Exploit for #VU61110 Use of uninitialized resource in Linux kernel

Vulnerability identifier: #VU61110

Vulnerability risk: Low

CVSSv4.0: 8.5 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:A/U:Clear]

CVE-ID: CVE-2022-0847

CWE-ID: CWE-908

Exploitation vector: Local

Exploits in database: 75

• July 10, 2023
  • CVE-2022-0847-Exploit-Implementation (Using CVE-2022-0847, "Dirty Pipe Exploit", to pop a reverse bash shell for arbitrary code execution on a foreign machine.) [Github]
• June 22, 2023
  • dirty-pipe-poc (POC Exploit to add user to Sudo for CVE-2022-0847 Dirty Pipe Vulnerability) [Github]
• May 4, 2023
  • CVE-2022-0847 (Drity Pipe Linux Kernel 1-Day Exploit) [Github]
• April 27, 2023
  • CVE-2022-0847-container-escape (A simple exploit that uses dirtypipe to inject shellcode into runC entrypoint to implement container escapes.) [Github]
• April 19, 2023
  • cve-2022-0847dirtypipe-exploit () [Github]
• December 22, 2022
  • CVE-2022-0847 (CVE-2022-0847) [Github]
• November 23, 2022
  • linux- (修改版CVE-2022-0847) [Github]
• November 21, 2022
  • CSCI5403_CVE20220847_Detection () [Github]
• November 16, 2022
  • CVE-2022-0847-DirtyPipe-Exploits (A collection of exploits and documentation that can be used to exploit the Linux Dirty Pipe vulnerability.) [Github]
• September 19, 2022
  • CVE-2022-0847-DirtyPipe-Exploit () [Github]
• September 12, 2022
  • Dirty-Pipe-Exploits (CVE-2022-0847(Dirty Pipe) vulnerability exploits.) [Github]
• August 29, 2022
  • CVE-2022-0847-DirtyPipe-Container-Breakout (PoC Container Breakout for DirtyPipe Vulnerability CVE-2022-0847 ) [Github]
• August 24, 2022
  • CVE-2022-0847 () [Github]
• August 21, 2022
  • CVE-2022-0847-Container-Escape (CVE-2022-0847 used to achieve container escape 利用CVE-2022-0847 (Dirty Pipe) 实现容器逃逸) [Github]
• August 14, 2022
  • CVE-2022-0847 (Modified dirtypipe script into auto root without have to search a file manually to hijack suid binary.) [Github]
• August 1, 2022
  • CVE-2022-0847-DirtyPipe-Exploits (COMPILED) [Github]
• July 7, 2022
  • dpipe (Proof-of-concept exploit for the Dirty Pipe vulnerability (CVE-2022-0847)) [Github]
• July 5, 2022
  • Dirty-Pipe (exp of CVE-2022-0847) [Github]
• June 30, 2022
  • CBDS_CVE-2022-0847_POC () [Github]
• June 29, 2022
  • CVE-2022-0847-DirtyPipe-Exploits (A collection of exploits and documentation that can be used to exploit the Linux Dirty Pipe vulnerability.) [Github]
• June 15, 2022
  • CVE-2022-0847-Container-Escape (CVE-2022-0847 used to achieve container escape 利用CVE-2022-0847 (Dirty Pipe) 实现容器逃逸) [Github]
• June 8, 2022
  • CVE-2022-0847 (CVE-2022-0847 used to achieve container escape 利用CVE-2022-0847 (Dirty Pipe) 实现容器逃逸) [Github]
• May 19, 2022
  • CVE-2022-0847 (CVE-2022-0847-DirtyPipe-Exploit CVE-2022-0847 是存在于 Linux内核 5.8 及之后版本中的本地提权漏洞。攻击者通过利用此漏洞，可覆盖重写任意可读文件中的数据，从而可将普通权限的用户提升到特权 root。 CVE-2022-0847 的漏洞原理类似于 CVE-2016-5195 脏牛漏洞（Dirty Cow），但它更容易被利用。漏洞作者将此漏洞命名为“Dirty Pipe”) [Github]
• May 13, 2022
  • Linux Kernel 5.8 < 5.16.11 - Local Privilege Escalation (DirtyPipe) [Exploit-DB]
• May 12, 2022
  • Dirty Pipe Local Privilege Escalation via CVE-2022-0847 [Metasploit]
• April 18, 2022
  • linux-privilege-escalation (Scripted Linux Privilege Escalation for the CVE-2022-0847 "Dirty Pipe" vulnerability) [Github]
• April 15, 2022
  • CVE-2022-0847-L-nux-PrivEsc () [Github]
• April 5, 2022
  • CVE-2022-0847_dirty-pipe (Hacked up Dirty Pipe (CVE-2022-0847) PoC that hijacks a SUID binary to spawn a root shell. (and attempts to restore the damaged binary as well)) [Github]
• April 3, 2022
  • CVE-2022-0847 (Linux “Dirty Pipe” vulnerability gives unprivileged users root access) [Github]
• March 21, 2022
  • pwncat_dirtypipe (pwncat module that automatically exploits CVE-2022-0847 (dirtypipe)) [Github]
• March 20, 2022
  • CVE-2022-0847 (Hacked up Dirty Pipe (CVE-2022-0847) PoC that hijacks a SUID binary to spawn a root shell. (and attempts to restore the damaged binary as well)) [Github]
• March 17, 2022
  • CVE-2022-0847_DirtyPipe_Exploits (A collection of exploits and documentation that can be used to exploit the Linux Dirty Pipe vulnerability.) [Github]
• March 16, 2022
  • DirtyPIPE-CVE-2022-0847 () [Github]
  • CVE-2022-0847-DirtyPipe-Exploits () [Github]
• March 15, 2022
  • CVE-2022-0847 () [Github]
  • dirty-pipe-poc (CVE-2022-0847 POC) [Github]
  • CVE-2022-0847-POC (dirtypipe) [Github]
  • CVE-2022-0847 (dirtypipe) [Github]
  • cve_2022_0847_shellcode (Implementation of CVE-2022-0847 as a shellcode) [Github]
• March 14, 2022
  • DirtyPipePython (A Python-based DirtyPipe (CVE-2022-0847) POC to pop a root shell) [Github]
  • CVE-2022-0847 (my personal exploit of CVE-2022-0847(dirty pipe)) [Github]
  • Dirty-Pipe-CVE-2022-0847 (CVE-2022-0847 (Dirty Pipe) is an arbitrary file overwrite vulnerability that allows escalation of privileges by modifying or overwriting arbitrary read-only files e.g. /etc/passwd, /etc/shadow.) [Github]
  • CVE-2022-0847-DirtyPipe-Exploits (A collection of exploits and documentation that can be used to exploit the Linux Dirty Pipe vulnerability.) [Github]
• March 10, 2022
  • CVE-2022-0847 (CVE-2022-0847 POC and Docker and Analysis write up) [Github]
  • CVE-2022-0847-Linux () [Github]
  • CVE-2022-0847-DirtyPipe-Exploit (CVE-2022-0847-DirtyPipe-Exploit) [Github]
  • dirtyPipe-automaticRoot (CVE-2022-0847 Python exploit to get root or write a no write permission, immutable or read-only mounted file.) [Github]
  • CVE-2022-0847 (A root exploit for CVE-2022-0847 (Dirty Pipe)) [Github]
• March 9, 2022
  • CVE-2022-0847-DirtyPipe-Exploit () [Github]
  • cve-2022-0847dirtypipe-exploit () [Github]
  • pentestblog-CVE-2022-0847 () [Github]
  • CVE-2022-0847 (Dirty Pipe POC) [Github]
  • CVE-2022-0847 () [Github]
  • CVE-2022-0847-DirtyPipe () [Github]
  • CVE-2022-0847_DirtyPipeExploit (A “Dirty Pipe” vulnerability with CVE-2022-0847 and a CVSS score of 7.8 has been identified, affecting Linux Kernel 5.8 and higher. The vulnerability allows attackers to overwrite data in read-only files. Threat actors can [Github]
  • CVE-2022-0847 (CVE-2022-0847) [Github]
• March 8, 2022
  • CVE-2022-0847 (CVE-2022-0487) [Github]
  • CVE-2022-0847-DirtyPipe-Exploit () [Github]
  • CVE-2022-0847-DirtyPipe-Exploit (A root exploit for CVE-2022-0847 (Dirty Pipe)) [Github]
  • CVE-2022-0847 () [Github]
  • CVE-2022-0847 (Linux Kernel Local Privilege Escalation Vulnerability CVE-2022-0847.) [Github]
  • CVE-2022-0847-dirty-pipe-exploit (An exploit for CVE-2022-0847 dirty-pipe vulnerability) [Github]
  • CVE_2022_0847 (CVE-2022-0847: Linux Kernel Privilege Escalation Vulnerability) [Github]
  • CVE-2022-0847-Docker (Docker exploit) [Github]
  • CVE-2022-0847-dirty-pipe-checker (Bash script to check for CVE-2022-0847 "Dirty Pipe") [Github]
  • CVE-2022-0847 (CVE-2022-0847-DirtyPipe-Exploit CVE-2022-0847 是存在于 Linux内核 5.8 及之后版本中的本地提权漏洞。攻击者通过利用此漏洞，可覆盖重写任意可读文件中的数据，从而可将普通权限的用户提升到特权 root。 CVE-2022-0847 的漏洞原理类似于 CVE-2016-5195 脏牛漏洞（Dirty Cow），但它更容易被利用。漏洞作者将此漏洞命名为“Dirty Pipe”) [Github]
  • cve-2022-0847dirtypipe-exploit () [Github]
  • CVE-2022-0847 (CVE-2022-0847) [Github]
  • CVE-2022-0847 () [Github]
  • CVE-2022-0847 (CVE-2022-0847) [Github]
  • Dirty-Pipe (CVE-2022-0847 exploit one liner) [Github]
  • dirtypipez-exploit (CVE-2022-0847 DirtyPipe Exploit.) [Github]
  • dirty-pipe (Implementation of Max Kellermann's exploit for CVE-2022-0847) [Github]
  • CVE-2022-0847 (Vulnerability in the Linux kernel since 5.8) [Github]
  • CVE-2022-0847 (The Dirty Pipe Vulnerability) [Github]

Vulnerable software:
Linux kernel
Operating systems & Components / Operating system

Vendor: