Entreprise d'experts en Sécurité Informatique : Audits et conseils en cybersécurité
Entreprise française de cybersécurité depuis 2004
☎ 03 60 47 09 81 - info@securiteinfo.com


CVE-2022-0492

Description

A vulnerability was found in the Linux kernel’s cgroup_release_agent_write in the kernel/cgroup/cgroup-v1.c function. This flaw, under certain circumstances, allows the use of the cgroups v1 release_agent feature to escalate privileges and bypass the namespace isolation unexpectedly.

POC

Reference

- http://packetstormsecurity.com/files/166444/Kernel-Live-Patch-Security-Notice-LSN-0085-1.html

- http://packetstormsecurity.com/files/167386/Kernel-Live-Patch-Security-Notice-LSN-0086-1.html

- http://packetstormsecurity.com/files/176099/Docker-cgroups-Container-Escape.html

- https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=24f6008564183aa120d07c03d9289519c2fe02af

Github

- https://github.com/163justIneffable/stand_cyber_attacks

- https://github.com/ARPSyndicate/cvemon

- https://github.com/DogchampDiego/foran-attack

- https://github.com/HuzaifaPatel/houdini

- https://github.com/J1ezds/Vulnerability-Wiki-page

- https://github.com/JadenQ/Cloud-Computing-Security-ProjectPage

- https://github.com/LeoPer02/IDS-Dataset

- https://github.com/LouisLiuNova/container-escape-exploits

- https://github.com/Maissacrement/cyber_sec_master_spv

- https://github.com/Metarget/metarget

- https://github.com/NaInSec/CVE-PoC-in-GitHub

- https://github.com/PaloAltoNetworks/can-ctr-escape-cve-2022-0492

- https://github.com/Perimora/cve_2022_0492

- https://github.com/SPuerBRead/shovel

- https://github.com/SYRTI/POC_to_review

- https://github.com/SgtMate/container_escape_showcase

- https://github.com/SofianeHamlaoui/CVE-2022-0492-Checker

- https://github.com/T1erno/CVE-2022-0492-Docker-Breakout-Checker-and-PoC

- https://github.com/Threekiii/Awesome-POC

- https://github.com/Trinadh465/device_renesas_kernel_AOSP10_r33_CVE-2022-0492

- https://github.com/WhooAmii/POC_to_review

- https://github.com/adavarski/HomeLab-Proxmox-k8s-DevSecOps-playground

- https://github.com/adavarski/HomeLab-k8s-DevSecOps-playground

- https://github.com/bashofmann/hacking-kubernetes

- https://github.com/bb33bb/CVE-2022-0492

- https://github.com/bigpick/cve-reading-list

- https://github.com/cdk-team/CDK

- https://github.com/chenaotian/CVE-2022-0492

- https://github.com/chrisregy23/Evaluating-Container-Security

- https://github.com/cloud-native-security-news/cloud-native-security-news

- https://github.com/h4ckm310n/Container-Vulnerability-Exploit

- https://github.com/hardenedvault/ved

- https://github.com/iridium-soda/container-escape-exploits

- https://github.com/josebeo2016/eBPF_Hotpatch

- https://github.com/k0mi-tg/CVE-POC

- https://github.com/kvesta/vesta

- https://github.com/libera-programming/bayaz

- https://github.com/manas3c/CVE-POC

- https://github.com/marksowell/my-stars

- https://github.com/marksowell/starred

- https://github.com/marksowell/stars

- https://github.com/nomi-sec/PoC-in-GitHub

- https://github.com/omkmorendha/LSM_Project

- https://github.com/paraddise/TagesConf-ContainerEscapes

- https://github.com/puckiestyle/CVE-2022-0492

- https://github.com/sam8k/Dynamic-and-Static-Analysis-of-SOUPs

- https://github.com/soosmile/POC

- https://github.com/ssst0n3/ssst0n3

- https://github.com/stcirclear/container_escape_detection

- https://github.com/teamssix/container-escape-check

- https://github.com/tmawalt12528a/eggshell1

- https://github.com/trhacknon/Pocingit

- https://github.com/ttauveron/cheatsheet

- https://github.com/tuxpeople/toolbox

- https://github.com/whoforget/CVE-POC

- https://github.com/yoeelingBin/CVE-2022-0492-Container-Escape

- https://github.com/youwizard/CVE-POC

- https://github.com/zecool/cve