{"vulnerability": "CVE-2022-0492", "sightings": [{"uuid": "1a3844ad-f266-45c3-9c1c-ad7e8a81a895", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-0492", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-06T03:13:45.000000Z"}, {"uuid": "31d49339-55b2-4348-93ab-7d84b2d8137d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-0492", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-23T04:10:41.000000Z"}, {"uuid": "5afb52b3-bd2d-4e39-befe-130054f1cc2e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-0492", "type": "seen", "source": "MISP/a9d21043-f825-4bac-8d2b-56fb9e8343e7", "content": "", "creation_timestamp": "2025-10-23T21:13:00.000000Z"}, {"uuid": "9df47f85-dac0-4028-8eb5-b569c3b11c59", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-0492", "type": "seen", "source": "https://gist.github.com/AyushyaChitransh/3b69f94e19b188ba41ee0c49a282e64c", "content": "", "creation_timestamp": "2025-03-13T20:14:03.000000Z"}, {"uuid": "7e1a3be4-e7e7-4c8c-8f48-f7ad48803239", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-0492", "type": "seen", "source": "https://gist.github.com/jaysonzhao/009a256e76a27584443ee2fe4ab82e66", "content": "", "creation_timestamp": "2025-12-10T04:28:22.000000Z"}, {"uuid": "66258174-ffff-46a9-8b02-4d9586b1c8d6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-0492", "type": "seen", "source": "https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/linux/local/docker_cgroup_escape.rb", "content": "", "creation_timestamp": "2023-12-06T16:32:41.000000Z"}, {"uuid": "aee8e492-15e3-40f7-bc6b-60438cdc5b9d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2022-0492", "type": "seen", "source": "https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0287/", "content": "", "creation_timestamp": "2026-03-13T00:00:00.000000Z"}, {"uuid": "8831272c-c196-4aac-90e9-458cf0bd5796", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-0492", "type": "published-proof-of-concept", "source": "Telegram/pGBSz86okgshWlq1qb7UejnRgKlk7reC0fUjwlHdKavwlxg", "content": "", "creation_timestamp": "2025-12-17T03:00:07.000000Z"}, {"uuid": "a6f83cfc-4ae6-4787-a052-0b0f49c4bb46", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-0492", "type": "published-proof-of-concept", "source": "https://t.me/NinjaSec/290", "content": "1. https://github.com/Sachinart/CVE-2025-32432\nCheck for CVE-2025-32432 vulnerability\n#github #exploit\n\n\n2. https://github.com/helidem/CVE-2025-24054-PoC\nProof of Concept for NTLM Hash Leak via .library-ms CVE-2025-24054\n#github #poc\n\n\n3. https://github.com/ajdumanhug/CVE-2023-46818\nCVE-2023-46818 Python3 Exploit for ISPConfig <= 3.2.11 PHP Code Injection\n#github #exploit\n\n\n4. https://github.com/0x6rss/CVE-2025-24071_PoC\nNTLM hash leak via .library-ms inside ZIP/RAR (CVE-2025-24071)\n#github #poc\n\n\n5. https://github.com/trickest/cve/blob/main/2022/CVE-2022-42092.md\nCVE-2022-42092 \u2013 Backdrop CMS RCE PoC\n#github #exploit\n\n\n6. https://github.com/nomi-sec/PoC-in-GitHub\nAggregated CVE Exploits and PoCs from GitHub\n#github #tool\n\n\n7. https://github.com/SofianeHamlaoui/CVE-2022-0492-Checker\nLinux Container Escape CVE-2022-0492 vulnerability checker\n#github #exploit\n\n\n8. https://github.com/xigney/CVE-2025-24054_PoC\nAlternate NTLM Hash Leak via .library-ms CVE-2025-24054\n#github #poc\n\n\n9. https://github.com/bipbopbup/CVE-2023-46818-python-exploit\nPython PoC for CVE-2023-46818 in ISPConfig\n#github #exploit\n\n\n10. https://github.com/Marcejr117/CVE-2025-24071_PoC\nNTLM Hash Leak using .library-ms via ZIP trick (CVE-2025-24071)\n#github #poc\n\n\n11. https://github.com/Ostorlab/KEV\nKnown Exploited Vulnerabilities Detector\n#github #scanner\n\n\n12. https://github.com/edoardottt/missing-cve-nuclei-templates\nMissing CVE Detection via Nuclei Templates\n#github #scanner\n\n\n13. https://github.com/hyp3rlinx/Advisories\nZero-Day Security Advisories and Exploits by Hyp3rlinx\n#github #exploit\n\n\n14. https://github.com/Kubashok/apple-cve-repos\nApple CVE Database Links Repository\n#github #cve\n\n\n15. https://github.com/esnet/Seccubus_v2\nSeccubus Test Data for Vulnerability Scanners\n#github #tool\n\n\n16. https://github.com/skordemir/Xml2Ontology\nNessus XML Vulnerability Report Samples\n#github #data\n\n\n17. https://github.com/madirish/hector\nHector: Vulnerability Management Tool with Sample Nessus Reports\n#github #tool\n\n\n18. https://github.com/projectdiscovery/nuclei-templates/issues/8804\nNuclei Template request for ISPConfig CVE-2023-46818\n#github #scanner\n\n\n19. https://github.com/projectdiscovery/nuclei-templates/issues/12020\nNuclei Template PoC Request for CraftCMS CVE-2025-32432\n#github #scanner\n\n\n20. https://github.com/tanjiti/sec_profile\nSecurity Profile Aggregator \u2013 CVE, CISA, NVD, etc.\n#github #intel\n\n\n21. https://github.com/cube0x0/CVE-2021-1675\nPrintNightmare Exploit PoC (CVE-2021-1675 / CVE-2021-34527)\n#github #exploit\n\n22. https://github.com/Maldev-Academy/LsassHijackingViaReg\n\nInjecting DLL into LSASS at boot\n#github #tools\n\n\nOpen-source tools and proof-of-concept (PoC) repositories related to recent CVEs, exploits, and security research. These resources are valuable for educational purposes and can aid students in understanding real-world vulnerabilities and exploitation techniques.", "creation_timestamp": "2025-05-05T10:30:13.000000Z"}, {"uuid": "0ea7687c-1232-4af8-9e57-1e8c94cff9c0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-0492", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/1630", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2022\n\u63cf\u8ff0\uff1aTest whether a container environment is vulnerable to container escapes via CVE-2022-0492\nURL\uff1ahttps://github.com/dadhee/CVE-2022-0847_DirtyPipeExploit", "creation_timestamp": "2022-03-09T01:59:27.000000Z"}, {"uuid": "0f615193-d37a-4684-8610-d1943a815078", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-0492", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/1595", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2022\n\u63cf\u8ff0\uff1aA script to check if a container environment is vulnerable to container escapes via CVE-2022-0492\nURL\uff1ahttps://github.com/SofianeHamlaoui/CVE-2022-0492-Checker", "creation_timestamp": "2022-03-06T11:02:27.000000Z"}, {"uuid": "74155edb-de77-47ac-901f-0772530551d8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-0492", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/1611", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2022\n\u63cf\u8ff0\uff1aTest whether a container environment is vulnerable to container escapes via CVE-2022-0492\nURL\uff1ahttps://github.com/PaloAltoNetworks/can-ctr-escape-cve-2022-0492", "creation_timestamp": "2022-03-07T21:11:00.000000Z"}, {"uuid": "db4caf95-4bed-4bf7-a704-a0d9cefbd44d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-0492", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/1647", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2022\n\u63cf\u8ff0\uff1aCVE-2022-0492 EXP and Analysis write up\nURL\uff1ahttps://github.com/chenaotian/CVE-2022-0492", "creation_timestamp": "2022-03-11T08:07:14.000000Z"}, {"uuid": "c4f5d3e6-615a-47f3-bac3-26f4ead248b1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-0492", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/3446", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2022\n\u63cf\u8ff0\uff1aEscaping a Docker Container by using CVE-2016-3714 and CVE-2022-0492.\nURL\uff1ahttps://github.com/SgtMate/container_escape_showcase\n\n\u6807\u7b7e\uff1a#CVE-2022", "creation_timestamp": "2022-11-17T17:31:01.000000Z"}, {"uuid": "6a1b2935-e386-4edc-8c0f-bf204c56269f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-0492", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/3050", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2022\n\u63cf\u8ff0\uff1aCVE-2022-0492-Container-Escape\nURL\uff1ahttps://github.com/yoeelingBin/CVE-2022-0492-Container-Escape\n\n\u6807\u7b7e\uff1a#CVE-2022", "creation_timestamp": "2022-08-27T04:30:59.000000Z"}, {"uuid": "a506020d-9358-4f7e-b69a-0b00122e762d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-0492", "type": "published-proof-of-concept", "source": "Telegram/V7wzcX4F-MozNLAT7FWP3rKubob7JBXGvac2G5pFurlt0fY", "content": "", "creation_timestamp": "2025-07-20T15:00:06.000000Z"}, {"uuid": "21f793d4-7788-44ad-afef-ee9f8fcc8247", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-0492", "type": "published-proof-of-concept", "source": "https://t.me/poxek/1581", "content": "CVE-2022-0492\n\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438: CVE-2022-0492\n\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u0430: \u044f\u0434\u0440\u043e linux - cgroup\n\u0417\u0430\u0442\u0440\u043e\u043d\u0443\u0442\u0430\u044f \u0432\u0435\u0440\u0441\u0438\u044f: ~linux kernel 5.17-rc3\n\u041f\u043e\u0434\u0440\u043e\u0431\u043d\u043e\u0441\u0442\u0438: \u0435\u0441\u043b\u0438 \u0432 \u043a\u043e\u043d\u0442\u0435\u0439\u043d\u0435\u0440\u0435 \u043d\u0435 \u0432\u043a\u043b\u044e\u0447\u0435\u043d\u044b \u0434\u043e\u043f\u043e\u043b\u043d\u0438\u0442\u0435\u043b\u044c\u043d\u044b\u0435 \u043c\u0435\u0440\u044b \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438, \u043e\u043d \u043c\u043e\u0436\u0435\u0442 \u0441\u0431\u0435\u0436\u0430\u0442\u044c \u043d\u0430 \u0445\u043e\u0441\u0442, \u043f\u043e\u043b\u0443\u0447\u0438\u0432 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0438 root \u0432\u043d\u0443\u0442\u0440\u0438 \u043a\u043e\u043d\u0442\u0435\u0439\u043d\u0435\u0440\u0430.\nhttps://github.com/chenaotian/CVE-2022-0492\n\n\u0414\u043d\u0435\u0432\u043d\u0438\u043a \u0411\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u0438\u043a\u0430 \ud83d\udee1", "creation_timestamp": "2022-05-19T13:01:14.000000Z"}, {"uuid": "82148178-9c87-4e7f-84a8-9a26b6d1315a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-0492", "type": "seen", "source": "https://t.me/arpsyndicate/1536", "content": "#ExploitObserverAlert\n\nCVE-2022-0492\n\nDESCRIPTION: Exploit Observer has 56 entries related to CVE-2022-0492. A vulnerability was found in the Linux kernel\u2019s cgroup_release_agent_write in the kernel/cgroup/cgroup-v1.c function. This flaw, under certain circumstances, allows the use of the cgroups v1 release_agent feature to escalate privileges and bypass the namespace isolation unexpectedly.\n\nFIRST-EPSS: 0.000450000\nNVD-IS: 5.9\nNVD-ES: 1.8", "creation_timestamp": "2023-12-07T12:19:34.000000Z"}, {"uuid": "61857547-ad2b-4e96-bae7-a1eb513d1779", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-0492", "type": "seen", "source": "https://t.me/ctinow/48039", "content": "CVE-2022-0492 flaw in Linux Kernel cgroups feature allows container escape\n\nhttps://ift.tt/NHn4m02", "creation_timestamp": "2022-03-06T19:51:35.000000Z"}, {"uuid": "942fe6e1-8859-420a-af35-203a98064837", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-0492", "type": "seen", "source": "https://t.me/cibsecurity/38378", "content": "\u203c CVE-2022-0492 \u203c\n\nA vulnerability was found in the Linux kernel\u00e2\u20ac\u2122s cgroup_release_agent_write in the kernel/cgroup/cgroup-v1.c function. This flaw, under certain circumstances, allows the use of the cgroups v1 release_agent feature to escalate privileges and bypass the namespace isolation unexpectedly.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-03-03T22:26:18.000000Z"}, {"uuid": "e9dcfd41-f037-40f3-9492-7d26b0b8abc7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-0492", "type": "seen", "source": "https://t.me/arpsyndicate/30", "content": "#ExploitObserverAlert\n\nCVE-2022-0492\n\nDESCRIPTION: Exploit Observer has 53 entries related to CVE-2022-0492. A vulnerability was found in the Linux kernel\u2019s cgroup_release_agent_write in the kernel/cgroup/cgroup-v1.c function. This flaw, under certain circumstances, allows the use of the cgroups v1 release_agent feature to escalate privileges and bypass the namespace isolation unexpectedly.\n\nFIRST-EPSS: 0.000450000\nNVD-IS: 5.9\nNVD-ES: 1.8", "creation_timestamp": "2023-11-09T12:49:19.000000Z"}, {"uuid": "fe89f2c2-92d5-44ba-a537-e4149afe23ab", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-0492", "type": "seen", "source": "https://t.me/thehackernews/1951", "content": "Researchers warn of a new high-risk vulnerability (CVE-2022-0492) affecting the Linux kernel's cgroups feature that could potentially be abused to escape a container to execute arbitrary commands on the host.\n\nRead details: https://thehackernews.com/2022/03/new-linux-kernel-cgroups-vulnerability.html", "creation_timestamp": "2022-03-05T09:45:44.000000Z"}, {"uuid": "1d1ba404-094f-4894-83f7-de3e7b5589c5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-0492", "type": "seen", "source": "https://t.me/DerechodelaRed/3976", "content": "\ud83d\udea8\u25b6\ufe0f CISA advierte sobre Dirty Pipe\n\nLa Agencia de Seguridad de Infraestructura y Ciberseguridad avisa de una vulerabilidad que permite la escalada de privilegios en el kernel de Linux en las versiones 5.8 y posteriores, en la misma semana que se anunciaban otras vulnerabilidades que permiten escalada de privilegios en sistemas Linux como el CVE-2022-0492.\n\nhttps://unaaldia.hispasec.com/2022/03/cisa-advierte-sobre-dirty-pipe.html\n\n\ud83d\udd0a t.me/derechodelared", "creation_timestamp": "2022-03-16T20:39:46.000000Z"}, {"uuid": "434f2dfc-9801-45fc-9f0d-821f5f0c1831", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-0492", "type": "seen", "source": "https://t.me/CyberSecurityTechnologies/5786", "content": "#Analytics\nTop 10 Most Used Vulns of the Month (Mar 1-31)\n\nCVE-2022-1096 - Type Confusion in V8\nhttps://github.com/Maverick-cmd/Chrome-and-Edge-Version-Dumper\nCVE-2022-0847 - Dirty Pipe Vuln\nhttps://t.me/CyberSecurityTechnologies/5560\nCVE-2022-0778 - OpenSSL Illegal x.509 certificate construction\nhttps://t.me/CyberSecurityTechnologies/5692\nCVE-2022-0492 - Privilege escalation vuln causing container escape\nhttps://sysdig.com/blog/detecting-mitigating-cve-2022-0492-sysdig\nCVE-2022-22947 - Spring Cloud Gateway RCE\nhttps://t.me/CyberSecurityTechnologies/5554\nCVE-2022-22963 - Spring Core RCE\nhttps://t.me/CyberSecurityTechnologies/5711\nCVE-2022-25636 - net/netfilter/nf_dup_netdev.c in the Linux kernel <5.6.10 allows local users to gain privileges because of a heap out-of-bounds write\nhttps://t.me/CyberSecurityTechnologies/5570\nCVE-2022-27254 - Vuln in Honda's Remote Keyless System\nhttps://github.com/nonamecoder/CVE-2022-27254\nCVE-2022-0609 - https://blog.google/threat-analysis-group/countering-threats-north-korea", "creation_timestamp": "2022-04-11T11:00:21.000000Z"}, {"uuid": "1b65d052-4c8f-4ddb-a54a-31cf7eef801c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-0492", "type": "published-proof-of-concept", "source": "https://t.me/BlueRedTeam/2477", "content": "#CVE-2022\nEscaping a Docker Container by using CVE-2016-3714 and CVE-2022-0492.\n\nhttps://github.com/SgtMate/container_escape_showcase\n\n@BlueRedTeam", "creation_timestamp": "2022-11-21T07:35:12.000000Z"}, {"uuid": "ba9d9394-e60b-4467-9056-f2897f39dca2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-0492", "type": "seen", "source": "https://t.me/conservativejblQck1776/70982", "content": "New Linux Kernel cgroups Vulnerability Could Let Attackers Escape Container\n\nDetails have emerged about a now-patched high-severity vulnerability in the Linux kernel that could potentially be abused to escape a container in order to execute arbitrary commands on the container host.\n\nThe shortcoming resides in a Linux kernel feature called control groups, also referred to as cgroups version 1 (v1), which allows processes to be organized into hierarchical groups, thereby making it possible to limit and monitor the usage of resources such as CPU, memory, disk I/O, and network.\n\nTracked as CVE-2022-0492 (CVSS score: 7.0), the issue concerns a case of privilege escalation in the cgroups v1 release_agent functionality, a script that's executed following the termination of any process in the cgroup. (continued at the link below)\n\nhttps://thehackernews.com/2022/03/new-linux-kernel-cgroups-vulnerability.html", "creation_timestamp": "2022-03-05T22:52:04.000000Z"}, {"uuid": "afef8cfd-8ebc-42bd-afe4-784571036af7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-0492", "type": "seen", "source": "https://t.me/sysodmins/14241", "content": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u044f\u0434\u0440\u0430 Linux, \u043e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u0435\u043c\u0430\u044f \u043a\u0430\u043a CVE-2022-0492, \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u0432\u044b\u0439\u0442\u0438 \u0438\u0437 \u043a\u043e\u043d\u0442\u0435\u0439\u043d\u0435\u0440\u0430 \u0438 \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0435 \u043a\u043e\u043c\u0430\u043d\u0434\u044b \u043d\u0430 \u0445\u043e\u0441\u0442\u0435 \u043a\u043e\u043d\u0442\u0435\u0439\u043d\u0435\u0440\u0430.\n\n\u0418\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043d\u0430\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u044f\u0434\u0440\u0430 Linux \u0432\u044b\u0441\u043e\u043a\u043e\u0439 \u0441\u0442\u0435\u043f\u0435\u043d\u0438 \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u043e\u0441\u0442\u0438, \u043e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u0435\u043c\u0430\u044f \u043a\u0430\u043a CVE-2022-0492 (CVSS score: 7.0), \u043c\u043e\u0436\u0435\u0442 \u0431\u044b\u0442\u044c \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0430 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u043e\u043c \u0434\u043b\u044f \u0432\u044b\u0445\u043e\u0434\u0430 \u0438\u0437 \u043a\u043e\u043d\u0442\u0435\u0439\u043d\u0435\u0440\u0430 \u0438 \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0445 \u043a\u043e\u043c\u0430\u043d\u0434 \u043d\u0430 \u0445\u043e\u0441\u0442\u0435 \u043a\u043e\u043d\u0442\u0435\u0439\u043d\u0435\u0440\u0430.\n\n\u041f\u0440\u043e\u0431\u043b\u0435\u043c\u0430 \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 \u0441\u043e\u0431\u043e\u0439 \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043e\u043a \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u0438\u044f \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439, \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u044e\u0449\u0438\u0439 \u0444\u0443\u043d\u043a\u0446\u0438\u044e \u044f\u0434\u0440\u0430 Linux \u043f\u043e\u0434 \u043d\u0430\u0437\u0432\u0430\u043d\u0438\u0435\u043c control groups (\u0433\u0440\u0443\u043f\u043f\u044b), \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043e\u0433\u0440\u0430\u043d\u0438\u0447\u0438\u0432\u0430\u0435\u0442, \u0443\u0447\u0438\u0442\u044b\u0432\u0430\u0435\u0442 \u0438 \u0438\u0437\u043e\u043b\u0438\u0440\u0443\u0435\u0442 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0440\u0435\u0441\u0443\u0440\u0441\u043e\u0432 (CPU, \u043f\u0430\u043c\u044f\u0442\u044c, \u0434\u0438\u0441\u043a\u043e\u0432\u044b\u0439 \u0432\u0432\u043e\u0434/\u0432\u044b\u0432\u043e\u0434, \u0441\u0435\u0442\u044c \u0438 \u0442.\u0434.) \u043d\u0430\u0431\u043e\u0440\u0430 \u043f\u0440\u043e\u0446\u0435\u0441\u0441\u043e\u0432.\n\n\"\u041e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 \u0444\u0443\u043d\u043a\u0446\u0438\u0438 cgroup_release_agent_write \u044f\u0434\u0440\u0430 Linux \u0432 \u0444\u0430\u0439\u043b\u0435 kernel/cgroup/cgroup-v1.c. \u042d\u0442\u043e\u0442 \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043e\u043a \u043f\u0440\u0438 \u043e\u043f\u0440\u0435\u0434\u0435\u043b\u0435\u043d\u043d\u044b\u0445 \u043e\u0431\u0441\u0442\u043e\u044f\u0442\u0435\u043b\u044c\u0441\u0442\u0432\u0430\u0445 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u0444\u0443\u043d\u043a\u0446\u0438\u044e cgroups v1 release_agent \u0434\u043b\u044f \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u0438\u044f \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439 \u0438 \u043d\u0435\u043e\u0436\u0438\u0434\u0430\u043d\u043d\u043e\u0433\u043e \u043e\u0431\u0445\u043e\u0434\u0430 \u0438\u0437\u043e\u043b\u044f\u0446\u0438\u0438 \u043f\u0440\u043e\u0441\u0442\u0440\u0430\u043d\u0441\u0442\u0432\u0430 \u0438\u043c\u0435\u043d.\" - \u0433\u043e\u0432\u043e\u0440\u0438\u0442\u0441\u044f \u0432 \u043a\u043e\u043d\u0441\u0443\u043b\u044c\u0442\u0430\u0442\u0438\u0432\u043d\u043e\u043c \u043f\u0438\u0441\u044c\u043c\u0435, \u043e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043d\u043d\u043e\u043c \u0434\u043b\u044f \u044d\u0442\u043e\u0433\u043e \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043a\u0430", "creation_timestamp": "2022-03-09T01:34:55.000000Z"}]}