← Back to CVEs
CVE-2022-0492
HIGH7.8
Description
A vulnerability was found in the Linux kernel’s cgroup_release_agent_write in the kernel/cgroup/cgroup-v1.c function. This flaw, under certain circumstances, allows the use of the cgroups v1 release_agent feature to escalate privileges and bypass the namespace isolation unexpectedly.
CVE Details
CVSS v3.1 Score7.8
SeverityHIGH
CVSS VectorCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Attack VectorLOCAL
ComplexityLOW
Privileges RequiredLOW
User InteractionNONE
Published3/3/2022
Last Modified11/21/2024
Sourcenvd
Honeypot Sightings0
Affected Products
canonical:ubuntu_linuxdebian:debian_linuxfedoraproject:fedoralinux:linux_kernelnetapp:h300enetapp:h300snetapp:h410cnetapp:h410snetapp:h500enetapp:h500snetapp:h700enetapp:h700snetapp:hci_compute_nodenetapp:solidfire\,_enterprise_sds_\&_hci_storage_nodenetapp:solidfire_\&_hci_management_noderedhat:codeready_linux_builderredhat:codeready_linux_builder_for_power_little_endianredhat:enterprise_linuxredhat:enterprise_linux_eusredhat:enterprise_linux_for_ibm_z_systemsredhat:enterprise_linux_for_ibm_z_systems_eusredhat:enterprise_linux_for_power_little_endianredhat:enterprise_linux_for_power_little_endian_eusredhat:enterprise_linux_for_real_time_for_nfv_tusredhat:enterprise_linux_for_real_time_tusredhat:enterprise_linux_server_ausredhat:enterprise_linux_server_for_power_little_endian_update_services_for_sap_solutionsredhat:enterprise_linux_server_tusredhat:enterprise_linux_server_update_services_for_sap_solutionsredhat:virtualization_host
Weaknesses (CWE)
CWE-287CWE-862
References
http://packetstormsecurity.com/files/166444/Kernel-Live-Patch-Security-Notice-LSN-0085-1.html(secalert@redhat.com)
http://packetstormsecurity.com/files/167386/Kernel-Live-Patch-Security-Notice-LSN-0086-1.html(secalert@redhat.com)
http://packetstormsecurity.com/files/176099/Docker-cgroups-Container-Escape.html(secalert@redhat.com)
https://bugzilla.redhat.com/show_bug.cgi?id=2051505(secalert@redhat.com)
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=24f6008564183aa120d07c03d9289519c2fe02af(secalert@redhat.com)
https://lists.debian.org/debian-lts-announce/2022/03/msg00011.html(secalert@redhat.com)
https://lists.debian.org/debian-lts-announce/2022/03/msg00012.html(secalert@redhat.com)
https://security.netapp.com/advisory/ntap-20220419-0002/(secalert@redhat.com)
https://www.debian.org/security/2022/dsa-5095(secalert@redhat.com)
https://www.debian.org/security/2022/dsa-5096(secalert@redhat.com)
http://packetstormsecurity.com/files/166444/Kernel-Live-Patch-Security-Notice-LSN-0085-1.html(af854a3a-2127-422b-91ae-364da2661108)
http://packetstormsecurity.com/files/167386/Kernel-Live-Patch-Security-Notice-LSN-0086-1.html(af854a3a-2127-422b-91ae-364da2661108)
http://packetstormsecurity.com/files/176099/Docker-cgroups-Container-Escape.html(af854a3a-2127-422b-91ae-364da2661108)
https://bugzilla.redhat.com/show_bug.cgi?id=2051505(af854a3a-2127-422b-91ae-364da2661108)
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=24f6008564183aa120d07c03d9289519c2fe02af(af854a3a-2127-422b-91ae-364da2661108)
https://lists.debian.org/debian-lts-announce/2022/03/msg00011.html(af854a3a-2127-422b-91ae-364da2661108)
https://lists.debian.org/debian-lts-announce/2022/03/msg00012.html(af854a3a-2127-422b-91ae-364da2661108)
https://security.netapp.com/advisory/ntap-20220419-0002/(af854a3a-2127-422b-91ae-364da2661108)
https://www.debian.org/security/2022/dsa-5095(af854a3a-2127-422b-91ae-364da2661108)
https://www.debian.org/security/2022/dsa-5096(af854a3a-2127-422b-91ae-364da2661108)
IOC Correlations
No correlations recorded
This product uses data from the NVD API but is not endorsed or certified by the NVD.