Is CVE-2022-0847 actively exploited?

CVE-2022-0847 has no public evidence of in-the-wild exploitation as of 2025-11-06.

What is the CVSS score for CVE-2022-0847?

CVE-2022-0847 has a CVSS score of 7.8 (HIGH severity). Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H.

How do I patch CVE-2022-0847?

Patch guidance is available from linux security advisories. CVEDatabase generates AI-assisted remediation guidance on demand for CVE-2022-0847.

Fix CVE-2022-0847 - HIGH linux linux kernel

Q: Which products are affected by CVE-2022-0847?

42 products: linux linux kernel, linux linux kernel, linux linux kernel, fedoraproject fedora, redhat enterprise linux, and 37 more.

Description

A flaw was found in the way the "flags" member of the new pipe buffer structure was lacking proper initialization in copy_page_to_iter_pipe and push_pipe functions in the Linux kernel and could thus contain stale values. An unprivileged local user could use this flaw to write to pages in the page cache backed by read only files and as such escalate their privileges on the system.

CVSS Metrics

Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Attack Vector: local
Complexity: low
Privileges: low
User Action: none
Scope: unchanged
Confidentiality: high
Integrity: high
Availability: high
Weaknesses: CWE-665 CWE-665

Metadata

Primary Vendor: LINUX
Published: 3/10/2022
Last Modified: 11/6/2025
Source: NIST NVD
Note: Verify all details with official vendor sources before applying patches.

Affected Products

linux : linux_kernellinux : linux_kernellinux : linux_kernelfedoraproject : fedoraredhat : enterprise_linuxredhat : enterprise_linux_eusredhat : enterprise_linux_eusredhat : enterprise_linux_for_ibm_z_systemsredhat : enterprise_linux_for_ibm_z_systems_eusredhat : enterprise_linux_for_ibm_z_systems_eusredhat : enterprise_linux_for_power_little_endianredhat : enterprise_linux_for_power_little_endian_eusredhat : enterprise_linux_for_power_little_endian_eusredhat : enterprise_linux_for_real_timeredhat : enterprise_linux_for_real_time_for_nfvredhat : enterprise_linux_for_real_time_for_nfv_tusredhat : enterprise_linux_for_real_time_for_nfv_tusredhat : enterprise_linux_for_real_time_tusredhat : enterprise_linux_for_real_time_tusredhat : enterprise_linux_server_ausredhat : enterprise_linux_server_ausredhat : enterprise_linux_server_for_power_little_endian_update_services_for_sap_solutionsredhat : enterprise_linux_server_for_power_little_endian_update_services_for_sap_solutionsredhat : enterprise_linux_server_for_power_little_endian_update_services_for_sap_solutionsredhat : enterprise_linux_server_tusredhat : enterprise_linux_server_tusredhat : enterprise_linux_server_update_services_for_sap_solutionsredhat : enterprise_linux_server_update_services_for_sap_solutionsredhat : enterprise_linux_server_update_services_for_sap_solutionsredhat : codeready_linux_builderredhat : virtualization_hostovirt : ovirt-enginenetapp : h300s_firmwarenetapp : h500s_firmwarenetapp : h700s_firmwarenetapp : h300e_firmwarenetapp : h500e_firmwarenetapp : h700e_firmwarenetapp : h410s_firmwarenetapp : h410c_firmwaresiemens : scalance_lpe9403_firmwaresonicwall : sma1000_firmware

Remediation Guidance

Executive Summary

View on NIST NVD