silversurfer
Level 85
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Malware Hunter
Well-known
- Aug 17, 2014
- 10,159
Details have emerged about a now-patched high-severity vulnerability in the Linux kernel that could potentially be abused to escape a container in order to execute arbitrary commands on the container host.
The shortcoming resides in a Linux kernel feature called control groups, also referred to as cgroups version 1 (v1), which allows processes to be organized into hierarchical groups, thereby making it possible to limit and monitor the usage of resources such as CPU, memory, disk I/O, and network.
Tracked as CVE-2022-0492 (CVSS score: 7.0), the issue concerns a case of privilege escalation in the cgroups v1 release_agent functionality, a script that's executed following the termination of any process in the cgroup.
"The issue stands out as one of the simplest Linux privilege escalations discovered in recent times: The Linux kernel mistakenly exposed a privileged operation to unprivileged users," Unit 42 researcher Yuval Avrahami said in a report published this week.
New Linux Kernel cgroups Vulnerability Could Let Attackers Escape Container
A new vulnerability in the Linux kernel's control groups feature could let attackers to escape a container to execute arbitrary commands on the host.
thehackernews.com