CVE-2022-0492
Summary
| CVE | CVE-2022-0492 |
|---|---|
| State | PUBLISHED |
| Assigner | redhat |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2022-03-03 19:15:08 UTC |
| Updated | 2026-06-02 17:16:21 UTC |
| Description | A vulnerability was found in the Linux kernel’s cgroup_release_agent_write in the kernel/cgroup/cgroup-v1.c function. This flaw, under certain circumstances, allows the use of the cgroups v1 release_agent feature to escalate privileges and bypass the namespace isolation unexpectedly. |
Risk And Classification
Primary CVSS: v3.1 7.8 HIGH from [email protected]
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CISA KEV: Listed on 2026-06-02; due 2026-06-05; ransomware use Unknown
Problem Types: CWE-287 | CWE-862 | CWE-287 CWE-287
| Version | Source | Type | Score | Severity | Vector |
|---|---|---|---|---|---|
| 3.1 | [email protected] | Primary | 7.8 | HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
| 3.1 | ADP | DECLARED | 7.8 | HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
| 3.1 | 134c704f-9b21-4f2e-91b3-4a467353bcc0 | Secondary | 7.8 | HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
| 2.0 | [email protected] | Primary | 6.9 | AV:L/AC:M/Au:N/C:C/I:C/A:C |
CVSS v3.1 Breakdown
Attack Vector
LocalAttack Complexity
LowPrivileges Required
LowUser Interaction
NoneScope
UnchangedConfidentiality
HighIntegrity
HighAvailability
HighCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CVSS v2.0 Breakdown
Access Vector
LocalAccess Complexity
MediumAuthentication
NoneConfidentiality
CompleteIntegrity
CompleteAvailability
CompleteAV:L/AC:M/Au:N/C:C/I:C/A:C
CISA Known Exploited Vulnerability
| Vendor | Linux |
|---|---|
| Product | Kernel |
| Name | Linux Kernel Improper Authentication Vulnerability |
| Required Action | Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable. |
| Notes | This vulnerability affects a common open-source component, third-party library, or a protocol used by different products. Please check with specific vendors for information on patching status. For more information, please see: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=24f6008564183aa120d07c03d9289519c2fe02af ; https://www.kernel.org/ ; https://nvd.nist.gov/vuln/detail/CVE-2022-0492 |
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Operating System | Linux | Linux Kernel | All | All | All | All |
Vendor Declared Affected Products
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| Debian -- Security Information -- DSA-5096-1 linux | af854a3a-2127-422b-91ae-364da2661108 | www.debian.org | Third Party Advisory |
| [SECURITY] [DLA 2940-1] linux security update | af854a3a-2127-422b-91ae-364da2661108 | lists.debian.org | Mailing List, Third Party Advisory |
| packetstormsecurity.com/files/176099/Docker-cgroups-Container-Escape.html | af854a3a-2127-422b-91ae-364da2661108 | packetstormsecurity.com | |
| CVE-2022-0492 Linux Kernel Vulnerability in NetApp Products | NetApp Product Security | af854a3a-2127-422b-91ae-364da2661108 | security.netapp.com | Third Party Advisory |
| Debian -- Security Information -- DSA-5095-1 linux | af854a3a-2127-422b-91ae-364da2661108 | www.debian.org | Third Party Advisory |
| kernel/git/torvalds/linux.git - Linux kernel source tree | af854a3a-2127-422b-91ae-364da2661108 | git.kernel.org | Patch, Vendor Advisory |
| [SECURITY] [DLA 2941-1] linux-4.19 security update | af854a3a-2127-422b-91ae-364da2661108 | lists.debian.org | Mailing List, Third Party Advisory |
| Kernel Live Patch Security Notice LSN-0085-1 ≈ Packet Storm | af854a3a-2127-422b-91ae-364da2661108 | packetstormsecurity.com | Third Party Advisory, VDB Entry |
| Kernel Live Patch Security Notice LSN-0086-1 ≈ Packet Storm | af854a3a-2127-422b-91ae-364da2661108 | packetstormsecurity.com | Third Party Advisory, VDB Entry |
| 2051505 – (CVE-2022-0492) CVE-2022-0492 kernel: cgroups v1 release_agent feature may allow privilege escalation | af854a3a-2127-422b-91ae-364da2661108 | bugzilla.redhat.com | Issue Tracking, Patch, Third Party Advisory |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
| CISA Known Exploited Vulnerabilities catalog | CISA | www.cisa.gov | kev |
No vendor comments have been submitted for this CVE.
Legacy QID Mappings
- 159639 Oracle Enterprise Linux Security Update for Unbreakable Enterprise kernel (ELSA-2022-9141)
- 159640 Oracle Enterprise Linux Security Update for Unbreakable Enterprise kernel-container (ELSA-2022-9142)
- 159641 Oracle Enterprise Linux Security Update for Unbreakable Enterprise kernel (ELSA-2022-9147)
- 159642 Oracle Enterprise Linux Security Update for Unbreakable Enterprise kernel-container (ELSA-2022-9148)
- 159653 Oracle Enterprise Linux Security Update for unbreakable enterprise kernel (ELSA-2022-9179)
- 159671 Oracle Enterprise Linux Security Update for unbreakable enterprise kernel-container (ELSA-2022-9180)
- 159700 Oracle Enterprise Linux Security Update for kernel (ELSA-2022-0825)
- 159727 Oracle Enterprise Linux Security Update for unbreakable enterprise kernel-container (ELSA-2022-9245)
- 159729 Oracle Enterprise Linux Security Update for unbreakable enterprise kernel (ELSA-2022-9244)
- 159760 Oracle Enterprise Linux Security Update for unbreakable enterprise kernel-container (ELSA-2022-9314)
- 159763 Oracle Enterprise Linux Security Update for unbreakable enterprise kernel (ELSA-2022-9313)
- 159846 Oracle Enterprise Linux Security Update for kernel (ELSA-2022-4642)
- 160012 Oracle Enterprise Linux Security Update for unbreakable enterprise kernel (ELSA-2022-9667)
- 160089 Oracle Enterprise Linux Security Update for kernel (ELSA-2022-9781)
- 179115 Debian Security Update for linux (DSA 5095-1)
- 179117 Debian Security Update for linux (DSA 5096-1)
- 179118 Debian Security Update for linux (DLA 2940-1)
- 179119 Debian Security Update for linux-4.19 (DLA 2941-1)
- 184521 Debian Security Update for linux (CVE-2022-0492)
- 198672 Ubuntu Security Notification for Linux kernel (OEM) Vulnerabilities (USN-5302-1)
- 198707 Ubuntu Security Notification for Linux kernel Vulnerabilities (USN-5339-1)
- 198708 Ubuntu Security Notification for Linux kernel Vulnerabilities (USN-5337-1)
- 198709 Ubuntu Security Notification for Linux kernel Vulnerabilities (USN-5338-1)
- 198728 Ubuntu Security Notification for Linux kernel (Intel IOTG) Vulnerabilities (USN-5362-1)
- 198731 Ubuntu Security Notification for Linux kernel Vulnerabilities (USN-5368-1)
- 198740 Ubuntu Security Notification for Linux kernel (BlueField) Vulnerabilities (USN-5377-1)
- 240125 Red Hat Update for kernel-rt (RHSA-2022:0821)
- 240128 Red Hat Update for kernel security (RHSA-2022:0825)
- 240129 Red Hat Update for kernel security (RHSA-2022:0820)
- 240130 Red Hat Update for kernel-rt (RHSA-2022:0819)
- 240144 Red Hat Update for kpatch-patch (RHSA-2022:0849)
- 240154 Red Hat Update for kpatch-patch (RHSA-2022:0925)
- 240220 Red Hat Update for kernel-rt (RHSA-2022:1413)
- 240221 Red Hat Update for kpatch-patch (RHSA-2022:1418)
- 240224 Red Hat Update for kernel security (RHSA-2022:1455)
- 240352 Red Hat Update for kpatch-patch (RHSA-2022:4655)
- 240355 Red Hat Update for kernel-rt (RHSA-2022:4644)
- 240356 Red Hat Update for kernel (RHSA-2022:4642)
- 240418 Red Hat Update for kpatch-patch (RHSA-2022:0851)
- 257171 CentOS Security Update for kernel (CESA-2022:4642)
- 353160 Amazon Linux Security Advisory for kernel : ALAS2-2022-1749
- 353161 Amazon Linux Security Advisory for kernel : ALAS-2022-1563
- 353165 Amazon Linux Security Advisory for kernel : ALAS2KERNEL-5.4-2022-022
- 353166 Amazon Linux Security Advisory for kernel : ALAS2KERNEL-5.10-2022-010
- 353242 Amazon Linux Security Advisory for kernel : ALAC2012-2022-036
- 353243 Amazon Linux Security Advisory for kmod-mlx5 : ALAC2012-2022-037
- 353244 Amazon Linux Security Advisory for kmod-sfc : ALAC2012-2022-038
- 354304 Amazon Linux Security Advisory for kernel : ALAS2022-2022-024
- 354468 Amazon Linux Security Advisory for kernel : ALAS2022-2022-185
- 354542 Amazon Linux Security Advisory for kernel : ALAS-2022-185
- 355199 Amazon Linux Security Advisory for kernel : ALAS2023-2023-070
- 376925 Alibaba Cloud Linux Security Update for cloud-kernel (ALINUX3-SA-2022:0125)
- 377124 Alibaba Cloud Linux Security Update for cloud-kernel (ALINUX3-SA-2022:0029)
- 377703 F5 BIG-IP Linux kernel vulnerability cve-2022-0492 (K54724312)
- 390264 Oracle VM Server for x86 Security Update for kernel (OVMSA-2022-0021)
- 610418 Google Pixel Android June 2022 Security Patch Missing
- 610422 Google Android July 2022 Security Patch Missing for Huawei EMUI
- 6140405 AWS Bottlerocket Security Update for kernel (GHSA-cc3r-wh87-c924)
- 671441 EulerOS Security Update for kernel (EulerOS-SA-2022-1366)
- 671561 EulerOS Security Update for kernel (EulerOS-SA-2022-1523)
- 671703 EulerOS Security Update for kernel (EulerOS-SA-2022-1735)
- 671723 EulerOS Security Update for kernel (EulerOS-SA-2022-1780)
- 671724 EulerOS Security Update for kernel (EulerOS-SA-2022-1779)
- 671726 EulerOS Security Update for kernel (EulerOS-SA-2022-1782)
- 671727 EulerOS Security Update for kernel (EulerOS-SA-2022-1781)
- 751831 SUSE Enterprise Linux Security Update for the Linux Kernel (SUSE-SU-2022:0768-1)
- 751832 SUSE Enterprise Linux Security Update for the Linux Kernel (SUSE-SU-2022:0765-1)
- 751833 SUSE Enterprise Linux Security Update for the Linux Kernel (SUSE-SU-2022:0757-1)
- 751835 SUSE Enterprise Linux Security Update for the Linux Kernel (SUSE-SU-2022:0767-1)
- 751836 SUSE Enterprise Linux Security Update for the Linux Kernel (SUSE-SU-2022:0759-1)
- 751837 SUSE Enterprise Linux Security Update for the Linux Kernel (SUSE-SU-2022:0762-1)
- 751838 SUSE Enterprise Linux Security Update for the Linux Kernel (SUSE-SU-2022:0766-1)
- 751851 OpenSUSE Security Update for the Linux Kernel (openSUSE-SU-2022:0768-1)
- 751852 OpenSUSE Security Update for the Linux Kernel (openSUSE-SU-2022:0755-1)
- 751853 OpenSUSE Security Update for the Linux Kernel (openSUSE-SU-2022:0760-1)
- 751939 SUSE Enterprise Linux Security Update for the Linux Kernel (Live Patch 27 for SLE 12 SP5) (SUSE-SU-2022:1012-1)
- 751950 SUSE Enterprise Linux Security Update for the Linux Kernel (Live Patch 42 for SLE 12 SP3) (SUSE-SU-2022:1036-1)
- 751999 SUSE Enterprise Linux Security Update for the Linux Kernel (SUSE-SU-2022:0760-1)
- 753086 SUSE Enterprise Linux Security Update for the Linux Kernel (SUSE-SU-2022:0755-1)
- 753132 SUSE Enterprise Linux Security Update for the Linux Kernel (Live Patch 2 for SLE 15 SP3) (SUSE-SU-2022:0978-1)
- 753285 SUSE Enterprise Linux Security Update for the Linux Kernel (Live Patch 12 for SLE 15 SP2) (SUSE-SU-2022:1035-1)
- 753300 SUSE Enterprise Linux Security Update for the Linux Kernel (Live Patch 28 for SLE 12 SP5) (SUSE-SU-2022:0991-1)
- 753327 SUSE Enterprise Linux Security Update for the Linux Kernel (Live Patch 13 for SLE 15 SP3) (SUSE-SU-2022:0998-1)
- 753348 SUSE Enterprise Linux Security Update for the Linux Kernel (SUSE-SU-2022:1038-1)
- 753373 SUSE Enterprise Linux Security Update for the Linux Kernel (SUSE-SU-2022:1257-1)
- 753441 SUSE Enterprise Linux Security Update for the Linux Kernel (SUSE-SU-2022:14905-1)
- 753487 SUSE Enterprise Linux Security Update for the Linux Kernel (Live Patch 10 for SLE 15 SP3) (SUSE-SU-2022:0984-1)
- 900744 Common Base Linux Mariner (CBL-Mariner) Security Update for kernel (8945)
- 901650 Common Base Linux Mariner (CBL-Mariner) Security Update for kernel (8966-1)
- 906094 Common Base Linux Mariner (CBL-Mariner) Security Update for kernel (8945-1)
- 906425 Common Base Linux Mariner (CBL-Mariner) Security Update for kernel (8966-2)
- 940463 AlmaLinux Security Update for kernel (ALSA-2022:0825)
- 960113 Rocky Linux Security Update for kernel-rt (RLSA-2022:819)
- 960116 Rocky Linux Security Update for kernel (RLSA-2022:825)
- 960782 Rocky Linux Security Update for kernel-rt (RLSA-2022:0819)
- 960805 Rocky Linux Security Update for kernel (RLSA-2022:0825)