CVE-2022-0492: Privilege escalation vulnerability causing container escape


output etc/passwd container scape

Linux maintainers disclosed a privilege escalation vulnerability in the Linux Kernel. The vulnerability has been issued a Common Vulnerability and Exposures ID of CVE-2022-0492 and is rated as a High (7.0) severity.

The flaw occurs in cgroups permitting an attacker to escape container environments, and elevate privileges.

The vulnerable code was found in the Linux Kernel’s cgroup_release_agent_write in the kernel/cgroup/cgroup-v1.c function. A patch released fixes this issue in the version kernel 5.17 rc3.

Most container environments have already the security settings enabled by default to prevent container escape. In fact, containers running with SELinuxAppArmor, or Seccomp are protected. That being said, we all know containers run without following the security best practice aren’t unusual and it might expose your environment to serious risks.

In any case, we suggest all Linux users are advised to download and install the latest version of the Kernel.

Read more…