CVE-2022-0492
Published on: Not Yet Published
Last Modified on: 05/12/2023 12:59:00 PM UTC
Certain versions of Ubuntu Linux from Canonical contain the following vulnerability:
A vulnerability was found in the Linux kernel’s cgroup_release_agent_write in the kernel/cgroup/cgroup-v1.c function. This flaw, under certain circumstances, allows the use of the cgroups v1 release_agent feature to escalate privileges and bypass the namespace isolation unexpectedly.
- CVE-2022-0492 has been assigned by
[email protected] to track the vulnerability - currently rated as HIGH severity.
CVSS3 Score: 7.8 - HIGH
| Attack Vector ⓘ |
Attack Complexity |
Privileges Required |
User Interaction |
|---|---|---|---|
| LOCAL | LOW | LOW | NONE |
| Scope | Confidentiality Impact |
Integrity Impact |
Availability Impact |
| UNCHANGED | HIGH | HIGH | HIGH |
CVSS2 Score: 6.9 - MEDIUM
| Access Vector ⓘ |
Access Complexity |
Authentication |
|---|---|---|
| LOCAL | MEDIUM | NONE |
| Confidentiality Impact |
Integrity Impact |
Availability Impact |
| COMPLETE | COMPLETE | COMPLETE |
CVE References
| Description | Tags ⓘ | Link |
|---|---|---|
| [SECURITY] [DLA 2941-1] linux-4.19 security update | lists.debian.org text/html |
MLIST [debian-lts-announce] 20220309 [SECURITY] [DLA 2941-1] linux-4.19 security update |
| [SECURITY] [DLA 2940-1] linux security update | lists.debian.org text/html |
MLIST [debian-lts-announce] 20220309 [SECURITY] [DLA 2940-1] linux security update |
| 2051505 – (CVE-2022-0492) CVE-2022-0492 kernel: cgroups v1 release_agent feature may allow privilege escalation | bugzilla.redhat.com text/html |
MISC bugzilla.redhat.com/show_bug.cgi?id=2051505 |
| Debian -- Security Information -- DSA-5095-1 linux | www.debian.org Depreciated Link text/html |
DEBIAN DSA-5095 |
| CVE-2022-0492 Linux Kernel Vulnerability in NetApp Products | NetApp Product Security | security.netapp.com text/html |
CONFIRM security.netapp.com/advisory/ntap-20220419-0002/ |
| Kernel Live Patch Security Notice LSN-0085-1 ≈ Packet Storm | packetstormsecurity.com text/html |
MISC packetstormsecurity.com/files/166444/Kernel-Live-Patch-Security-Notice-LSN-0085-1.html |
| Kernel Live Patch Security Notice LSN-0086-1 ≈ Packet Storm | packetstormsecurity.com text/html |
MISC packetstormsecurity.com/files/167386/Kernel-Live-Patch-Security-Notice-LSN-0086-1.html |
| Debian -- Security Information -- DSA-5096-1 linux | www.debian.org Depreciated Link text/html |
DEBIAN DSA-5096 |
| kernel/git/torvalds/linux.git - Linux kernel source tree | git.kernel.org text/html |
MISC git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=24f6008564183aa120d07c03d9289519c2fe02af |
Related QID Numbers
- 159639 Oracle Enterprise Linux Security Update for Unbreakable Enterprise kernel (ELSA-2022-9141)
- 159640 Oracle Enterprise Linux Security Update for Unbreakable Enterprise kernel-container (ELSA-2022-9142)
- 159641 Oracle Enterprise Linux Security Update for Unbreakable Enterprise kernel (ELSA-2022-9147)
- 159642 Oracle Enterprise Linux Security Update for Unbreakable Enterprise kernel-container (ELSA-2022-9148)
- 159653 Oracle Enterprise Linux Security Update for unbreakable enterprise kernel (ELSA-2022-9179)
- 159671 Oracle Enterprise Linux Security Update for unbreakable enterprise kernel-container (ELSA-2022-9180)
- 159700 Oracle Enterprise Linux Security Update for kernel (ELSA-2022-0825)
- 159727 Oracle Enterprise Linux Security Update for unbreakable enterprise kernel-container (ELSA-2022-9245)
- 159729 Oracle Enterprise Linux Security Update for unbreakable enterprise kernel (ELSA-2022-9244)
- 159760 Oracle Enterprise Linux Security Update for unbreakable enterprise kernel-container (ELSA-2022-9314)
- 159763 Oracle Enterprise Linux Security Update for unbreakable enterprise kernel (ELSA-2022-9313)
- 159846 Oracle Enterprise Linux Security Update for kernel (ELSA-2022-4642)
- 160012 Oracle Enterprise Linux Security Update for unbreakable enterprise kernel (ELSA-2022-9667)
- 160089 Oracle Enterprise Linux Security Update for kernel (ELSA-2022-9781)
- 179115 Debian Security Update for linux (DSA 5095-1)
- 179117 Debian Security Update for linux (DSA 5096-1)
- 179118 Debian Security Update for linux (DLA 2940-1)
- 179119 Debian Security Update for linux-4.19 (DLA 2941-1)
- 198672 Ubuntu Security Notification for Linux kernel (OEM) Vulnerabilities (USN-5302-1)
- 198707 Ubuntu Security Notification for Linux kernel Vulnerabilities (USN-5339-1)
- 198708 Ubuntu Security Notification for Linux kernel Vulnerabilities (USN-5337-1)
- 198709 Ubuntu Security Notification for Linux kernel Vulnerabilities (USN-5338-1)
- 198728 Ubuntu Security Notification for Linux kernel (Intel IOTG) Vulnerabilities (USN-5362-1)
- 198731 Ubuntu Security Notification for Linux kernel Vulnerabilities (USN-5368-1)
- 198740 Ubuntu Security Notification for Linux kernel (BlueField) Vulnerabilities (USN-5377-1)
- 240125 Red Hat Update for kernel-rt (RHSA-2022:0821)
- 240128 Red Hat Update for kernel security (RHSA-2022:0825)
- 240129 Red Hat Update for kernel security (RHSA-2022:0820)
- 240130 Red Hat Update for kernel-rt (RHSA-2022:0819)
- 240144 Red Hat Update for kpatch-patch (RHSA-2022:0849)
- 240154 Red Hat Update for kpatch-patch (RHSA-2022:0925)
- 240220 Red Hat Update for kernel-rt (RHSA-2022:1413)
- 240221 Red Hat Update for kpatch-patch (RHSA-2022:1418)
- 240224 Red Hat Update for kernel security (RHSA-2022:1455)
- 240352 Red Hat Update for kpatch-patch (RHSA-2022:4655)
- 240355 Red Hat Update for kernel-rt (RHSA-2022:4644)
- 240356 Red Hat Update for kernel (RHSA-2022:4642)
- 240418 Red Hat Update for kpatch-patch (RHSA-2022:0851)
- 257171 CentOS Security Update for kernel (CESA-2022:4642)
- 353160 Amazon Linux Security Advisory for kernel : ALAS2-2022-1749
- 353161 Amazon Linux Security Advisory for kernel : ALAS-2022-1563
- 353165 Amazon Linux Security Advisory for kernel : ALAS2KERNEL-5.4-2022-022
- 353166 Amazon Linux Security Advisory for kernel : ALAS2KERNEL-5.10-2022-010
- 353242 Amazon Linux Security Advisory for kernel : ALAC2012-2022-036
- 353243 Amazon Linux Security Advisory for kmod-mlx5 : ALAC2012-2022-037
- 353244 Amazon Linux Security Advisory for kmod-sfc : ALAC2012-2022-038
- 354304 Amazon Linux Security Advisory for kernel : ALAS2022-2022-024
- 354468 Amazon Linux Security Advisory for kernel : ALAS2022-2022-185
- 354542 Amazon Linux Security Advisory for kernel : ALAS-2022-185
- 355199 Amazon Linux Security Advisory for kernel : ALAS2023-2023-070
- 376925 Alibaba Cloud Linux Security Update for cloud-kernel (ALINUX3-SA-2022:0125)
- 377124 Alibaba Cloud Linux Security Update for cloud-kernel (ALINUX3-SA-2022:0029)
- 377703 F5 BIG-IP Linux kernel vulnerability cve-2022-0492 (K54724312)
- 390264 Oracle VM Server for x86 Security Update for kernel (OVMSA-2022-0021)
- 610418 Google Pixel Android June 2022 Security Patch Missing
- 610422 Google Android July 2022 Security Patch Missing for Huawei EMUI
- 671441 EulerOS Security Update for kernel (EulerOS-SA-2022-1366)
- 671561 EulerOS Security Update for kernel (EulerOS-SA-2022-1523)
- 671703 EulerOS Security Update for kernel (EulerOS-SA-2022-1735)
- 671723 EulerOS Security Update for kernel (EulerOS-SA-2022-1780)
- 671724 EulerOS Security Update for kernel (EulerOS-SA-2022-1779)
- 671726 EulerOS Security Update for kernel (EulerOS-SA-2022-1782)
- 671727 EulerOS Security Update for kernel (EulerOS-SA-2022-1781)
- 751831 SUSE Enterprise Linux Security Update for the Linux Kernel (SUSE-SU-2022:0768-1)
- 751832 SUSE Enterprise Linux Security Update for the Linux Kernel (SUSE-SU-2022:0765-1)
- 751833 SUSE Enterprise Linux Security Update for the Linux Kernel (SUSE-SU-2022:0757-1)
- 751835 SUSE Enterprise Linux Security Update for the Linux Kernel (SUSE-SU-2022:0767-1)
- 751836 SUSE Enterprise Linux Security Update for the Linux Kernel (SUSE-SU-2022:0759-1)
- 751837 SUSE Enterprise Linux Security Update for the Linux Kernel (SUSE-SU-2022:0762-1)
- 751838 SUSE Enterprise Linux Security Update for the Linux Kernel (SUSE-SU-2022:0766-1)
- 751851 OpenSUSE Security Update for the Linux Kernel (openSUSE-SU-2022:0768-1)
- 751852 OpenSUSE Security Update for the Linux Kernel (openSUSE-SU-2022:0755-1)
- 751853 OpenSUSE Security Update for the Linux Kernel (openSUSE-SU-2022:0760-1)
- 751939 SUSE Enterprise Linux Security Update for the Linux Kernel (Live Patch 27 for SLE 12 SP5) (SUSE-SU-2022:1012-1)
- 751950 SUSE Enterprise Linux Security Update for the Linux Kernel (Live Patch 42 for SLE 12 SP3) (SUSE-SU-2022:1036-1)
- 751999 SUSE Enterprise Linux Security Update for the Linux Kernel (SUSE-SU-2022:0760-1)
- 753086 SUSE Enterprise Linux Security Update for the Linux Kernel (SUSE-SU-2022:0755-1)
- 753132 SUSE Enterprise Linux Security Update for the Linux Kernel (Live Patch 2 for SLE 15 SP3) (SUSE-SU-2022:0978-1)
- 753285 SUSE Enterprise Linux Security Update for the Linux Kernel (Live Patch 12 for SLE 15 SP2) (SUSE-SU-2022:1035-1)
- 753300 SUSE Enterprise Linux Security Update for the Linux Kernel (Live Patch 28 for SLE 12 SP5) (SUSE-SU-2022:0991-1)
- 753327 SUSE Enterprise Linux Security Update for the Linux Kernel (Live Patch 13 for SLE 15 SP3) (SUSE-SU-2022:0998-1)
- 753348 SUSE Enterprise Linux Security Update for the Linux Kernel (SUSE-SU-2022:1038-1)
- 753373 SUSE Enterprise Linux Security Update for the Linux Kernel (SUSE-SU-2022:1257-1)
- 753441 SUSE Enterprise Linux Security Update for the Linux Kernel (SUSE-SU-2022:14905-1)
- 753487 SUSE Enterprise Linux Security Update for the Linux Kernel (Live Patch 10 for SLE 15 SP3) (SUSE-SU-2022:0984-1)
- 900744 Common Base Linux Mariner (CBL-Mariner) Security Update for kernel (8945)
- 901650 Common Base Linux Mariner (CBL-Mariner) Security Update for kernel (8966-1)
- 906094 Common Base Linux Mariner (CBL-Mariner) Security Update for kernel (8945-1)
- 906425 Common Base Linux Mariner (CBL-Mariner) Security Update for kernel (8966-2)
- 940463 AlmaLinux Security Update for kernel (ALSA-2022:0825)
- 960113 Rocky Linux Security Update for kernel-rt (RLSA-2022:819)
- 960116 Rocky Linux Security Update for kernel (RLSA-2022:825)
- 960782 Rocky Linux Security Update for kernel-rt (RLSA-2022:0819)
- 960805 Rocky Linux Security Update for kernel (RLSA-2022:0825)
Exploit/POC from Github
CVE-2022-0492 EXP and Analysis write up
Known Affected Configurations (CPE V2.3)
- cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*:
- cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*:
- cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*:
- cpe:2.3:o:canonical:ubuntu_linux:20.04:*:*:*:lts:*:*:*:
- cpe:2.3:o:canonical:ubuntu_linux:22.04:*:*:*:lts:*:*:*:
- cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*:
- cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*:
- cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*:
- cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*:
- cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*:
- cpe:2.3:o:linux:linux_kernel:5.17:rc1:*:*:*:*:*:*:
- cpe:2.3:o:linux:linux_kernel:5.17:rc2:*:*:*:*:*:*:
- cpe:2.3:h:netapp:baseboard_management_controller_h300e:-:*:*:*:*:*:*:*:
- cpe:2.3:h:netapp:baseboard_management_controller_h300s:-:*:*:*:*:*:*:*:
- cpe:2.3:h:netapp:baseboard_management_controller_h410c:-:*:*:*:*:*:*:*:
- cpe:2.3:h:netapp:baseboard_management_controller_h410s:-:*:*:*:*:*:*:*:
- cpe:2.3:h:netapp:baseboard_management_controller_h500e:-:*:*:*:*:*:*:*:
- cpe:2.3:h:netapp:baseboard_management_controller_h500s:-:*:*:*:*:*:*:*:
- cpe:2.3:h:netapp:baseboard_management_controller_h700e:-:*:*:*:*:*:*:*:
- cpe:2.3:h:netapp:baseboard_management_controller_h700s:-:*:*:*:*:*:*:*:
- cpe:2.3:h:netapp:hci_compute_node:-:*:*:*:*:*:*:*:
- cpe:2.3:a:netapp:solidfire\,_enterprise_sds_\&_hci_storage_node:-:*:*:*:*:*:*:*:
- cpe:2.3:a:netapp:solidfire_\&_hci_management_node:-:*:*:*:*:*:*:*:
- cpe:2.3:a:redhat:codeready_linux_builder:8.0:*:*:*:*:*:*:*:
- cpe:2.3:a:redhat:codeready_linux_builder:8.2:*:*:*:*:*:*:*:
- cpe:2.3:o:redhat:codeready_linux_builder:8.0:*:*:*:*:*:*:*:
- cpe:2.3:o:redhat:codeready_linux_builder:8.2:*:*:*:*:*:*:*:
- cpe:2.3:a:redhat:codeready_linux_builder_for_power_little_endian:8.0:*:*:*:*:*:*:*:
- cpe:2.3:a:redhat:codeready_linux_builder_for_power_little_endian:8.2:*:*:*:*:*:*:*:
- cpe:2.3:o:redhat:codeready_linux_builder_for_power_little_endian:8.0:*:*:*:*:*:*:*:
- cpe:2.3:o:redhat:codeready_linux_builder_for_power_little_endian:8.2:*:*:*:*:*:*:*:
- cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*:
- cpe:2.3:o:redhat:enterprise_linux_eus:8.2:*:*:*:*:*:*:*:
- cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:8.0:*:*:*:*:*:*:*:
- cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus:8.0:*:*:*:*:*:*:*:
- cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian:8.0:*:*:*:*:*:*:*:
- cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:8.0:*:*:*:*:*:*:*:
- cpe:2.3:o:redhat:enterprise_linux_for_real_time_for_nfv_tus:8.0:*:*:*:*:*:*:*:
- cpe:2.3:o:redhat:enterprise_linux_for_real_time_for_nfv_tus:8.2:*:*:*:*:*:*:*:
- cpe:2.3:o:redhat:enterprise_linux_for_real_time_tus:8.0:*:*:*:*:*:*:*:
- cpe:2.3:o:redhat:enterprise_linux_for_real_time_tus:8.2:*:*:*:*:*:*:*:
- cpe:2.3:o:redhat:enterprise_linux_server_aus:8.2:*:*:*:*:*:*:*:
- cpe:2.3:o:redhat:enterprise_linux_server_for_power_little_endian_update_services_for_sap_solutions:8.1:*:*:*:*:*:*:*:
- cpe:2.3:o:redhat:enterprise_linux_server_for_power_little_endian_update_services_for_sap_solutions:8.2:*:*:*:*:*:*:*:
- cpe:2.3:o:redhat:enterprise_linux_server_tus:8.2:*:*:*:*:*:*:*:
- cpe:2.3:o:redhat:enterprise_linux_server_update_services_for_sap_solutions:8.1:*:*:*:*:*:*:*:
- cpe:2.3:o:redhat:enterprise_linux_server_update_services_for_sap_solutions:8.2:*:*:*:*:*:*:*:
- cpe:2.3:a:redhat:virtualization_host:4.0:*:*:*:*:*:*:*:
No vendor comments have been submitted for this CVE
@softek_jp
/r/netsec