A vulnerability was found in the Linux kernel’s cgroup_release_agent_write in the kernel/cgroup/cgroup-v1.c function. This flaw, under certain circumstances, allows the use of the cgroups v1 release_agent feature to escalate privileges and bypass the namespace isolation unexpectedly.
References
Link | Resource |
---|---|
http://packetstormsecurity.com/files/166444/Kernel-Live-Patch-Security-Notice-LSN-0085-1.html | Third Party Advisory VDB Entry |
http://packetstormsecurity.com/files/167386/Kernel-Live-Patch-Security-Notice-LSN-0086-1.html | Third Party Advisory VDB Entry |
http://packetstormsecurity.com/files/176099/Docker-cgroups-Container-Escape.html | |
https://bugzilla.redhat.com/show_bug.cgi?id=2051505 | Issue Tracking Patch Third Party Advisory |
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=24f6008564183aa120d07c03d9289519c2fe02af | Patch Vendor Advisory |
https://lists.debian.org/debian-lts-announce/2022/03/msg00011.html | Mailing List Third Party Advisory |
https://lists.debian.org/debian-lts-announce/2022/03/msg00012.html | Mailing List Third Party Advisory |
https://security.netapp.com/advisory/ntap-20220419-0002/ | Third Party Advisory |
https://www.debian.org/security/2022/dsa-5095 | Third Party Advisory |
https://www.debian.org/security/2022/dsa-5096 | Third Party Advisory |
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
|
Configuration 3 (hide)
|
Configuration 4 (hide)
|
Configuration 5 (hide)
|
Configuration 6 (hide)
|
History
07 Dec 2023, 15:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
09 Nov 2023, 13:57
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:h:netapp:baseboard_management_controller_h500s:-:*:*:*:*:*:*:* cpe:2.3:h:netapp:baseboard_management_controller_h300e:-:*:*:*:*:*:*:* cpe:2.3:h:netapp:baseboard_management_controller_h300s:-:*:*:*:*:*:*:* cpe:2.3:h:netapp:baseboard_management_controller_h700s:-:*:*:*:*:*:*:* cpe:2.3:h:netapp:baseboard_management_controller_h410s:-:*:*:*:*:*:*:* cpe:2.3:h:netapp:baseboard_management_controller_h700e:-:*:*:*:*:*:*:* cpe:2.3:h:netapp:baseboard_management_controller_h500e:-:*:*:*:*:*:*:* |
cpe:2.3:h:netapp:h410c:-:*:*:*:*:*:*:* cpe:2.3:h:netapp:h700s:-:*:*:*:*:*:*:* cpe:2.3:h:netapp:h410s:-:*:*:*:*:*:*:* cpe:2.3:h:netapp:h300s:-:*:*:*:*:*:*:* cpe:2.3:h:netapp:h300e:-:*:*:*:*:*:*:* cpe:2.3:h:netapp:h700e:-:*:*:*:*:*:*:* cpe:2.3:h:netapp:h500e:-:*:*:*:*:*:*:* cpe:2.3:h:netapp:h500s:-:*:*:*:*:*:*:* |
First Time |
Netapp h500e
Netapp h410c Netapp h300e Netapp h500s Netapp h700s Netapp h410s Netapp h700e Netapp h300s |
21 Jul 2023, 17:07
Type | Values Removed | Values Added |
---|---|---|
CWE | CWE-862 |
19 Oct 2022, 17:33
Type | Values Removed | Values Added |
---|---|---|
References | (MISC) http://packetstormsecurity.com/files/167386/Kernel-Live-Patch-Security-Notice-LSN-0086-1.html - Third Party Advisory, VDB Entry | |
CVSS |
v2 : v3 : |
v2 : 6.9
v3 : 7.8 |
CPE | cpe:2.3:o:canonical:ubuntu_linux:22.04:*:*:*:lts:*:*:* |
03 Jun 2022, 18:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
13 May 2022, 16:28
Type | Values Removed | Values Added |
---|---|---|
References | (MISC) http://packetstormsecurity.com/files/166444/Kernel-Live-Patch-Security-Notice-LSN-0085-1.html - Third Party Advisory, VDB Entry | |
References | (CONFIRM) https://security.netapp.com/advisory/ntap-20220419-0002/ - Third Party Advisory | |
CPE | cpe:2.3:o:redhat:codeready_linux_builder:8.2:*:*:*:*:*:*:* cpe:2.3:o:redhat:codeready_linux_builder_for_power_little_endian:8.0:*:*:*:*:*:*:* cpe:2.3:o:redhat:codeready_linux_builder_for_power_little_endian:8.2:*:*:*:*:*:*:* |
cpe:2.3:h:netapp:baseboard_management_controller_h300e:-:*:*:*:*:*:*:* cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:* cpe:2.3:a:redhat:codeready_linux_builder:8.0:*:*:*:*:*:*:* cpe:2.3:h:netapp:baseboard_management_controller_h300s:-:*:*:*:*:*:*:* cpe:2.3:h:netapp:baseboard_management_controller_h410s:-:*:*:*:*:*:*:* cpe:2.3:h:netapp:baseboard_management_controller_h500e:-:*:*:*:*:*:*:* cpe:2.3:a:netapp:solidfire\,_enterprise_sds_\&_hci_storage_node:-:*:*:*:*:*:*:* cpe:2.3:h:netapp:baseboard_management_controller_h410c:-:*:*:*:*:*:*:* cpe:2.3:a:redhat:codeready_linux_builder_for_power_little_endian:8.0:*:*:*:*:*:*:* cpe:2.3:o:canonical:ubuntu_linux:20.04:*:*:*:lts:*:*:* cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:* cpe:2.3:h:netapp:baseboard_management_controller_h500s:-:*:*:*:*:*:*:* cpe:2.3:h:netapp:baseboard_management_controller_h700e:-:*:*:*:*:*:*:* cpe:2.3:a:redhat:codeready_linux_builder:8.2:*:*:*:*:*:*:* cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:* cpe:2.3:h:netapp:baseboard_management_controller_h700s:-:*:*:*:*:*:*:* cpe:2.3:a:netapp:solidfire_\&_hci_management_node:-:*:*:*:*:*:*:* cpe:2.3:h:netapp:hci_compute_node:-:*:*:*:*:*:*:* cpe:2.3:a:redhat:codeready_linux_builder_for_power_little_endian:8.2:*:*:*:*:*:*:* cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:* |
First Time |
Fedoraproject
Netapp baseboard Management Controller H300s Fedoraproject fedora Netapp baseboard Management Controller H700s Netapp solidfire \& Hci Management Node Netapp baseboard Management Controller H410s Netapp baseboard Management Controller H700e Canonical ubuntu Linux Canonical Netapp solidfire\, Enterprise Sds \& Hci Storage Node Netapp Netapp baseboard Management Controller H500s Netapp baseboard Management Controller H500e Netapp hci Compute Node Netapp baseboard Management Controller H410c Netapp baseboard Management Controller H300e |
19 Apr 2022, 19:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
24 Mar 2022, 17:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
15 Mar 2022, 13:35
Type | Values Removed | Values Added |
---|---|---|
First Time |
Redhat codeready Linux Builder
Redhat enterprise Linux For Power Little Endian Debian debian Linux Redhat enterprise Linux For Real Time Tus Redhat enterprise Linux Eus Redhat enterprise Linux Server Tus Redhat enterprise Linux Server Aus Redhat enterprise Linux For Power Little Endian Eus Redhat enterprise Linux For Ibm Z Systems Redhat codeready Linux Builder For Power Little Endian Redhat enterprise Linux Server For Power Little Endian Update Services For Sap Solutions Redhat enterprise Linux Server Update Services For Sap Solutions Debian Linux linux Kernel Redhat enterprise Linux Linux Redhat enterprise Linux For Real Time For Nfv Tus Redhat enterprise Linux For Ibm Z Systems Eus Redhat virtualization Host Redhat |
|
References | (DEBIAN) https://www.debian.org/security/2022/dsa-5095 - Third Party Advisory | |
References | (MLIST) https://lists.debian.org/debian-lts-announce/2022/03/msg00011.html - Mailing List, Third Party Advisory | |
References | (MISC) https://bugzilla.redhat.com/show_bug.cgi?id=2051505 - Issue Tracking, Patch, Third Party Advisory | |
References | (MLIST) https://lists.debian.org/debian-lts-announce/2022/03/msg00012.html - Mailing List, Third Party Advisory | |
References | (MISC) https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=24f6008564183aa120d07c03d9289519c2fe02af - Patch, Vendor Advisory | |
References | (DEBIAN) https://www.debian.org/security/2022/dsa-5096 - Third Party Advisory | |
CPE | cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian:8.0:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus:8.0:*:*:*:*:*:*:* cpe:2.3:o:redhat:codeready_linux_builder_for_power_little_endian:8.2:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:8.0:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:8.0:*:*:*:*:*:*:* cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* cpe:2.3:a:redhat:virtualization_host:4.0:*:*:*:*:*:*:* cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:* cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:* cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_server_for_power_little_endian_update_services_for_sap_solutions:8.1:*:*:*:*:*:*:* cpe:2.3:o:linux:linux_kernel:5.17:rc1:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_server_update_services_for_sap_solutions:8.2:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_for_real_time_tus:8.0:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_for_real_time_tus:8.2:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_server_for_power_little_endian_update_services_for_sap_solutions:8.2:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_for_real_time_for_nfv_tus:8.2:*:*:*:*:*:*:* cpe:2.3:o:redhat:codeready_linux_builder_for_power_little_endian:8.0:*:*:*:*:*:*:* cpe:2.3:o:linux:linux_kernel:5.17:rc2:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_eus:8.2:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_server_tus:8.2:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_server_update_services_for_sap_solutions:8.1:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_for_real_time_for_nfv_tus:8.0:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_server_aus:8.2:*:*:*:*:*:*:* cpe:2.3:o:redhat:codeready_linux_builder:8.0:*:*:*:*:*:*:* cpe:2.3:o:redhat:codeready_linux_builder:8.2:*:*:*:*:*:*:* |
|
CVSS |
v2 : v3 : |
v2 : 4.4
v3 : 7.8 |
CWE | CWE-287 |
10 Mar 2022, 17:44
Type | Values Removed | Values Added |
---|---|---|
References |
|
03 Mar 2022, 19:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2022-03-03 19:15
Updated : 2023-12-10 14:22
NVD link : CVE-2022-0492
Mitre link : CVE-2022-0492
CVE.ORG link : CVE-2022-0492
JSON object : View
Products Affected
netapp
- h700e
- h700s
- solidfire_\&_hci_management_node
- h410c
- h500s
- solidfire\,_enterprise_sds_\&_hci_storage_node
- h300e
- hci_compute_node
- h410s
- h300s
- h500e
redhat
- enterprise_linux_server_aus
- enterprise_linux_for_ibm_z_systems_eus
- virtualization_host
- enterprise_linux_for_power_little_endian_eus
- enterprise_linux_server_tus
- enterprise_linux_server_update_services_for_sap_solutions
- codeready_linux_builder
- enterprise_linux_server_for_power_little_endian_update_services_for_sap_solutions
- enterprise_linux
- enterprise_linux_for_ibm_z_systems
- enterprise_linux_for_power_little_endian
- enterprise_linux_for_real_time_tus
- codeready_linux_builder_for_power_little_endian
- enterprise_linux_eus
- enterprise_linux_for_real_time_for_nfv_tus
linux
- linux_kernel
fedoraproject
- fedora
debian
- debian_linux
canonical
- ubuntu_linux