#linux

Linux Kernel cgroups v1 Container Escape CVE-2022-0492 Added to KEV

CISA added the Linux Kernel cgroups v1 container escape vulnerability (CVE-2022-0492) to KEV on 2026-06-02. The flaw allows unprivileged container processes with CAP_SYS_ADMIN or uid 0 to write to cgroups release_agent files and execute code on the host, escaping the container namespace. System operators should audit host kernels, verify container capabilities, and disable unprivileged user namespaces.

Linux Copy Fail CVE-2026-31431: KEV Privilege Escalation on Shared Build Hosts

CISA added Linux kernel CVE-2026-31431 to KEV on 2026-05-01. Theori's Copy Fail research ties the bug to AF_ALG AEAD in-place operation and shows why shared CI runners, Kubernetes nodes, and multi-tenant Linux hosts need kernel patch proof or AF_ALG mitigation.