VDB
WID-SEC-W-2022-0515
WID-SEC-W-2022-0515
PUBLISHED
CVSS 8.699999809265137 HIGH
IBM Spectrum Protect ist eine zentralisierte Backuplösung für Systeme im Netzwerk.
Risk Scores
CVSS 4.0
8.699999809265137
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| IBM Spectrum Protect 8.1 | ||
| IBM Spectrum Protect 10.1 | ||
| Ubuntu Linux | ||
| Amazon Linux 2 |
Exploit Intelligence
- Working Dirty Pipe (CVE-2022-0847) exploit tool with root access and file overwrites. (github-poc-repo)
- Working Dirty Pipe (CVE-2022-0847) exploit tool with root access and file overwrites. (github-poc)
- t1ckprivate/CVE-2022-0847-Dirty-Pipe (github-poc)
- CVE-2022-0847 used to achieve container escape 利用CVE-2022-0847 (Dirty Pipe) 实现容器逃逸 (github-poc)
- CVE-2022-0492-Container-Escape (github-poc)
- t1ckprivate/CVE-2022-0847-Dirty-Pipe (github-poc-repo)
- CVE-2022-0847 used to achieve container escape 利用CVE-2022-0847 (Dirty Pipe) 实现容器逃逸 (github-poc-repo)
- CVE-2022-0847-DirtyPipe-Exploit CVE-2022-0847 是存在于 Linux内核 5.8 及之后版本中的本地提权漏洞。攻击者通过利用此漏洞,可覆盖重写任意可读文件中的数据,从而可将普通权限的用户提升到特权 root。 CVE-2022-0847 的漏洞原理类似于 CVE-2016-5195 脏牛漏洞(Dirty Cow),但它更容易被利用。漏洞作者将此漏洞命名为“Dirty Pipe” (github-poc-repo)
- CVE-2021-4154 exploit (github-poc-repo)
- CVE-2021-4154 (github-poc-repo)
…and 237 more exploits
Timeline
- Jun 29, 2022 CVE Published
- Jun 8, 2023 CVE Updated
- Dec 27, 2024 PoC Published
- Feb 13, 2025 PoC Published
- Mar 28, 2025 PoC Published
- May 12, 2025 PoC Published
- Apr 2, 2026 Distribution Patch
References
- https://wid.cert-bund.de/.well-known/csaf/white/2022/wid-sec-w-2022-0515.json advisory
- https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2022-0515 advisory
- https://ubuntu.com/security/notices/USN-6151-1 url
- https://www.cybersecurity-help.cz/vdb/SB2023032948 url
- https://www.ibm.com/support/pages/node/6596399 url
- https://www.ibm.com/support/pages/node/6596907 url
- https://www.ibm.com/support/pages/node/6596881 url
- https://www.ibm.com/support/pages/node/6596741 url
- https://www.ibm.com/support/pages/node/6596883 url
- https://www.ibm.com/support/pages/node/6596971 url
- https://www.ibm.com/support/pages/node/6596895 url
- https://www.ibm.com/support/pages/node/6596379 url
- https://www.ibm.com/support/pages/node/6596877 url
- https://www.ibm.com/support/pages/node/6596875 url
- https://alas.aws.amazon.com/AL2/ALASKERNEL-5.4-2022-027.html url
- https://alas.aws.amazon.com/AL2/ALASKERNEL-5.4-2022-029.html url
- https://www.ibm.com/blogs/psirt/security-bulletin-information-disclosure-and-denial-of-service-vulnerabilities-in-the-ibm-spectrum-protect-backup-archive-client-may-affect-ibm-spectrum-protect-for-space-management-cve-2022-22478/ url