The vulnerability resides in a Linux kernel feature called control groups. It allows processes to be organized into hierarchical groups, thereby making it possible to limit and monitor the usage of resources such as CPU, memory, disk I/O, and network. Palo Alto Networks researchers say the bug is a result of a missing verification to check whether the process setting the release_agent file had administrative privileges. The vulnerability is now being fixed, but only processes with “root” privileges can write to the file.”]
Source: https://thehackernews.com/2022/03/new-linux-kernel-cgroups-vulnerability.html