Organizations Warned of Exploited Linux Kernel Vulnerability

Additionally, the bug allowed attackers to create a new user namespace with admin privileges and then create a cgroup with a malicious release_agent file, triggering the exploit.Technical details on CVE-2022-0492 were published roughly three years ago, but its in-the-wild exploitation wasreportedonly this week, one day before CISA’s alert.Kaspersky mentioned the exploitation of CVE-2022-0492 in a blog post describing attacks on container environments, but has not specified who is behind the attacks, nor who the victims are.On Tuesday, the cybersecurity agencyaddedthe CVE to its Known Exploited Vulnerabilities (KEV) catalog, urging federal agencies to patch it by June 5.CISA also urged the immediate patching of CVE-2025-48595, a high-severity flaw in Android’s Framework component. Google patched the issue this week, warning that it has beenexploited as a zero-day.Related:‘HTTP/2 Bomb’ Exploit Knocks Web Servers Offline in SecondsRelated:Oracle WebLogic Vulnerability Exploited in the WildRelated:WP Maps Pro Vulnerability Exploited to Take Over WordPress SitesRelated:Recent Palo Alto Networks Vulnerability Exploited for Weeks

Technical details on CVE-2022-0492 were published roughly three years ago, but its in-the-wild exploitation wasreportedonly this week, one day before CISA’s alert.Kaspersky mentioned the exploitation of CVE-2022-0492 in a blog post describing attacks on container environments, but has not specified who is behind the attacks, nor who the victims are.On Tuesday, the cybersecurity agencyaddedthe CVE to its Known Exploited Vulnerabilities (KEV) catalog, urging federal agencies to patch it by June 5.CISA also urged the immediate patching of CVE-2025-48595, a high-severity flaw in Android’s Framework component. Google patched the issue this week, warning that it has beenexploited as a zero-day.Related:‘HTTP/2 Bomb’ Exploit Knocks Web Servers Offline in SecondsRelated:Oracle WebLogic Vulnerability Exploited in the WildRelated:WP Maps Pro Vulnerability Exploited to Take Over WordPress SitesRelated:Recent Palo Alto Networks Vulnerability Exploited for Weeks

Kaspersky mentioned the exploitation of CVE-2022-0492 in a blog post describing attacks on container environments, but has not specified who is behind the attacks, nor who the victims are.On Tuesday, the cybersecurity agencyaddedthe CVE to its Known Exploited Vulnerabilities (KEV) catalog, urging federal agencies to patch it by June 5.CISA also urged the immediate patching of CVE-2025-48595, a high-severity flaw in Android’s Framework component. Google patched the issue this week, warning that it has beenexploited as a zero-day.Related:‘HTTP/2 Bomb’ Exploit Knocks Web Servers Offline in SecondsRelated:Oracle WebLogic Vulnerability Exploited in the WildRelated:WP Maps Pro Vulnerability Exploited to Take Over WordPress SitesRelated:Recent Palo Alto Networks Vulnerability Exploited for Weeks

On Tuesday, the cybersecurity agencyaddedthe CVE to its Known Exploited Vulnerabilities (KEV) catalog, urging federal agencies to patch it by June 5.CISA also urged the immediate patching of CVE-2025-48595, a high-severity flaw in Android’s Framework component. Google patched the issue this week, warning that it has beenexploited as a zero-day.Related:‘HTTP/2 Bomb’ Exploit Knocks Web Servers Offline in SecondsRelated:Oracle WebLogic Vulnerability Exploited in the WildRelated:WP Maps Pro Vulnerability Exploited to Take Over WordPress SitesRelated:Recent Palo Alto Networks Vulnerability Exploited for Weeks

CISA also urged the immediate patching of CVE-2025-48595, a high-severity flaw in Android’s Framework component. Google patched the issue this week, warning that it has beenexploited as a zero-day.Related:‘HTTP/2 Bomb’ Exploit Knocks Web Servers Offline in SecondsRelated:Oracle WebLogic Vulnerability Exploited in the WildRelated:WP Maps Pro Vulnerability Exploited to Take Over WordPress SitesRelated:Recent Palo Alto Networks Vulnerability Exploited for Weeks

Related:‘HTTP/2 Bomb’ Exploit Knocks Web Servers Offline in SecondsRelated:Oracle WebLogic Vulnerability Exploited in the WildRelated:WP Maps Pro Vulnerability Exploited to Take Over WordPress SitesRelated:Recent Palo Alto Networks Vulnerability Exploited for Weeks

Related:Oracle WebLogic Vulnerability Exploited in the WildRelated:WP Maps Pro Vulnerability Exploited to Take Over WordPress SitesRelated:Recent Palo Alto Networks Vulnerability Exploited for Weeks

Related:WP Maps Pro Vulnerability Exploited to Take Over WordPress SitesRelated:Recent Palo Alto Networks Vulnerability Exploited for Weeks

Related:Recent Palo Alto Networks Vulnerability Exploited for Weeks

Ionut Arghire is an international correspondent for SecurityWeek.

Source: SecurityWeek