VulnCheck KEV: CVE-2022-0492

A vulnerability was found in the Linux kernel’s cgroupreleaseagentwrite in the kernel/cgroup/cgroup-v1.c function. This flaw, under certain circumstances, allows the use of the cgroups v1 releaseagent feature to escalate privileges and bypass the namespace isolation unexpectedly...

Docker cgroups Container Escape

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Docker cgroups Container Escape', 'Description' = %q This exploit module takes advantage of a Docker image which has either the privileged flag, ...

Important: Red Hat Security Advisory: kpatch-patch security update

An update for kpatch-patch is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...

Important: Red Hat Security Advisory: kernel security and bug fix update

An update for kernel is now available for Red Hat Enterprise Linux 7.6 Advanced Update Support, Red Hat Enterprise Linux 7.6 Telco Extended Update Support, and Red Hat Enterprise Linux 7.6 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impac...

kernel: cgroups v1 release_agent feature may allow privilege escalation

A vulnerability was found in the Linux kernel’s cgroupreleaseagentwrite in the kernel/cgroup/cgroup-v1.c function. This flaw, under certain circumstances, allows the use of the cgroups v1 releaseagent feature to escalate privileges and bypass the namespace isolation unexpectedly...

USN-5377-1 linux-bluefield vulnerabilities

It was discovered that the network traffic control implementation in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2022-1055 Yiqi Sun and Kevin Wang discovered that the...

USN-5368-1 linux-azure-5.13, linux-oracle-5.13 vulnerabilities

It was discovered that the BPF verifier in the Linux kernel did not properly restrict pointer types in certain situations. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2022-23222 It was discovered that the network traffic contro...

USN-5362-1 linux-intel-5.13 vulnerabilities

Nick Gregory discovered that the Linux kernel incorrectly handled network offload functionality. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. CVE-2022-25636 Enrico Barberis, Pietro Frigo, Marius Muench, Herbert Bos, and Cristiano Giuffrida...

LSN-0085-1: Kernel Live Patch Security Notice

Yiqi Sun and Kevin Wang discovered that the cgroups implementation in the Linux kernel did not properly restrict access to the cgroups v1 releaseagent feature. A local attacker could use this to gain administrative privileges.CVE-2022-0492 Nick Gregory discovered that the Linux kernel incorrectly...

Important: Red Hat Security Advisory: kpatch-patch-4_18_0-147_58_1 security and bug fix update

An update for kpatch-patch-4180-147581 is now available for Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severi...

RHEL 8 : kpatch-patch (RHSA-2022:0849)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2022:0849 advisory. This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel...

Important: Red Hat Security Advisory: kpatch-patch security update

An update for kpatch-patch is now available for Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, i...

Slackware Linux 15.0 kernel-generic Multiple Vulnerabilities (SSA:2022-067-01)

The version of kernel-generic installed on the remote host is prior to 5.15.27 / 5.15.27smp. It is, therefore, affected by multiple vulnerabilities as referenced in the SSA:2022-067-01 advisory. - A use-after-free vulnerability was found in rtsxusbmsdrvremove in drivers/memstick/host/rtsxusbms.c ...

CVE-2022-0492

A vulnerability was found in the Linux kernel’s cgroupreleaseagentwrite in the kernel/cgroup/cgroup-v1.c function. This flaw, under certain circumstances, allows the use of the cgroups v1 releaseagent feature to escalate privileges and bypass the namespace isolation unexpectedly...

USN-5302-1 linux-oem-5.14 vulnerabilities

Yiqi Sun and Kevin Wang discovered that the cgroups implementation in the Linux kernel did not properly restrict access to the cgroups v1 releaseagent feature. A local attacker could use this to gain administrative privileges. CVE-2022-0492 Brendan Dolan-Gavitt discovered that the Marvell WiFi-Ex...

Unbreakable Enterprise kernel-container security update

5.4.17-2136.302.7.2.3 - cgroup-v1: Require capabilities to set releaseagent Eric W. Biederman Orabug: 33832574 CVE-2022-0492...

Important: kernel

Issue Overview: A denial of service flaw for virtual machine guests in the Linux kernel's Xen hypervisor subsystem was found in the way users call some interrupts with high frequency from one of the guests. A local user could use this flaw to starve the resources resulting in a denial of service...