power Little Endian Update Services for Sap SolutionsRedhat
9.6 Ppc64le.*
7.6 Ppc64le.*
7.4 Ppc64le.*
8.2 Ppc64le.*
7.7 Ppc64le.*
9.4 Ppc64le.*
8.4 Ppc64le.*
9.0 Ppc64le.*
8.8 Ppc64le.*
9.2 Ppc64le.*
ELF
Enterprise Linux for Real TimeRedhat
8.6.*
9.2.*
7.*
7.0.*
8.*
8.0.*
9.0.*
ELF
Enterprise Linux for Real Time for NFVRedhat
9.2.*
7.*
8.*
8.0.*
9.0.*
ELS
Enterprise Linux Server Update Services for Sap SolutionsRedhat
8.4.*
8.6.*
7.7.*
7.4.*
8.2.*
9.2.*
7.3.*
8.1.*
7.6.*
7.2.*
SF
SMA1000 FirmwareSonicwall
12.4.3-02925.*
12.4.3-02907.*
12.4.2-02044.*
12.1.0-06411.*
12.4.2.*
-.*

Apps

CLB
Codeready Linux BuilderRedhat
8.4.*
8.2.*
10.0.*
8.0.*
9.0.*
-.*
VH
Virtualization HostRedhat
4.0.*
O
Ovirt-EngineOvirt
4.4.10.2.*
4.4.3.11.*
4.4.3.10.*
4.4.3.7.*
4.4.3.6.*
4.4.3.5.*
4.4.3.12.*
4.4.3.9.*
4.4.3.8.*
4.4.3.4.*

PoC video

Summary

We will dive deep into DirtyPipe vulnerability, see some pipes inside the kernel, understand more about ring buffer, read and write and how all the magic works!🧙‍♂️

Description

users/photos/clr6vsmml0vl21hn13643hl0n.jpg

@mhzcyber

68 posts

Security Researcher | Cyber Security Labs Developer | Upwork Top Rated CyberSecurity

Total vcoins

0

Badges

badges/images/clemwgql90gww0jnxh6rbcqsr.png

Memelord

badges/images/clktw0fnh0pci1inadxpbcwpn.png

Shawarma King

Social media links

Comments (5)