You can now find Cyber Kendra on Google News | Telegram

Linux Kernel cgroups Vulnerability Lets to escalate privileges

Linux cgroups Vulnerability is simplest Linux privilege escalations bug discovered in recent times.

Details of a serious vulnerability in the Linux kernel have surfaced which has already been patched and could potentially be used to exit a container in order to execute arbitrary commands on the container host.

Vulnerability CVE-2022-0492 was found in the cgroups Linux kernel function, which allows organizing and forming hierarchical groups of processes with specified resource properties and provides programmatic control over them.

The vulnerability was discovered in cgroup_release_agent_write of the Linux kernel in the kernel/cgroup/cgroup-v1.c function. Under certain circumstances, an attacker can use the cgroups v1 release_agent function to escalate privileges and bypass namespace isolation.

“This is one of the simplest Linux privilege escalations discovered in recent times: the Linux kernel mistakenly granted a privileged operation to unprivileged users,” Unit 42 researcher Yuval Avraami said in a report published this week.

However, it is worth noting that only processes with "root" privileges can write to the file, which means that the vulnerability allows only root processes to elevate privileges.

“At first glance, a privilege escalation vulnerability that can only be exploited by the root user may seem strange,” Avraami explained. “Running as root does not necessarily mean full control of the machine: there is a gray area between root and full privileges, including capabilities, namespaces, and containers. In these scenarios, when the root process does not have full control over the machine, CVE-2022-0492 becomes a serious vulnerability."

Although containers running with AppArmor or SELinux are not vulnerable to the flaw, users are recommended to apply the patches because they could be abused by other malicious host processes to elevate privileges.

Post a Comment

Cookie Consent
We serve cookies on this site to analyze traffic, remember your preferences, and optimize your experience.
It seems there is something wrong with your internet connection. Please connect to the internet and start browsing again.
AdBlock Detected!
We have detected that you are using adblocking plugin in your browser.
The revenue we earn by the advertisements is used to manage this website, we request you to whitelist our website in your adblocking plugin.
Site is Blocked
Sorry! This site is not available in your country.