Threat Advisories:
CVE-2025-7775: Actively Exploited Critical Flaw in Citrix NetScaler ZipLine Campaign Spins Web Around U.S. Supply Chain Manufacturers with MixShell August 2025 Linux Patch Roundup New SHAMOS Stealer Exploits One-Line Commands on macOS QuirkyLoader: A Silent Enabler of Modern Malware Families CVE-2025-43300: Zero-Day in Apple Image I/O Exploited in Targeted Attacks Static Tundra Fuels Espionage Campaigns Through an Old Cisco Bug Crypto24 Ransomware Disrupts Businesses Using Custom EDR Bypass GodRAT Reloaded: Legacy Code, Modern Tactics Noodlophile Stealer Advances with Obfuscation, Social Media Deception PS1Bot: The Modular Malware Lurking Behind Malvertising Microsoft’s August 2025 Patch Tuesday Roundup Charon Ransomware Encrypts Files Belonging to Middle East Industries CVE-2025-25256: Fortinet Rushes to Patch High-Risk FortiSIEM Vulnerability Efimer Trojan: From Fake Lawsuits to Crypto Heists Zero-Day in WinRAR Actively Weaponized by Multiple Threat Groups DarkCloud Uses Fileless Techniques Turning into a Nightmare for Windows CastleBot Rising: The Evolving Malware-as-a-Service Threat MedusaLocker Uses ThrottleStop.sys Flaw to Kill AV on Windows Malicious npm Packages Target WhatsApp Developers with Kill Switch
🎧 Podcast: This Month's Threats in 10 Min! Emerging Threat Intel Audio Briefing - Listen & Defend Now →
👥 Play Count: Loading...
Partner Program
Platform
Comprehensive Threat Exposure Management Platform
Uni5 Xposure PlatformUni5 Xposure leverages exposure assessment and adversarial exposure validation to deliver a unified view of your cyber risks and all actionable pathways to resolve them.
IntegrationsSync with an abundant number of out-of-the-box integrations.
HiveForce LabsStrategic intelligence and operational expertise to ensure comprehensive security readiness at all levels.
Solutions
By Use Case
Total Attack Surface Management
Multi-Environment Security Scanners
Complete Exposure Assessment
Comprehensive Security Intelligence
Vulnerability & Threat Prioritization
Adversarial Exposure Validation
By Role
CISO
Vulnerability Management
Security Operations
DevOps
Industry
Telecommunications
Healthcare
Financial Services
Government & Public Sector
Retail & E-Commerce
Educational Institutions
Resources
Advisories & Digests
Threat Advisories
Threat Digests
Content Library
learn
Blog
Case Studies
Whitepapers
Press Releases
connect
Webinars & Videos
Company
About Us
Careers
Our Leadership
Contact Us
Book a DemoThreat Digest - Subscribe
Platform
Platform
Comprehensive Threat Exposure Management Platform
Uni5 Xposure PlatformUni5 Xposure leverages exposure assessment and adversarial exposure validation to deliver a unified view of your cyber risks and all actionable pathways to resolve them.
IntegrationsSync with an abundant number of out-of-the-box integrations.
HiveForce LabsStrategic intelligence and operational expertise to ensure comprehensive security readiness at all levels.
Solutions
Solutions
By Use Case
Total Attack Surface Management
Multi-Environment Security Scanners
Complete Exposure Assessment
Comprehensive Security Intelligence
Vulnerability & Threat Prioritization
Adversarial Exposure Validation
By Role
CISO
Vulnerability Management
Security Operations
DevOps
Industry
Industry
Telecommunications
Healthcare
Financial Services
Government & Public Sector
Retail & E-Commerce
Educational Institutions
Resources
Resources
Advisories & Digests
Threat Advisories
Threat Digests
Content Library
learn
Blog
Case Studies
Whitepapers
Press Releases
connect
Webinars & Videos
Company
Company
About Us
Careers
Our Leadership
Contact Us
Book a DemoThreat Digest - Subscribe

Linux Distributions affected by a privilege escalation vulnerability

Threat Level – Amber | Vulnerability Report
Download PDF

For a detailed advisory, download the pdf file here

A new privilege escalation vulnerability has been reported that affects all the major releases of the Linux kernel and being tracked as CVE-2022-0492. The issue primarily affects the Linux kernel feature known as control groups (groups), which controls, accounts for, and isolates a collection of processes’ resource utilization (CPU, memory, disk I/O, network, etc). A local attacker can exploit this issue to escape a container to execute arbitrary commands and gain admin privileges of the container host.

The flaw exists in the Linux kernel because it fails to properly restrict access to the cgroups ‘release_ agent’ feature that under certain circumstances allows it to escalate privileges and bypass the namespace isolation. Specifically, the vulnerability occurs due to an implementation error in the ‘cgroup_release_agent_write()’ function of the ‘kernel/cgroup/cgroup-v1.c’ file.

This vulnerability affects all major Linux distributions, and organizations make use of the script to detect whether they are impacted. Organizations can also make use of the mitigations provided by the researchers to mitigate the risk. However, this issue has been fixed in all the latest versions of Linux.

Potential MITRE ATT&CK TTPs are:

TA0004: Privilege Escalation

T1611: Escape to Host

T1068: Exploitation for Privilege Escalation

TA0003: Persistence

T1098: Account Manipulation

Vulnerability Detail

Patch Link

What’s new on HivePro

Get through updates and upcoming events, and more directly in your inbox