Linux Kernel cgroups Vulnerability CVE-2022-0492
1 min readThis is high severity vulnerability in the Linux kernel that could potentially be abused to escape a container in order to execute arbitrary code against the containers host
CVSS score: 7.0
Risk: Privilege escalation
The issue is a privilege escalation flaw affecting the Linux kernel feature called control groups (groups), that limits, accounts for, and isolates the resource usage (CPU, memory, disk I/O, network, etc.) of a collection of processes. The security issue is in a Linux kernel feature called control groups, also known as cgroups version 1 (v1), which allows processes to be organized into hierarchical groups, thereby making it possible to limit and monitor the usage of resources such as CPU, memory, disk I/O, and network.
Details have emerged about a now-patched high-severity vulnerability in the Linux kernel that could potentially be abused to escape a container in order to execute arbitrary commands on the container host.
Linux distros Suse, Ubuntu, and Redhat, also published their own advisories.
Redhat Advisory https://access.redhat.com/security/cve/cve-2022-0492
Ubuntu Advisory https://ubuntu.com/security/CVE-2022-0492
Debian https://security-tracker.debian.org/tracker/CVE-2022-0492
Suse https://www.suse.com/security/cve/CVE-2022-0492.html