canonical ubuntu-linux CVE-2022-0492 vulnerability in Canonical and Other Products
Published on March 3, 2022

product logo product logo product logo product logo product logo product logo
A vulnerability was found in the Linux kernels cgroup_release_agent_write in the kernel/cgroup/cgroup-v1.c function. This flaw, under certain circumstances, allows the use of the cgroups v1 release_agent feature to escalate privileges and bypass the namespace isolation unexpectedly.

Vendor Advisory Vendor Advisory NVD

Known Exploited Vulnerability

This Linux Kernel Improper Authentication Vulnerability is part of CISA's list of Known Exploited Vulnerabilities. Linux Kernel contains an improper authentication vulnerability which could allow for privilege escalation via the cgroups v1 release_agent feature.

The following remediation steps are recommended / required by June 5, 2026: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.

Vulnerability Analysis

CVE-2022-0492 is exploitable with local system access, and requires small amount of user privileges. This vulnerability is considered to have a low attack complexity. This vulnerability is known to be actively exploited by threat actors. The potential impact of an exploit of this vulnerability is considered to be very high.

Attack Vector:
LOCAL
Attack Complexity:
LOW
Privileges Required:
LOW
User Interaction:
NONE
Scope:
UNCHANGED
Confidentiality Impact:
HIGH
Integrity Impact:
HIGH
Availability Impact:
HIGH

Weakness Type

What is an authentification Vulnerability?

When an actor claims to have a given identity, the software does not prove or insufficiently proves that the claim is correct.

CVE-2022-0492 has been classified to as an authentification vulnerability or weakness.


Products Associated with CVE-2022-0492

You can be notified by email with stack.watch whenever vulnerabilities like CVE-2022-0492 are published in these products:

Canonical Ubuntu Linux
 
Linux Kernel
 
Debian Linux
 
Red Hat Virtualization Host
 
Red Hat Codeready Linux Builder
 
Red Hat Codeready Linux Builder Power Little Endian
 
Red Hat Enterprise Linux (RHEL)
 
Red Hat Enterprise Linux Eus
 
Red Hat Enterprise Linux Ibm Z Systems
 
Red Hat Enterprise Linux Ibm Z Systems Eus
 
Red Hat Enterprise Linux Power Little Endian
 
Red Hat Enterprise Linux Power Little Endian Eus
 
Red Hat Enterprise Linux Real Time Nfv Tus
 
Red Hat Enterprise Linux Real Time Tus
 
Red Hat Enterprise Linux Server Aus
 
Red Hat Enterprise Linux Server Power Little Endian Update Services Sap Solutions
 
Red Hat Enterprise Linux Server Tus
 
Red Hat Enterprise Linux Server Update Services Sap Solutions
 
Fedora Project Fedora
 
NetApp Solidfire Hci Management Node
 
NetApp Hci Compute Node
 
NetApp Baseboard Management Controller H410c
 
NetApp Solidfire Enterprise Sds Hci Storage Node
 
NetApp Baseboard Management Controller H300s
 
NetApp Baseboard Management Controller H500s
 
NetApp Baseboard Management Controller H700s
 
NetApp Baseboard Management Controller H300e
 
NetApp Baseboard Management Controller H500e
 
NetApp Baseboard Management Controller H700e
 
NetApp Baseboard Management Controller H410s
 
NetApp H300s
 
NetApp H500s
 
NetApp H700s
 
NetApp H300e
 
NetApp H500e
 
NetApp H700e
 
NetApp H410s
 
NetApp H410c
 

Exploit Probability

EPSS
5.53%
Percentile
91.80%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.