Lucene search

K
ubuntucveUbuntu.comUB:CVE-2022-0847
HistoryMar 07, 2022 - 12:00 a.m.

CVE-2022-0847

2022-03-0700:00:00
ubuntu.com
ubuntu.com
41

CVSS2

7.2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

CVSS3

7.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

EPSS

0.121

Percentile

95.4%

A flaw was found in the way the “flags” member of the new pipe buffer
structure was lacking proper initialization in copy_page_to_iter_pipe and
push_pipe functions in the Linux kernel and could thus contain stale
values. An unprivileged local user could use this flaw to write to pages in
the page cache backed by read only files and as such escalate their
privileges on the system.

Notes

Author Note
mdeslaur The specific flaw exists in the bionic and focal, but is not currently exploitable due to lack of a flag that was introduced in kernel 5.8. The flaw will be fixed as part of the next round of bionic and focal kernel updates in case some other way of exploiting it is discovered in the future. The hardware enablement kernel for focal, linux-hwe-5.13, was updated to fix this issue in USN-5317-1.
OSVersionArchitecturePackageVersionFilename
ubuntu21.10noarchlinux< 5.13.0-35.40UNKNOWN
ubuntu21.10noarchlinux-aws< 5.13.0-1017.19UNKNOWN
ubuntu20.04noarchlinux-aws-5.13< 5.13.0-1017.19~20.04.1UNKNOWN
ubuntu21.10noarchlinux-azure< 5.13.0-1017.19UNKNOWN
ubuntu20.04noarchlinux-azure-5.13< 5.13.0-1017.19~20.04.1UNKNOWN
ubuntu21.10noarchlinux-gcp< 5.13.0-1019.23UNKNOWN
ubuntu20.04noarchlinux-gcp-5.13< 5.13.0-1019.23~20.04.1UNKNOWN
ubuntu20.04noarchlinux-hwe-5.13< 5.13.0-35.40~20.04.1UNKNOWN
ubuntu20.04noarchlinux-intel-5.13< 5.13.0-1010.10UNKNOWN
ubuntu20.04noarchlinux-intel-iotg-5.15< 5.15.0-1008.11~20.04.1UNKNOWN
Rows per page:
1-10 of 161

CVSS2

7.2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

CVSS3

7.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

EPSS

0.121

Percentile

95.4%