vulnerability

VMware Photon OS: CVE-2022-0847

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
7	(AV:L/AC:L/Au:N/C:C/I:C/A:C)	Mar 7, 2022	Jan 20, 2025	Feb 9, 2026

Severity

CVSS

(AV:L/AC:L/Au:N/C:C/I:C/A:C)

Published

Mar 7, 2022

Added

Jan 20, 2025

Modified

Feb 9, 2026

Description

A flaw was found in the way the "flags" member of the new pipe buffer structure was lacking proper initialization in copy_page_to_iter_pipe and push_pipe functions in the Linux kernel and could thus contain stale values. An unprivileged local user could use this flaw to write to pages in the page cache backed by read only files and as such escalate their privileges on the system.

Solution

vmware-photon_os_update_tdnf

References

CVE-2022-0847
https://attackerkb.com/topics/CVE-2022-0847
CWE-665

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today