Rewterz Threat Update – Update on HermeticRansom Targeting Ukraine – Russian-Ukrainian Cyber Warfare
March 7, 2022Rewterz Threat Alert – FormBook Malware – Active IOCs
March 8, 2022Rewterz Threat Update – Update on HermeticRansom Targeting Ukraine – Russian-Ukrainian Cyber Warfare
March 7, 2022Rewterz Threat Alert – FormBook Malware – Active IOCs
March 8, 2022Severity
Medium
Analysis Summary
CVE-2022-0847
Linux Kernel could allow a locally authenticated attacker to gain elevated privileges on the system, caused by improper initialization in the copy_page_to_iter_pipe and push_pipe functions. By writing to pages in the page cache backed by read-only files, an authenticated attacker could exploit this vulnerability to gain elevated privileges.
Impact
- Privilege Escalation
Indicators Of Compromise
CVE
- CVE-2022-0847
Affected Vendors
Linux
Affected Products
- Linux Kernel 5.10
- Linux Kernel 5.15
- Linux Kernel 5.16
Remediation
Upgrade to the latest version of Linux Kernel, available from the Linux Kernel Web site.