A new Linux vulnerability was discovered CVE-2022-0847, aka Dirty Pipe in Linux kernel.
CVE-2022-0847 is a vulnerability in the Linux kernel since v.5.8 which allows overwriting data in arbitrary read-only files. This leads to privilege escalation because unprivileged processes can inject code into root processes.
Successful exploitation could allow an attacker/hackers with local access to overwrite data in arbitrary read-only files. Attackers can abuse this overwrite flaw to escalate privileges and inject code from unprivileged processes to privileged processes.
Impact on the listed Barco products:
Barco is currently analyzing the impact on our Linux based products. This issue is not applicable for all our Microsoft Windows based systems.
As the investigation continues, information will be updated here.
| Product | Status |
| ClickShare (Base Units, Buttons, and Apps) | Not affected |
| XMS Cloud | Not affected |
| XMS Edge |
Not affected |
| CMGS | Not affected |
| TransForm N (TFN) | Not affected |
| OpSpace | Not affected |
| SecureStream (Discontinued) | Not affected |
| Video Wall Management suite (Cloud)? | Not affected |
| Video Wall Manager (on-prem) | Not affected |
| Green Barco Wall Control Manager (gBCM) | Not affected |
| Infinipix | Not affected |
| weConnect | Not affected |
| wePresent | Not affected |
| Overture | Not affected |
