Home / Vulnerabilities / CVE-2022-0492
HIGH SEVERITY
CVE-2022-0492Linux · Kernel

Linux Kernel Improper Authentication Vulnerability

Technical Severity

CVSS v3.1 Metrics

HIGH
7.8 / 10
Minimal Risk Critical
Vector Specification
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Exploitation Likelihood

EPSS Prediction

28.97 %
Predictive Probability
Percentile Rank
96.7 th

Documented as more likely to be exploited than 96.7% of known CVEs.

Detection Date

Jun 02, 2026

Remediation Due

Jun 05, 2026

CISA Catalog Active

Threat Analysis

Linux Kernel contains an improper authentication vulnerability which could allow for privilege escalation via the cgroups v1 release_agent feature.

Remediation Directive

Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.

External Intelligence

This vulnerability affects a common open-source component, third-party library, or a protocol used by different products. Please check with specific vendors for information on patching status. For more information, please see:

https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=24f6008564183aa120d07c03d9289519c2fe02af

https://www.kernel.org/

https://www.kernel.org/

NVD

National Vulnerability Database

https://nvd.nist.gov/vuln/detail/CVE-2022-0492