CVE-2022-0847 (The Dirty Pipe Vulnerability) #1118
Comments
|
From https://dirtypipe.cm4all.com/:
Latest kernel in Fedora is kernel-5.16.12-200.fc35 which should have the fix. |
|
We should probably do an async testing release. |
travier
added
priority/high
status/pending-testing-release
|
This will bump the kernel from 5.15.18 to 5.16.12 which could introduce regressions. |
yes. and we should be able to bump the kernel now that https://gitlab.com/cki-project/kernel-ark/-/commit/ce338c425415d1e9623815d79bb88a98818f4157 landed (for #1066) |
dustymabe
added a commit
to dustymabe/fedora-coreos-config
that referenced
this issue
Mar 8, 2022
This allows us to get the latest kernel-5.16.12-200.fc35. Moving to a kernel newer than 5.16.11 picks up the fix fo CVE-2022-0847. We're able to do this because the Fedora kernel maintainers agreed to again pick up a revert that allows us to not regress on some AWS instance types (coreos/fedora-coreos-tracker#1066). Closes coreos/fedora-coreos-tracker#1118
dustymabe
added a commit
to dustymabe/fedora-coreos-config
that referenced
this issue
Mar 8, 2022
This kernel picks up the fix to CVE-2022-0847, which was included in kernels 5.6.11 and later. See coreos/fedora-coreos-tracker#1118
dustymabe
added a commit
to dustymabe/fedora-coreos-config
that referenced
this issue
Mar 8, 2022
This kernel picks up the fix to CVE-2022-0847, which was included in kernels 5.16.11 and later. See coreos/fedora-coreos-tracker#1118
dustymabe
added a commit
to dustymabe/fedora-coreos-config
that referenced
this issue
Mar 8, 2022
This kernel picks up the fix to CVE-2022-0847, which was included in kernels 5.16.11 and later. See coreos/fedora-coreos-tracker#1118
|
It turns out that https://gitlab.com/cki-project/kernel-ark/-/commit/ce338c425415d1e9623815d79bb88a98818f4157 didn't land in |
|
How do we prevent forks from closing issues? |
dustymabe
added a commit
to dustymabe/fedora-coreos-config
that referenced
this issue
Mar 9, 2022
This is the first kernel with the most recent revert that allows us to not regress on some AWS instance types [1]. Because it is newer than 5.16.11 it also allows for us to pick up the fix to CVE-2022-0847 [2]. [1] coreos/fedora-coreos-tracker#1066 [2] coreos/fedora-coreos-tracker#1118
dustymabe
added a commit
to dustymabe/fedora-coreos-config
that referenced
this issue
Mar 9, 2022
This is the first kernel with the most recent revert that allows us to not regress on some AWS instance types [1]. Because it is newer than 5.16.11 it also allows for us to pick up the fix to CVE-2022-0847 [2]. [1] coreos/fedora-coreos-tracker#1066 [2] coreos/fedora-coreos-tracker#1118
dustymabe
added a commit
to dustymabe/fedora-coreos-config
that referenced
this issue
Mar 9, 2022
This is the first kernel with the most recent revert that allows us to not regress on some AWS instance types [1]. Because it is newer than 5.16.11 it also allows for us to pick up the fix to CVE-2022-0847 [2]. [1] coreos/fedora-coreos-tracker#1066 [2] coreos/fedora-coreos-tracker#1118
dustymabe
added a commit
to dustymabe/fedora-coreos-config
that referenced
this issue
Mar 9, 2022
This is the first kernel with the most recent revert that allows us to not regress on some AWS instance types [1]. Because it is newer than 5.16.11 it also allows for us to pick up the fix to CVE-2022-0847 [2]. [1] coreos/fedora-coreos-tracker#1066 [2] coreos/fedora-coreos-tracker#1118
dustymabe
added a commit
to dustymabe/fedora-coreos-config
that referenced
this issue
Mar 9, 2022
This is the first kernel with the most recent revert that allows us to not regress on some AWS instance types [1]. Because it is newer than 5.16.11 it also allows for us to pick up the fix to CVE-2022-0847 [2]. [1] coreos/fedora-coreos-tracker#1066 [2] coreos/fedora-coreos-tracker#1118
dustymabe
added a commit
to dustymabe/fedora-coreos-config
that referenced
this issue
Mar 9, 2022
This is the first kernel with the most recent revert that allows us to not regress on some AWS instance types [1]. Because it is newer than 5.16.11 it also allows for us to pick up the fix to CVE-2022-0847 [2]. [1] coreos/fedora-coreos-tracker#1066 [2] coreos/fedora-coreos-tracker#1118
dustymabe
added a commit
to dustymabe/fedora-coreos-config
that referenced
this issue
Mar 9, 2022
This is the first kernel with the most recent revert that allows us to not regress on some AWS instance types [1]. Because it is newer than 5.16.11 it also allows for us to pick up the fix to CVE-2022-0847 [2]. [1] coreos/fedora-coreos-tracker#1066 [2] coreos/fedora-coreos-tracker#1118
dustymabe
added a commit
to dustymabe/fedora-coreos-config
that referenced
this issue
Mar 9, 2022
This is the first kernel with the most recent revert that allows us to not regress on some AWS instance types [1]. Because it is newer than 5.16.11 it also allows for us to pick up the fix to CVE-2022-0847 [2]. [1] coreos/fedora-coreos-tracker#1066 [2] coreos/fedora-coreos-tracker#1118
dustymabe
added a commit
to dustymabe/fedora-coreos-config
that referenced
this issue
Mar 9, 2022
This is the first kernel with the most recent revert that allows us to not regress on some AWS instance types [1]. Because it is newer than 5.16.11 it also allows for us to pick up the fix to CVE-2022-0847 [2]. [1] coreos/fedora-coreos-tracker#1066 [2] coreos/fedora-coreos-tracker#1118
dustymabe
added a commit
to coreos/fedora-coreos-config
that referenced
this issue
Mar 9, 2022
This is the first kernel with the most recent revert that allows us to not regress on some AWS instance types [1]. Because it is newer than 5.16.11 it also allows for us to pick up the fix to CVE-2022-0847 [2]. [1] coreos/fedora-coreos-tracker#1066 [2] coreos/fedora-coreos-tracker#1118
dustymabe
added a commit
to coreos/fedora-coreos-config
that referenced
this issue
Mar 9, 2022
This is the first kernel with the most recent revert that allows us to not regress on some AWS instance types [1]. Because it is newer than 5.16.11 it also allows for us to pick up the fix to CVE-2022-0847 [2]. [1] coreos/fedora-coreos-tracker#1066 [2] coreos/fedora-coreos-tracker#1118
dustymabe
added a commit
to coreos/fedora-coreos-config
that referenced
this issue
Mar 9, 2022
This is the first kernel with the most recent revert that allows us to not regress on some AWS instance types [1]. Because it is newer than 5.16.11 it also allows for us to pick up the fix to CVE-2022-0847 [2]. [1] coreos/fedora-coreos-tracker#1066 [2] coreos/fedora-coreos-tracker#1118
dustymabe
added a commit
to coreos/fedora-coreos-config
that referenced
this issue
Mar 9, 2022
This is the first kernel with the most recent revert that allows us to not regress on some AWS instance types [1]. Because it is newer than 5.16.11 it also allows for us to pick up the fix to CVE-2022-0847 [2]. [1] coreos/fedora-coreos-tracker#1066 [2] coreos/fedora-coreos-tracker#1118
|
Should not you also send out a mail to that mailinglist once it is fixed? |
|
The fix for this went into |
|
The fix for this went into |
dustymabe
added
status/pending-stable-release
|
The fix for this went into |
dustymabe
removed
the
status/pending-stable-release
HuijingHei
pushed a commit
to HuijingHei/fedora-coreos-config
that referenced
this issue
Oct 10, 2023
This allows us to get the latest kernel-5.16.12-200.fc35. Moving to a kernel newer than 5.16.11 picks up the fix fo CVE-2022-0847. We're able to do this because the Fedora kernel maintainers agreed to again pick up a revert that allows us to not regress on some AWS instance types (coreos/fedora-coreos-tracker#1066). Closes coreos/fedora-coreos-tracker#1118
HuijingHei
pushed a commit
to HuijingHei/fedora-coreos-config
that referenced
this issue
Oct 10, 2023
This is the first kernel with the most recent revert that allows us to not regress on some AWS instance types [1]. Because it is newer than 5.16.11 it also allows for us to pick up the fix to CVE-2022-0847 [2]. [1] coreos/fedora-coreos-tracker#1066 [2] coreos/fedora-coreos-tracker#1118
HuijingHei
pushed a commit
to HuijingHei/fedora-coreos-config
that referenced
this issue
Oct 10, 2023
This allows us to get the latest kernel-5.16.12-200.fc35. Moving to a kernel newer than 5.16.11 picks up the fix fo CVE-2022-0847. We're able to do this because the Fedora kernel maintainers agreed to again pick up a revert that allows us to not regress on some AWS instance types (coreos/fedora-coreos-tracker#1066). Closes coreos/fedora-coreos-tracker#1118
HuijingHei
pushed a commit
to HuijingHei/fedora-coreos-config
that referenced
this issue
Oct 10, 2023
This is the first kernel with the most recent revert that allows us to not regress on some AWS instance types [1]. Because it is newer than 5.16.11 it also allows for us to pick up the fix to CVE-2022-0847 [2]. [1] coreos/fedora-coreos-tracker#1066 [2] coreos/fedora-coreos-tracker#1118
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Describe the bug
Tracking issue for CVE-2022-0847 (The Dirty Pipe Vulnerability).
References:
This impacts containers too: https://blog.aquasec.com/cve-2022-0847-dirty-pipe-linux-vulnerability
The text was updated successfully, but these errors were encountered: