ALERT: Some images may not load properly within the Knowledge Base Article. If you see a broken image, please right-click and select 'Open image in a new tab'. We apologize for this inconvenience.

CVE-2022-0847: kernel: improper initialization of the "flags" member of the new pipe_buffer


Article ID: 237377


Updated On:


CA Spectrum DX NetOps DX NetOps Insights CA Performance Management - Usage and Administration CA Network Flow Analysis (NetQos / NFA)


A flaw was found in the way the "flags" member of the new pipe buffer structure was lacking proper initialization in copy_page_to_iter_pipe and push_pipe functions in the Linux kernel and could thus contain stale values.

An unprivileged local user could use this flaw to write to pages in the page cache backed by read only files and as such escalate their privileges on the system.


RedHat Enterprise Linux 8.x


RedHat Enterprise Linux 6 and 7 are not affected by this vulnerability.

This is a kernel level vulnerability.  Thus DX Netops products are not affected by it or by updating to the proper kernel level to resolve the vulnerability.

kernel 5.17-rc6 resolves this problem.

Additional Information