CVE-2022-0492
Severity
7.8HIGH
EPSS
5.1%
top 10.18%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
Timeline
PublishedMar 3
Latest updateJan 15
Description
A vulnerability was found in the Linux kernel’s cgroup_release_agent_write in the kernel/cgroup/cgroup-v1.c function. This flaw, under certain circumstances, allows the use of the cgroups v1 release_agent feature to escalate privileges and bypass the namespace isolation unexpectedly.
CVSS vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 1.8 | Impact: 5.9
Affected Packages27 packages
Also affects: Debian Linux 10.0, 11.0, 9.0, Ubuntu Linux 14.04, 16.04, 18.04, 20.04, 22.04, Enterprise Linux 8.0, 8.2, 8.1, Fedora 35
Patches
🔴Vulnerability Details
10OSV▶
linux, linux-aws, linux-aws-hwe, linux-azure, linux-azure-4.15, linux-dell300x, linux-hwe, linux-gcp, linux-gcp-4.15, linux-kvm, linux-oracle, linux-raspi2, linux-snapdragon vulnerabilities↗2022-03-22