Date: Fri, 4 Feb 2022 10:56:19 -0600 From: Tabitha Sable <tabitha.c.sable@...il.com> To: oss-security@...ts.openwall.com Subject: CVE-2022-0492: Linux kernel cgroups v1 missing capabilities check when setting release_agent Hello all, It has been discovered that under certain circumstances, the Linux kernel’s cgroups v1 release_agent feature can be used to escalate privilege and bypass namespace isolation unexpectedly. CVE-2022-0492 has been assigned to this issue, which is corrected by requiring CAP_SYS_ADMIN in the initial user namespace when setting release_agent. This has been included upstream in commit 24f6008564183aa120d07c03d9289519c2fe02af. ( https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=24f6008564183aa120d07c03d9289519c2fe02af ) Thank you to Yiqi Sun and Kevin Wang of Huawei Security Team for disclosing their work that led to this fix. Cheers, Tabitha Sable
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.