CVE-2022-0155

CVE-2022-0155 is a vulnerability that affects the Linux kernel versions 4.18 and higher, as well as some Android devices. The flaw allows an attacker to escalate their privileges on a system by exploiting a race condition in the futex subsystem. By exploiting this vulnerability, the attacker can gain root privileges and take full control of the affected system. The vulnerability was discovered in January 2022 by security researchers from Qualys, who promptly reported it to the Linux kernel maintainers. A patch was developed and released in February, but it wasn't until March that the vulnerability was made public. The delay in public disclosure was to give users time to update their systems before attackers could exploit the vulnerability. Since the vulnerability became public, there have been no known instances of it being actively exploited in the wild. However, experts warn that it's only a matter of time before attackers start using it to launch attacks. Therefore, it's important for organizations and individuals to ensure that their systems are updated with the latest security patches to prevent potential attacks.