CVE-2022-0492
7.8 HIGHA vulnerability was found in the Linux kernel’s cgroup_release_agent_write in the kernel/cgroup/cgroup-v1.c function
Published: 2022-03-03 · Last updated: 2026-06-03
Severity and scoring
- CVSS
- 7.8 HIGH
- Vector
- CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
- CWE
- CWE-287, CWE-862
Affected products
| Vendor | Product |
|---|---|
| canonical | bootstrap_os, codeready_linux_builder, codeready_linux_builder_for_power_little_endian |
| debian | bootstrap_os, codeready_linux_builder, codeready_linux_builder_for_power_little_endian |
| fedoraproject | bootstrap_os, codeready_linux_builder, codeready_linux_builder_for_power_little_endian |
| linux | bootstrap_os, codeready_linux_builder, codeready_linux_builder_for_power_little_endian |
| netapp | bootstrap_os, codeready_linux_builder, codeready_linux_builder_for_power_little_endian |
| redhat | bootstrap_os, codeready_linux_builder, codeready_linux_builder_for_power_little_endian |
Description
A vulnerability was found in the Linux kernel’s cgroup_release_agent_write in the kernel/cgroup/cgroup-v1.c function. This flaw, under certain circumstances, allows the use of the cgroups v1 release_agent feature to escalate privileges and bypass the namespace isolation unexpectedly.
Source: NVD
References
- [NVD]https://nvd.nist.gov/vuln/detail/CVE-2022-0492
- [Other]http://packetstormsecurity.com/files/166444/Kernel-Live-Patch-Security-Notice-LSN-0085-1.html
- [Other]http://packetstormsecurity.com/files/167386/Kernel-Live-Patch-Security-Notice-LSN-0086-1.html
- [Exploit reference]http://packetstormsecurity.com/files/176099/Docker-cgroups-Container-Escape.html
- [Patch]https://bugzilla.redhat.com/show_bug.cgi?id=2051505
- [Patch]https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=24f6008564183aa120d07c03d9289519c2fe02af
- [Other]https://lists.debian.org/debian-lts-announce/2022/03/msg00011.html
- [Other]https://lists.debian.org/debian-lts-announce/2022/03/msg00012.html
- [Other]https://security.netapp.com/advisory/ntap-20220419-0002/
- [Other]https://www.debian.org/security/2022/dsa-5095
- [Other]https://www.debian.org/security/2022/dsa-5096
- [Other]http://packetstormsecurity.com/files/166444/Kernel-Live-Patch-Security-Notice-LSN-0085-1.html
- [Other]http://packetstormsecurity.com/files/167386/Kernel-Live-Patch-Security-Notice-LSN-0086-1.html
- [Exploit reference]http://packetstormsecurity.com/files/176099/Docker-cgroups-Container-Escape.html
- [Patch]https://bugzilla.redhat.com/show_bug.cgi?id=2051505
- [Patch]https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=24f6008564183aa120d07c03d9289519c2fe02af
- [Other]https://lists.debian.org/debian-lts-announce/2022/03/msg00011.html
- [Other]https://lists.debian.org/debian-lts-announce/2022/03/msg00012.html
- [Other]https://security.netapp.com/advisory/ntap-20220419-0002/
- [Other]https://www.debian.org/security/2022/dsa-5095
- [Other]https://www.debian.org/security/2022/dsa-5096
- [Other]https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2022-0492
Related CVEs
Same vendor
- CVE-2026-1767 — A flaw was found in the GNOME localsearch (previously known as tracker-miners) MP3 Extractor `tracker-extract-mp3` component (5.6 MEDIUM)
- CVE-2026-1766 — A flaw was found in GNOME localsearch (previously known as tracker-miners) MP3 Extractor, specifically within the tracker-extract-mp3 com... (5.6 MEDIUM)
- CVE-2026-11793 — A stack buffer overflow flaw was found in 389 Directory Server (4.9 MEDIUM)
- CVE-2026-11790 — A flaw was found in 389 Directory Server (4.9 MEDIUM)
- CVE-2026-11789 — A flaw was found in 389 Directory Server (4.9 MEDIUM)
Same CWE
- CVE-2026-12105 — Improper access control in Devolutions Server 2026.2.5, 2026.1.21 allows an authenticated user to access attachments via folder duplicat...
- CVE-2026-53866 — OpenClaw before 2026.5.12 contains an allowlist bypass vulnerability in shell inline-command parsing that allows authenticated operators ... (8.1 HIGH)
- CVE-2026-53851 — OpenClaw before 2026.5.12 contains a notification bypass vulnerability allowing Slack reaction events to enter the agent pipeline despite... (5.3 MEDIUM)
- CVE-2026-53850 — OpenClaw before 2026.4.25 contains a control scope enforcement bypass vulnerability in the focus command that allows authenticated caller... (5.5 MEDIUM)
- CVE-2026-53844 — OpenClaw before 2026.4.29 contains a session visibility check bypass vulnerability in shared memory search that allows authenticated call... (6.5 MEDIUM)