New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
CVE-2022-0847 (The Dirty Pipe Vulnerability) #1118
Comments
From https://dirtypipe.cm4all.com/:
Latest kernel in Fedora is kernel-5.16.12-200.fc35 which should have the fix. |
We should probably do an async testing release. |
This will bump the kernel from 5.15.18 to 5.16.12 which could introduce regressions. |
yes. and we should be able to bump the kernel now that https://gitlab.com/cki-project/kernel-ark/-/commit/ce338c425415d1e9623815d79bb88a98818f4157 landed (for #1066) |
This allows us to get the latest kernel-5.16.12-200.fc35. Moving to a kernel newer than 5.16.11 picks up the fix fo CVE-2022-0847. We're able to do this because the Fedora kernel maintainers agreed to again pick up a revert that allows us to not regress on some AWS instance types (coreos/fedora-coreos-tracker#1066). Closes coreos/fedora-coreos-tracker#1118
This kernel picks up the fix to CVE-2022-0847, which was included in kernels 5.6.11 and later. See coreos/fedora-coreos-tracker#1118
This kernel picks up the fix to CVE-2022-0847, which was included in kernels 5.16.11 and later. See coreos/fedora-coreos-tracker#1118
This kernel picks up the fix to CVE-2022-0847, which was included in kernels 5.16.11 and later. See coreos/fedora-coreos-tracker#1118
It turns out that https://gitlab.com/cki-project/kernel-ark/-/commit/ce338c425415d1e9623815d79bb88a98818f4157 didn't land in |
How do we prevent forks from closing issues? |
This is the first kernel with the most recent revert that allows us to not regress on some AWS instance types [1]. Because it is newer than 5.16.11 it also allows for us to pick up the fix to CVE-2022-0847 [2]. [1] coreos/fedora-coreos-tracker#1066 [2] coreos/fedora-coreos-tracker#1118
This is the first kernel with the most recent revert that allows us to not regress on some AWS instance types [1]. Because it is newer than 5.16.11 it also allows for us to pick up the fix to CVE-2022-0847 [2]. [1] coreos/fedora-coreos-tracker#1066 [2] coreos/fedora-coreos-tracker#1118
This is the first kernel with the most recent revert that allows us to not regress on some AWS instance types [1]. Because it is newer than 5.16.11 it also allows for us to pick up the fix to CVE-2022-0847 [2]. [1] coreos/fedora-coreos-tracker#1066 [2] coreos/fedora-coreos-tracker#1118
This is the first kernel with the most recent revert that allows us to not regress on some AWS instance types [1]. Because it is newer than 5.16.11 it also allows for us to pick up the fix to CVE-2022-0847 [2]. [1] coreos/fedora-coreos-tracker#1066 [2] coreos/fedora-coreos-tracker#1118
This is the first kernel with the most recent revert that allows us to not regress on some AWS instance types [1]. Because it is newer than 5.16.11 it also allows for us to pick up the fix to CVE-2022-0847 [2]. [1] coreos/fedora-coreos-tracker#1066 [2] coreos/fedora-coreos-tracker#1118
This is the first kernel with the most recent revert that allows us to not regress on some AWS instance types [1]. Because it is newer than 5.16.11 it also allows for us to pick up the fix to CVE-2022-0847 [2]. [1] coreos/fedora-coreos-tracker#1066 [2] coreos/fedora-coreos-tracker#1118
This is the first kernel with the most recent revert that allows us to not regress on some AWS instance types [1]. Because it is newer than 5.16.11 it also allows for us to pick up the fix to CVE-2022-0847 [2]. [1] coreos/fedora-coreos-tracker#1066 [2] coreos/fedora-coreos-tracker#1118
This is the first kernel with the most recent revert that allows us to not regress on some AWS instance types [1]. Because it is newer than 5.16.11 it also allows for us to pick up the fix to CVE-2022-0847 [2]. [1] coreos/fedora-coreos-tracker#1066 [2] coreos/fedora-coreos-tracker#1118
This is the first kernel with the most recent revert that allows us to not regress on some AWS instance types [1]. Because it is newer than 5.16.11 it also allows for us to pick up the fix to CVE-2022-0847 [2]. [1] coreos/fedora-coreos-tracker#1066 [2] coreos/fedora-coreos-tracker#1118
This is the first kernel with the most recent revert that allows us to not regress on some AWS instance types [1]. Because it is newer than 5.16.11 it also allows for us to pick up the fix to CVE-2022-0847 [2]. [1] coreos/fedora-coreos-tracker#1066 [2] coreos/fedora-coreos-tracker#1118
This is the first kernel with the most recent revert that allows us to not regress on some AWS instance types [1]. Because it is newer than 5.16.11 it also allows for us to pick up the fix to CVE-2022-0847 [2]. [1] coreos/fedora-coreos-tracker#1066 [2] coreos/fedora-coreos-tracker#1118
This is the first kernel with the most recent revert that allows us to not regress on some AWS instance types [1]. Because it is newer than 5.16.11 it also allows for us to pick up the fix to CVE-2022-0847 [2]. [1] coreos/fedora-coreos-tracker#1066 [2] coreos/fedora-coreos-tracker#1118
This is the first kernel with the most recent revert that allows us to not regress on some AWS instance types [1]. Because it is newer than 5.16.11 it also allows for us to pick up the fix to CVE-2022-0847 [2]. [1] coreos/fedora-coreos-tracker#1066 [2] coreos/fedora-coreos-tracker#1118
Should not you also send out a mail to that mailinglist once it is fixed? |
The fix for this went into |
The fix for this went into |
The fix for this went into |
This allows us to get the latest kernel-5.16.12-200.fc35. Moving to a kernel newer than 5.16.11 picks up the fix fo CVE-2022-0847. We're able to do this because the Fedora kernel maintainers agreed to again pick up a revert that allows us to not regress on some AWS instance types (coreos/fedora-coreos-tracker#1066). Closes coreos/fedora-coreos-tracker#1118
This is the first kernel with the most recent revert that allows us to not regress on some AWS instance types [1]. Because it is newer than 5.16.11 it also allows for us to pick up the fix to CVE-2022-0847 [2]. [1] coreos/fedora-coreos-tracker#1066 [2] coreos/fedora-coreos-tracker#1118
This allows us to get the latest kernel-5.16.12-200.fc35. Moving to a kernel newer than 5.16.11 picks up the fix fo CVE-2022-0847. We're able to do this because the Fedora kernel maintainers agreed to again pick up a revert that allows us to not regress on some AWS instance types (coreos/fedora-coreos-tracker#1066). Closes coreos/fedora-coreos-tracker#1118
This is the first kernel with the most recent revert that allows us to not regress on some AWS instance types [1]. Because it is newer than 5.16.11 it also allows for us to pick up the fix to CVE-2022-0847 [2]. [1] coreos/fedora-coreos-tracker#1066 [2] coreos/fedora-coreos-tracker#1118
Describe the bug
Tracking issue for CVE-2022-0847 (The Dirty Pipe Vulnerability).
References:
This impacts containers too: https://blog.aquasec.com/cve-2022-0847-dirty-pipe-linux-vulnerability
The text was updated successfully, but these errors were encountered: