Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2022-0492

EPSS 8.79% · P93
Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2022-0492

Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
A vulnerability was found in the Linux kernel’s cgroup_release_agent_write in the kernel/cgroup/cgroup-v1.c function. This flaw, under certain circumstances, allows the use of the cgroups v1 release_agent feature to escalate privileges and bypass the namespace isolation unexpectedly.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
认证机制不恰当
Source: NVD (National Vulnerability Database)
Vulnerability Title
Linux kernel 授权问题漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Linux kernel是美国Linux基金会的开源操作系统Linux所使用的内核。 Linux kernel 存在授权问题漏洞,该漏洞源于软件对用权限限制存在问题。攻击者可利用该漏洞可以通过Cgroups Release Agent 绕过Linux内核的限制,以升级他的权限。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)

Affected Products

VendorProductAffected VersionsCPESubscribe
-kernel kernel 5.17 rc3 -

II. Public POCs for CVE-2022-0492

#POC DescriptionSource LinkShenlong Link
1Test whether a container environment is vulnerable to container escapes via CVE-2022-0492https://github.com/PaloAltoNetworks/can-ctr-escape-cve-2022-0492POC Details
2A script to check if a container environment is vulnerable to container escapes via CVE-2022-0492https://github.com/SofianeHamlaoui/CVE-2022-0492-CheckerPOC Details
3Nonehttps://github.com/puckiestyle/CVE-2022-0492POC Details
4CVE-2022-0492 EXP and Analysis write uphttps://github.com/chenaotian/CVE-2022-0492POC Details
5Nonehttps://github.com/Trinadh465/device_renesas_kernel_AOSP10_r33_CVE-2022-0492POC Details
6CVE-2022-0492-Container-Escapehttps://github.com/yoeelingBin/CVE-2022-0492-Container-EscapePOC Details
7Docker Breakout Checker and PoC via CAP_SYS_ADMIN and via user namespaces (CVE-2022-0492)https://github.com/T1erno/CVE-2022-0492-Docker-Breakout-Checker-and-PoCPOC Details
8Nonehttps://github.com/bb33bb/CVE-2022-0492POC Details
9Nonehttps://github.com/Threekiii/Awesome-POC/blob/master/%E4%BA%91%E5%AE%89%E5%85%A8%E6%BC%8F%E6%B4%9E/Linux%20%E5%86%85%E6%A0%B8%20cgroup%20v1%20%E9%80%BB%E8%BE%91%E9%94%99%E8%AF%AF%E5%AF%BC%E8%87%B4%E5%AE%B9%E5%99%A8%E9%80%83%E9%80%B8%20CVE-2022-0492.mdPOC Details
10PoC for CVE-2022-0492https://github.com/Perimora/cve_2022_0492POC Details
11CVE-2022-0492https://github.com/smallcat9612/CVE-2022-0492-Docker-Breakout-Checker-and-PoCPOC Details
AI-Generated POCPremium

No public POC found.

Login to generate AI POC

III. Intelligence Information for CVE-2022-0492

登录查看更多情报信息。

Same Patch Batch · n/a · 2022-03-03 · 37 CVEs total

CVE-2021-458196.4 MEDIUMWordline HIDCCEMonitorSVC 代码问题漏洞
CVE-2021-3609Linux kernel 竞争条件问题漏洞
CVE-2022-26127FRRouting FRR 缓冲区错误漏洞
CVE-2022-26128FRRouting FRR 缓冲区错误漏洞
CVE-2022-26129FRRouting FRR 缓冲区错误漏洞
CVE-2022-23898MingSoft Mcms SQL注入漏洞
CVE-2022-23899MingSoft Mcms SQL注入漏洞
CVE-2022-25125MingSoft Mcms SQL注入漏洞
CVE-2022-22700CyberArk Identity 安全特征问题漏洞
CVE-2021-3620Red Hat Ansible 安全漏洞
CVE-2022-25138Axelor Open Suite 跨站脚本漏洞
CVE-2021-3602Buildah 信息泄露漏洞
CVE-2021-3762Clair 路径遍历漏洞
CVE-2021-4002Linux kernel 安全漏洞
CVE-2022-23051PeTeReport 跨站脚本漏洞
CVE-2022-23052PeTeReport 跨站请求伪造漏洞
CVE-2022-25220PeTeReport 跨站脚本漏洞
CVE-2022-22943VMware Tools for Windows 代码问题漏洞
CVE-2021-3640Linux kernel 资源管理错误漏洞
CVE-2022-23849Devolutions Password Hub 授权问题漏洞

Showing top 20 of 37 CVEs. View all on vendor page → →

IV. Related Vulnerabilities

Same product: kernel
Same vendor: n/a
Same weakness: CWE-287

V. Comments for CVE-2022-0492

No comments yet

Leave a comment