CVE-2022-0492

HIGH

A vulnerability was found in the Linux kernel’s cgroup_release_agent_write in the kernel/cgroup/cgroup-v1.c function. This flaw, under certain circumstances, allows the use of the cgroups v1 release_agent feature to escalate privileges and bypass the namespace isolation unexpectedly.

CVSS v3.1 Score

7.8
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Attack Vector
LOCAL
Complexity
LOW
Privileges
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality
HIGH
Integrity
HIGH
Availability
HIGH
Published: 3/3/2022Modified: 6/17/2026

Related Intelligence (0)

No articles currently reference this CVE.

References (21)

http://packetstormsecurity.com/files/166444/Kernel-Live-Patch-Security-Notice-LSN-0085-1.htmlThird Party AdvisoryVDB Entryhttp://packetstormsecurity.com/files/167386/Kernel-Live-Patch-Security-Notice-LSN-0086-1.htmlThird Party AdvisoryVDB Entryhttp://packetstormsecurity.com/files/176099/Docker-cgroups-Container-Escape.htmlExploitVDB Entryhttps://bugzilla.redhat.com/show_bug.cgi?id=2051505Issue TrackingPatchhttps://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=24f6008564183aa120d07c03d9289519c2fe02afPatchVendor Advisoryhttps://lists.debian.org/debian-lts-announce/2022/03/msg00011.htmlMailing ListThird Party Advisoryhttps://lists.debian.org/debian-lts-announce/2022/03/msg00012.htmlMailing ListThird Party Advisoryhttps://security.netapp.com/advisory/ntap-20220419-0002/Third Party Advisoryhttps://www.debian.org/security/2022/dsa-5095Third Party Advisoryhttps://www.debian.org/security/2022/dsa-5096Third Party Advisoryhttp://packetstormsecurity.com/files/166444/Kernel-Live-Patch-Security-Notice-LSN-0085-1.htmlThird Party AdvisoryVDB Entryhttp://packetstormsecurity.com/files/167386/Kernel-Live-Patch-Security-Notice-LSN-0086-1.htmlThird Party AdvisoryVDB Entryhttp://packetstormsecurity.com/files/176099/Docker-cgroups-Container-Escape.htmlExploitVDB Entryhttps://bugzilla.redhat.com/show_bug.cgi?id=2051505Issue TrackingPatchhttps://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=24f6008564183aa120d07c03d9289519c2fe02afPatchVendor Advisoryhttps://lists.debian.org/debian-lts-announce/2022/03/msg00011.htmlMailing ListThird Party Advisoryhttps://lists.debian.org/debian-lts-announce/2022/03/msg00012.htmlMailing ListThird Party Advisoryhttps://security.netapp.com/advisory/ntap-20220419-0002/Third Party Advisoryhttps://www.debian.org/security/2022/dsa-5095Third Party Advisoryhttps://www.debian.org/security/2022/dsa-5096Third Party Advisoryhttps://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2022-0492US Government Resource