CVE-2022-0492 | THREATINT

Description

A vulnerability was found in the Linux kernel’s cgroup_release_agent_write in the kernel/cgroup/cgroup-v1.c function. This flaw, under certain circumstances, allows the use of the cgroups v1 release_agent feature to escalate privileges and bypass the namespace isolation unexpectedly.

PUBLISHED Reserved 2022-02-04 | Published 2022-03-03 | Updated 2026-06-02 | Assigner redhat

CISA Known Exploited Vulnerability

Date added 2026-06-02 | Due date 2026-06-05

Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.

Problem types

CWE-287

References

bugzilla.redhat.com/show_bug.cgi?id=2051505

git.kernel.org/...d=24f6008564183aa120d07c03d9289519c2fe02af

lists.debian.org/debian-lts-announce/2022/03/msg00011.html ([debian-lts-announce] 20220309 [SECURITY] [DLA 2940-1] linux security update) mailing-list

lists.debian.org/debian-lts-announce/2022/03/msg00012.html ([debian-lts-announce] 20220309 [SECURITY] [DLA 2941-1] linux-4.19 security update) mailing-list

www.debian.org/security/2022/dsa-5095 (DSA-5095) vendor-advisory

www.debian.org/security/2022/dsa-5096 (DSA-5096) vendor-advisory

packetstormsecurity.com/...h-Security-Notice-LSN-0085-1.html

security.netapp.com/advisory/ntap-20220419-0002/

packetstormsecurity.com/...h-Security-Notice-LSN-0086-1.html

packetstormsecurity.com/...ker-cgroups-Container-Escape.html

www.cisa.gov/...nerabilities-catalog?field_cve=CVE-2022-0492 (CISA KEV) government-resource