CVE-2022-0492
high
KEV
EU-EXPLOITED
CVSS v3
7.8
CVSS v4 NEW
โ
VIR risk
10.0
Description
Linux Kernel contains an improper authentication vulnerability which could allow for privilege escalation via the cgroups v1 release_agent feature.
CISA KEV
- Vendor
- Linux
- Product
- Kernel
- Due date
- 2026-06-05
Predictions
Exploit likelihood
99%
Patch ETA
โ
Heuristic predictions, AS-IS, for prioritization only.
Mitigations
No mitigations published for this CVE yet.
The vendor-content worker queues fetches as references arrive (check back in a few minutes). Or โ if you've already worked around this in production โ publish your fix to the community-verified tier.
โ Propose a mitigation on Community โ Mitigations published via the community go through AI scoring + 2 human reviewers + 7-day silent objection window before landing here withsource_tier=community-verified.
Exploits
Public proof-of-concept code below. AS-IS, for defenders and authorised testing only.
Metasploit modules
Source fetch failed: fetch_error โ view the original via the link above.
OS impact
Fedora Affected 1 release
| Version | Status | Fixed in |
|---|---|---|
| 35 | Affected | โ |
Linux kernel Affected 2 releases
| Version | Status | Fixed in |
|---|---|---|
| 5.17 | Affected | โ |
| โ | Affected | 4.9.301 |
SUSE Affected 1 release
| Version | Status | Fixed in |
|---|---|---|
| โ | Affected | โ |
Ubuntu Affected 5 releases
| Version | Status | Fixed in |
|---|---|---|
| 22.04 | Affected | โ |
| 20.04 | Affected | โ |
| 18.04 | Affected | โ |
| 16.04 | Affected | โ |
| 14.04 | Affected | โ |
Debian Mixed 8 releases
| Version | Status | Fixed in |
|---|---|---|
| trixie | Fixed | 5.16.7-1 |
| sid | Fixed | 5.16.7-1 |
| forky | Fixed | 5.16.7-1 |
| bullseye | Fixed | 5.10.103-1 |
| bookworm | Fixed | 5.16.7-1 |
| 11.0 | Affected | โ |
| 10.0 | Affected | โ |
| 9.0 | Affected | โ |
Red Hat Mixed 3 releases
| Version | Status | Fixed in |
|---|---|---|
| 8.2 | Affected | โ |
| 8.0 | Affected | โ |
| 8 | Fixed | โ |
Rocky Linux Fixed 1 release
| Version | Status | Fixed in |
|---|---|---|
| 8 | Fixed | โ |
Application impact
| Vendor | Product | Versions | Fixed |
|---|---|---|---|
| redhat | codeready_linux_builder | 8.0 | |
| redhat | codeready_linux_builder | 8.2 | |
| redhat | codeready_linux_builder_for_power_little_endian | 8.0 | |
| redhat | codeready_linux_builder_for_power_little_endian | 8.2 | |
| redhat | virtualization_host | 4.0 | |
| netapp | solidfire\,_enterprise_sds_\&_hci_storage_node | - | |
| netapp | solidfire_\&_hci_management_node | - | |
| netapp | h300e | - | |
| netapp | h300s | - | |
| netapp | h410c | - | |
| netapp | h410s | - | |
| netapp | h500e | - | |
| netapp | h500s | - | |
| netapp | h700e | - | |
| netapp | h700s | - | |
| netapp | hci_compute_node | - | |
References
- https://www.suse.com/security/cve/CVE-2022-0492.html
- https://errata.rockylinux.org/RLSA-2022:0825
- https://errata.rockylinux.org/RLSA-2022:0819
- https://security-tracker.debian.org/tracker/CVE-2022-0492
- https://errata.almalinux.org/8/ALSA-2022-0825.html
- https://access.redhat.com/errata/RHSA-2022:0819
- https://access.redhat.com/errata/RHSA-2022:0825
- https://access.redhat.com/errata/RHSA-2022:0849
- http://packetstormsecurity.com/files/166444/Kernel-Live-Patch-Security-Notice-LSN-0085-1.html
- http://packetstormsecurity.com/files/167386/Kernel-Live-Patch-Security-Notice-LSN-0086-1.html
- http://packetstormsecurity.com/files/176099/Docker-cgroups-Container-Escape.html
- https://bugzilla.redhat.com/show_bug.cgi?id=2051505
- https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=24f6008564183aa120d07c03d9289519c2fe02af
- https://lists.debian.org/debian-lts-announce/2022/03/msg00011.html
- https://lists.debian.org/debian-lts-announce/2022/03/msg00012.html
- https://security.netapp.com/advisory/ntap-20220419-0002/
- https://www.debian.org/security/2022/dsa-5095
- https://www.debian.org/security/2022/dsa-5096
- https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2022-0492
- This vulnerability affects a common open-source component, third-party library, or a protocol used by different products. Please check with specific vendors for information on patching status. For more information, please see: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=24f6008564183aa120d07c03d9289519c2fe02af ; https://www.kernel.org/ ; https://nvd.nist.gov/vuln/detail/CVE-2022-0492
CWEs
CWE-287 CWE-862
Community-verified mitigations for this CVE will appear above when contributors publish them.
Verify integrity in audit chain (admin only). AS-IS.