CVE-2022-0492

Name of the Vulnerable Software and Affected Versions Linux Kernel versions 2.6.24 through 4.9.300 Linux Kernel versions 4.14.0 through 4.14.265 Linux Kernel versions 4.19.0 through 4.19.228 Linux Kernel versions 5.4.0 through 5.4.176 Linux Kernel versions 5.10.0 through 5.10.96 Linux Kernel versions 5.15.0 through 5.15.25 Linux Kernel versions 5.16.0 through 5.16.11

Description A flaw exists in the cgroup release agent write function within the kernel/cgroup/cgroup-v1.c file of the Linux kernel. This issue stems from a lack of privilege control when configuring the release agent feature of cgroups v1 (Control Groups v1), which are Linux functions used to limit, account for, and isolate resource usage for sets of processes. Under certain circumstances, this allows an attacker to bypass namespace isolation, escape from an isolated container, and escalate privileges to root access on the host system. This issue has been actively exploited in real-world incidents to achieve container escapes and lateral movement to host systems.

Recommendations Update the Linux Kernel to versions 4.9.301, 4.14.266, 4.19.229, 5.4.177, 5.10.97, 5.15.26, or 5.16.12. Enable AppArmor or SELinux to prevent container escape. Enable Seccomp to mitigate the risk of exploitation.