CISA has added CVE-2022-0492, a Linux kernel privilege escalation flaw, to its Known Exploited Vulnerabilities catalog after confirming active exploitation in the wild. The vulnerability targets the cgroups v1 release_agent feature, allowing attackers to execute arbitrary commands with root-level access — and potentially break out of containerized environments entirely.
It's especially dangerous in cloud-native setups where containers rely on cgroups for resource isolation. Federal agencies must patch by June 5, 2026. Other organizations should move fast too — fixes include updating the kernel, disabling unprivileged user namespaces, and auditing container configurations for suspicious cgroup activity.
Source: Cybersecurity News