What is the CVSS score of CVE-2022-0847?

CVE-2022-0847 has a CVSS 3.1 base score of 7.8 (High). CVSS vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H. EPSS exploitation probability: 82.7%.

Which versions of Linux Kernel are affected by CVE-2022-0847?

Organizations using A flaw face notable risk from CVE-2022-0847 rated CVSS 7.8. Exploitation could compromise the security of affected deployments.. A patch is available.

Is there a public PoC exploit available for CVE-2022-0847?

Yes, a public proof-of-concept exploit is available for CVE-2022-0847. Prioritise patching immediately. EPSS: 82.7%.

How to fix or mitigate CVE-2022-0847?

Within 24 hours: Identify all affected systems and apply vendor patches immediately. Vendor patch is available.

Linux Kernel CVE-2022-0847

HIGH

Improper Initialization (CWE-665)

2022-03-10 secalert@redhat.com

Linux Kernel

7.8

CVSS 3.1 · NVD

Severity by source

NVD PRIMARY

7.8 HIGH

AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Attack Vector

Local

Attack Complexity

Low

Privileges Required

Low

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

High

Lifecycle Timeline

Analysis Generated

Mar 26, 2026 - 11:19 vuln.today

Added to CISA KEV

Nov 06, 2025 - 14:50 cisa

CISA KEV

PoC Detected

Nov 06, 2025 - 14:50 vuln.today

Public exploit code

Patch released

Nov 06, 2025 - 14:50 nvd

Patch available

CVE Published

Mar 10, 2022 - 17:44 nvd

HIGH 7.8

DescriptionCVE.org

A flaw was found in the way the "flags" member of the new pipe buffer structure was lacking proper initialization in copy_page_to_iter_pipe and push_pipe functions in the Linux kernel and could thus contain stale values. An unprivileged local user could use this flaw to write to pages in the page cache backed by read only files and as such escalate their privileges on the system.

AnalysisAI

Linux kernel contains a flaw known as 'Dirty Pipe' where improper pipe buffer flag initialization allows unprivileged local users to overwrite read-only files, enabling trivial privilege escalation to root on Linux 5.8+.

Technical ContextAI

The CWE-665 improper initialization in copy_page_to_iter_pipe and push_pipe leaves the PIPE_BUF_FLAG_CAN_MERGE flag set on newly allocated pipe buffers. When a pipe is spliced from a file, subsequent writes to the pipe overwrite the page cache of the source file, even if the file is read-only (owned by root with 0644 permissions).

Affected ProductsAI

Linux kernel 5.8 through 5.16.10 Linux kernel 5.15.x before 5.15.25 Android 12 (kernel 5.10+)

RemediationAI

Update Linux kernel to 5.16.11, 5.15.25, or 5.10.102+. For Android, apply the March 2022 security patch. Container environments must update the host kernel. Monitor for /etc/passwd and /etc/shadow modification attempts.

CVE-2022-0847 vulnerability details – vuln.today

Back

Linux Kernel CVE-2022-0847

Severity by source

CVSS VectorNVD

Lifecycle Timeline

DescriptionCVE.org

AnalysisAI

Technical ContextAI

Affected ProductsAI

RemediationAI

Share

External POC / Exploit Code