### [CVE-2022-0847](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0847)
![](https://img.shields.io/static/v1?label=Product&message=kernel&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-665-%3ECWE-281&color=brighgreen)

### Description

A flaw was found in the way the "flags" member of the new pipe buffer structure was lacking proper initialization in copy_page_to_iter_pipe and push_pipe functions in the Linux kernel and could thus contain stale values. An unprivileged local user could use this flaw to write to pages in the page cache backed by read only files and as such escalate their privileges on the system.

### POC

#### Reference
- http://packetstormsecurity.com/files/166229/Dirty-Pipe-Linux-Privilege-Escalation.html
- http://packetstormsecurity.com/files/166230/Dirty-Pipe-SUID-Binary-Hijack-Privilege-Escalation.html
- http://packetstormsecurity.com/files/166258/Dirty-Pipe-Local-Privilege-Escalation.html
- http://packetstormsecurity.com/files/176534/Linux-4.20-KTLS-Read-Only-Write.html
- https://dirtypipe.cm4all.com/

#### Github
- https://github.com/0day404/vulnerability-poc
- https://github.com/0xIronGoat/dirty-pipe
- https://github.com/0xMarcio/cve
- https://github.com/0xStrygwyr/OSCP-Guide
- https://github.com/0xTen/pwn-gym
- https://github.com/0xZipp0/OSCP
- https://github.com/0xeremus/dirty-pipe-poc
- https://github.com/0xr1l3s/CVE-2022-0847
- https://github.com/0xsmirk/vehicle-kernel-exploit
- https://github.com/0xsyr0/OSCP
- https://github.com/20142995/sectool
- https://github.com/2xYuan/CVE-2022-0847
- https://github.com/4O4errorrr/TP_be_root
- https://github.com/4bhishek0/CVE-2022-0847-Poc
- https://github.com/4luc4rdr5290/CVE-2022-0847
- https://github.com/ARPSyndicate/cvemon
- https://github.com/Abhi-1712/ejpt-roadmap
- https://github.com/Aijoo100/Aijoo100
- https://github.com/Al1ex/CVE-2022-0847
- https://github.com/Al1ex/LinuxEelvation
- https://github.com/AlexisAhmed/CVE-2022-0847-DirtyPipe-Exploits
- https://github.com/AnastasiaLomova/PR1
- https://github.com/AnastasiaLomova/PR1.1
- https://github.com/Arinerron/CVE-2022-0847-DirtyPipe-Exploit
- https://github.com/ArrestX/--POC
- https://github.com/Asbatel/CBDS_CVE-2022-0847_POC
- https://github.com/Awrrays/Pentest-Tips
- https://github.com/AyoubNajim/cve-2022-0847dirtypipe-exploit
- https://github.com/BEPb/tryhackme
- https://github.com/BlessedRebuS/OSCP-Pentesting-Cheatsheet
- https://github.com/BlizzardEternity/CVE-2022-0847
- https://github.com/BlizzardEternity/DirtyPipe-Android
- https://github.com/BlizzardEternity/dirtypipez-exploit
- https://github.com/CPT-Jack-A-Castle/CVE-2022-0847
- https://github.com/CVEDB/PoC-List
- https://github.com/CVEDB/awesome-cve-repo
- https://github.com/CVEDB/top
- https://github.com/CYB3RK1D/CVE-2022-0847-POC
- https://github.com/CYBER-PUBLIC-SCHOOL/linux-privilege-escalation-cheatsheet
- https://github.com/Ch4nc3n/PublicExploitation
- https://github.com/CharonDefalt/linux-exploit
- https://github.com/DanaEpp/pwncat_dirtypipe
- https://github.com/DanielShmu/OSCP-Cheat-Sheet
- https://github.com/DataDog/dirtypipe-container-breakout-poc
- https://github.com/DataFox/CVE-2022-0847
- https://github.com/DevataDev/PiracyTools
- https://github.com/Disturbante/Linux-Pentest
- https://github.com/DylanBarbe/dirty-pipe-clone-4-root
- https://github.com/DylanBarbe/hj
- https://github.com/EGI-Federation/SVG-advisories
- https://github.com/EagleTube/CVE-2022-0847
- https://github.com/FeFi7/attacking_embedded_linux
- https://github.com/FedericoGaribay/Tarea-exploit
- https://github.com/Getshell/LinuxTQ
- https://github.com/GhostTroops/TOP
- https://github.com/GibzB/THM-Captured-Rooms
- https://github.com/Greetdawn/CVE-2022-0847-DirtyPipe
- https://github.com/Greetdawn/CVE-2022-0847-DirtyPipe-
- https://github.com/Gustavo-Nogueira/Dirty-Pipe-Exploits
- https://github.com/Ha0-Y/LinuxKernelExploits
- https://github.com/Ha0-Y/kernel-exploit-cve
- https://github.com/HadessCS/Awesome-Privilege-Escalation
- https://github.com/HaxorSecInfec/autoroot.sh
- https://github.com/IHenakaarachchi/debian11-dirty_pipe-patcher
- https://github.com/ITMarcin2211/CVE-2022-0847-DirtyPipe-Exploit
- https://github.com/IdanBanani/Linux-Kernel-VR-Exploitation
- https://github.com/Ignitetechnologies/Linux-Privilege-Escalation
- https://github.com/JERRY123S/all-poc
- https://github.com/Jean-Francois-C/Boot2root-CTFs-Writeups
- https://github.com/JlSakuya/CVE-2022-0847-container-escape
- https://github.com/JlSakuya/Linux-Privilege-Escalation-Exploits
- https://github.com/KayCHENvip/vulnerability-poc
- https://github.com/Kiosec/Linux-Exploitation
- https://github.com/LP-H4cmilo/CVE-2022-0847_DirtyPipe_Exploits
- https://github.com/LudovicPatho/CVE-2022-0847
- https://github.com/LudovicPatho/CVE-2022-0847_dirty-pipe
- https://github.com/Ly0nt4r/OSCP
- https://github.com/MCANMCAN/TheDirtyPipeExploit
- https://github.com/ManciSee/M6__Insecure_Authorization
- https://github.com/Meowmycks/OSCPprep-Cute
- https://github.com/Meowmycks/OSCPprep-Sar
- https://github.com/Meowmycks/OSCPprep-hackme1
- https://github.com/Metarget/metarget
- https://github.com/Miraitowa70/POC-Notes
- https://github.com/Mr-xn/Penetration_Testing_POC
- https://github.com/MrP1xel/CVE-2022-0847-dirty-pipe-kernel-checker
- https://github.com/Mustafa1986/CVE-2022-0847-DirtyPipe-Exploit
- https://github.com/NaInSec/CVE-PoC-in-GitHub
- https://github.com/Nekoox/dirty-pipe
- https://github.com/NetKingJ/awesome-android-security
- https://github.com/NxPnch/Linux-Privesc
- https://github.com/OlegBr04/Traitor
- https://github.com/Ostorlab/KEV
- https://github.com/Ostorlab/known_exploited_vulnerbilities_detectors
- https://github.com/Patocoh/Research-Dirty-Pipe
- https://github.com/PenTestical/linpwn
- https://github.com/ProbiusOfficial/Awsome-Sec.CTF-Videomaker
- https://github.com/Qwertozavr/PR1_3
- https://github.com/Qwertozavr/PR1_3.2
- https://github.com/Qwertozavr/PR1_TRPP
- https://github.com/RACHO-PRG/Linux_Escalada_Privilegios
- https://github.com/SYRTI/POC_to_review
- https://github.com/SenukDias/OSCP_cheat
- https://github.com/Shadowven/Vulnerability_Reproduction
- https://github.com/Shotokhan/cve_2022_0847_shellcode
- https://github.com/SirElmard/ethical_hacking
- https://github.com/SnailDev/github-hot-hub
- https://github.com/Snoopy-Sec/Localroot-ALL-CVE
- https://github.com/T4t4ru/CVE-2022-0847
- https://github.com/Tanq16/link-hub
- https://github.com/Technetium1/stars
- https://github.com/Threekiii/Awesome-POC
- https://github.com/Trickhish/automated_privilege_escalation
- https://github.com/Turzum/ps-lab-cve-2022-0847
- https://github.com/Udyz/CVE-2022-0847
- https://github.com/UgoDasseleer/write-up-Intermediate-Nmap
- https://github.com/V0WKeep3r/CVE-2022-0847-DirtyPipe-Exploit
- https://github.com/VISHALSB85/ejpt-roadmap
- https://github.com/VinuKalana/DirtyPipe-CVE-2022-0847
- https://github.com/WhooAmii/POC_to_review
- https://github.com/XiaozaYa/CVE-Recording
- https://github.com/XmasSnowISBACK/CVE-2022-0847-DirtyPipe-Exploits
- https://github.com/ZWDeJun/ZWDeJun
- https://github.com/Zen-ctrl/Rutgers_Cyber_Range
- https://github.com/a-roshbaik/Linux-Privilege-Escalation-Exploits
- https://github.com/adavarski/HomeLab-Proxmox-k8s-DevSecOps-playground
- https://github.com/adavarski/HomeLab-k8s-DevSecOps-playground
- https://github.com/ahrixia/CVE_2022_0847
- https://github.com/airbus-cert/dirtypipe-ebpf_detection
- https://github.com/ajith737/Dirty-Pipe-CVE-2022-0847-POCs
- https://github.com/al4xs/CVE-2022-0847-Dirty-Pipe
- https://github.com/antx-code/CVE-2022-0847
- https://github.com/arttnba3/CVE-2022-0847
- https://github.com/aruncs31s/Ethical-h4ckers.github.io
- https://github.com/aruncs31s/ethical-hacking
- https://github.com/atksh/Dirty-Pipe-sudo-poc
- https://github.com/ayushx007/CVE-2022-0847-DirtyPipe-Exploits
- https://github.com/ayushx007/CVE-2022-0847-dirty-pipe-checker
- https://github.com/b4dboy17/Dirty-Pipe-Oneshot
- https://github.com/babyshen/CVE-2022-0847
- https://github.com/badboy-sft/Dirty-Pipe-Oneshot
- https://github.com/badboycxcc/script
- https://github.com/basharkey/CVE-2022-0847-dirty-pipe-checker
- https://github.com/bbaranoff/CVE-2022-0847
- https://github.com/beruangsalju/LocalPrivelegeEscalation
- https://github.com/beruangsalju/LocalPrivilegeEscalation
- https://github.com/binganao/vulns-2022
- https://github.com/bohr777/cve-2022-0847dirtypipe-exploit
- https://github.com/boy-hack/zsxq
- https://github.com/brant-ruan/poc-demo
- https://github.com/breachnix/dirty-pipe-poc
- https://github.com/bsauce/kernel-exploit-factory
- https://github.com/bsauce/kernel-security-learning
- https://github.com/c0ntempt/CVE-2022-0847
- https://github.com/carlcedin/moe-demo
- https://github.com/carlosevieira/Dirty-Pipe
- https://github.com/chenaotian/CVE-2022-0185
- https://github.com/chenaotian/CVE-2022-0847
- https://github.com/cont3mpt/CVE-2022-0847
- https://github.com/cookiengineer/groot
- https://github.com/crac-learning/CVE-analysis-reports
- https://github.com/crowsec-edtech/Dirty-Pipe
- https://github.com/crusoe112/DirtyPipePython
- https://github.com/cspshivam/CVE-2022-0847-dirty-pipe-exploit
- https://github.com/cyberanand1337x/bug-bounty-2022
- https://github.com/d-rn/vulBox
- https://github.com/d4n-sec/d4n-sec.github.io
- https://github.com/dadhee/CVE-2022-0847_DirtyPipeExploit
- https://github.com/decrypthing/CVE_2022_0847
- https://github.com/drapl0n/dirtypipe
- https://github.com/e-hakson/OSCP
- https://github.com/edr1412/Dirty-Pipe
- https://github.com/edsonjt81/CVE-2022-0847-DirtyPipe-
- https://github.com/edsonjt81/CVE-2022-0847-Linux
- https://github.com/edsonjt81/Linux-Privilege-Escalation
- https://github.com/eduquintanilha/CVE-2022-0847-DirtyPipe-Exploits
- https://github.com/eljosep/OSCP-Guide
- https://github.com/emmaneugene/CS443-project
- https://github.com/eremus-dev/Dirty-Pipe-sudo-poc
- https://github.com/eric-glb/dirtypipe
- https://github.com/exfilt/CheatSheet
- https://github.com/febinrev/dirtypipez-exploit
- https://github.com/felixfu59/kernel-hack
- https://github.com/flux10n/CVE-2022-0847-DirtyPipe-Exploits
- https://github.com/giterlizzi/secdb-feeds
- https://github.com/githublihaha/DirtyPIPE-CVE-2022-0847
- https://github.com/greenhandatsjtu/CVE-2022-0847-Container-Escape
- https://github.com/gyaansastra/CVE-2022-0847
- https://github.com/h0pe-ay/Vulnerability-Reproduction
- https://github.com/h4ckm310n/CVE-2022-0847-eBPF
- https://github.com/h4ckm310n/Container-Vulnerability-Exploit
- https://github.com/hegusung/netscan
- https://github.com/hheeyywweellccoommee/CVE-2022-0847-gfobj
- https://github.com/hktalent/TOP
- https://github.com/hktalent/bug-bounty
- https://github.com/hoanbi1812000/hoanbi1812000
- https://github.com/hugefiver/mystars
- https://github.com/hugs42/infosec
- https://github.com/hxlxmjxbbxs/TheDirtyPipeExploit
- https://github.com/iandrade87br/OSCP
- https://github.com/icontempt/CVE-2022-0847
- https://github.com/ih3na/debian11-dirty_pipe-patcher
- https://github.com/imfiver/CVE-2022-0847
- https://github.com/iohubos/iohubos
- https://github.com/iridium-soda/container-escape-exploits
- https://github.com/irwx777/CVE-2022-0847
- https://github.com/isaiahsimeone/COMP3320-VAPT
- https://github.com/jamesbrunet/dirtypipe-writeup
- https://github.com/jbmihoub/all-poc
- https://github.com/joeymeech/CVE-2022-0847-Exploit-Implementation
- https://github.com/jonathanbest7/cve-2022-0847
- https://github.com/jpts/CVE-2022-0847-DirtyPipe-Container-Breakout
- https://github.com/jxpsx/CVE-2022-0847-DirtyPipe-Exploits
- https://github.com/k0mi-tg/CVE-POC
- https://github.com/kaosagnt/ansible-everyday
- https://github.com/karanlvm/DirtyPipe-Exploit
- https://github.com/karimhabush/cyberowl
- https://github.com/kdn111/linux-kernel-exploitation
- https://github.com/kgwanjala/oscp-cheatsheet
- https://github.com/khanhdn111/linux-kernel-exploitation
- https://github.com/khanhdz-06/linux-kernel-exploitation
- https://github.com/khanhdz191/linux-kernel-exploitation
- https://github.com/khanhhdz/linux-kernel-exploitation
- https://github.com/khanhhdz06/linux-kernel-exploitation
- https://github.com/khanhnd123/linux-kernel-exploitation
- https://github.com/khansiddique/VulnHub-Boot2root-CTFs-Writeups
- https://github.com/knd06/linux-kernel-exploitation
- https://github.com/knqyf263/CVE-2022-0847
- https://github.com/kun-g/Scraping-Github-trending
- https://github.com/kwxk/Rutgers_Cyber_Range
- https://github.com/leoambrus/CheckersNomisec
- https://github.com/letsr00t/CVE-2022-0847
- https://github.com/lewiswu1209/sif
- https://github.com/liamg/liamg
- https://github.com/liamg/traitor
- https://github.com/lions2012/Penetration_Testing_POC
- https://github.com/logit507/logit507
- https://github.com/logm1lo/CVE-2022-0847_DirtyPipe_Exploits
- https://github.com/lonnyzhang423/github-hot-hub
- https://github.com/lucksec/CVE-2022-0847
- https://github.com/makoto56/penetration-suite-toolkit
- https://github.com/manas3c/CVE-POC
- https://github.com/marksowell/my-stars
- https://github.com/marksowell/starred
- https://github.com/marksowell/stars
- https://github.com/merlinepedra/TRAITOR
- https://github.com/merlinepedra25/TRAITOR
- https://github.com/mhanief/dirtypipe
- https://github.com/michaelklaan/CVE-2022-0847-Dirty-Pipe
- https://github.com/mrchucu1/CVE-2022-0847-Docker
- https://github.com/murchie85/twitterCyberMonitor
- https://github.com/mutur4/CVE-2022-0847
- https://github.com/n3rada/DirtyPipe
- https://github.com/nanaao/Dirtypipe-exploit
- https://github.com/nanaao/dirtyPipe-automaticRoot
- https://github.com/ndk06/linux-kernel-exploitation
- https://github.com/ndk191/linux-kernel-exploitation
- https://github.com/nidhi7598/linux-4.19.72_lib_CVE-2022-0847
- https://github.com/nitishbadole/oscp-note-3
- https://github.com/nomi-sec/PoC-in-GitHub
- https://github.com/notl0cal/dpipe
- https://github.com/notmariekondo/notmariekondo
- https://github.com/nu1l-ptr/CVE-2022-0847-Poc
- https://github.com/orsuprasad/CVE-2022-0847-DirtyPipe-Exploits
- https://github.com/oscpname/OSCP_cheat
- https://github.com/parkjunmin/CTI-Search-Criminalip-Search-Tool
- https://github.com/parth45/cheatsheet
- https://github.com/pashayogi/DirtyPipe
- https://github.com/pen4uin/awesome-cloud-native-security
- https://github.com/pen4uin/cloud-native-security
- https://github.com/pentestblogin/pentestblog-CVE-2022-0847
- https://github.com/peterspbr/dirty-pipe-otw
- https://github.com/phuonguno98/CVE-2022-0847-DirtyPipe-Exploits
- https://github.com/pipiscrew/timeline
- https://github.com/pmihsan/Dirty-Pipe-CVE-2022-0847
- https://github.com/polygraphene/DirtyPipe-Android
- https://github.com/promise2k/OSCP
- https://github.com/puckiestyle/CVE-2022-0847
- https://github.com/qqdagustian/CVE_2022_0847
- https://github.com/qwert419/linux-
- https://github.com/r1is/CVE-2022-0847
- https://github.com/rahul1406/cve-2022-0847dirtypipe-exploit
- https://github.com/raohemanth/cybersec-dirty-pipe-vulnerability
- https://github.com/realbatuhan/dirtypipetester
- https://github.com/revanmalang/OSCP
- https://github.com/rexpository/linux-privilege-escalation
- https://github.com/s3mPr1linux/CVE_2022_0847
- https://github.com/sa-infinity8888/Dirty-Pipe-CVE-2022-0847
- https://github.com/sarthakpriyadarshi/Obsidian-OSCP-Notes
- https://github.com/sarutobi12/sarutobi12
- https://github.com/scopion/dirty-pipe
- https://github.com/si1ent-le/CVE-2022-0847
- https://github.com/siberiah0h/CVE-CNVD-HUB
- https://github.com/siegfrkn/CSCI5403_CVE20220847_Detection
- https://github.com/smile-e3/vehicle-kernel-exploit
- https://github.com/solomon12354/CVE-2022-0847-Dirty_Pipe_virus
- https://github.com/solomon12354/LockingGirl-----CVE-2022-0847-Dirty_Pipe_virus
- https://github.com/soosmile/POC
- https://github.com/source-xu/docker-vuls
- https://github.com/ssr-111/linux-kernel-exploitation
- https://github.com/stefanoleggio/dirty-pipe-cola
- https://github.com/stfnw/Debugging_Dirty_Pipe_CVE-2022-0847
- https://github.com/taielab/awesome-hacking-lists
- https://github.com/talent-x90c/cve_list
- https://github.com/tanjiti/sec_profile
- https://github.com/teamssix/container-escape-check
- https://github.com/terabitSec/dirtyPipe-automaticRoot
- https://github.com/theo-goetzinger/TP_be_root
- https://github.com/thesakibrahman/THM-Free-Room
- https://github.com/tiann/DirtyPipeRoot
- https://github.com/tmoneypenny/CVE-2022-0847
- https://github.com/tnishiox/kernelcare-playground
- https://github.com/trhacknon/CVE-2022-0847-DirtyPipe-Exploit
- https://github.com/trhacknon/Pocingit
- https://github.com/trhacknon/dirtypipez-exploit
- https://github.com/tstromberg/ioc-bench
- https://github.com/tstromberg/ttp-bench
- https://github.com/tufanturhan/CVE-2022-0847-L-nux-PrivEsc
- https://github.com/txuswashere/OSCP
- https://github.com/uhub/awesome-c
- https://github.com/ukmihiran/Rubber_Ducky_Payloads
- https://github.com/veritas501/pipe-primitive
- https://github.com/versatilexec/CVE_2022_0847
- https://github.com/vknc/vknc.github.io
- https://github.com/wechicken456/Linux-kernel
- https://github.com/weeka10/-hktalent-TOP
- https://github.com/whoami-chmod777/Hacking-Articles-Linux-Privilege-Escalation-
- https://github.com/whoforget/CVE-POC
- https://github.com/wkhnh06/linux-kernel-exploitation
- https://github.com/wpressly/exploitations
- https://github.com/x90hack/vulnerabilty_lab
- https://github.com/xairy/linux-kernel-exploitation
- https://github.com/xhref/OSCP
- https://github.com/xnderLAN/CVE-2022-0847
- https://github.com/xndpxs/CVE-2022-0847
- https://github.com/xsudoxx/OSCP
- https://github.com/xuetusummer/Penetration_Testing_POC
- https://github.com/yoeelingBin/CVE-2022-0847-Container-Escape
- https://github.com/youwizard/CVE-POC
- https://github.com/z3dc0ps/awesome-linux-exploits
- https://github.com/zecool/cve
- https://github.com/zzcentury/PublicExploitation