Vulnerabilities in the Linux Kernel Allows Privilege Escalation

45
Vulnerabilities in the Linux Kernel Allows Privilege Escalation-01

Researchers have found a vulnerability in the “control groups” feature of the Linux kernel that allows attackers to escape the containers, escalate privileges and execute arbitrary commands to the host.

The bug (CVE-2022-0492) exists in the Linux kernel feature “cgroup_release_agent_write”, which is found in the “kernel / cgroup / cgroup-v1.c” function.

The use of the cgroups v1 release_agent feature allows for container escape in the Kubernetes, that is, the ability to access other users’ containers in public cloud sites.

Read More: https://threatpost.com/bug-linux-kernel-privilege-escalation-container-escape/178808/