* [Blog](https://www.paloaltonetworks.com/blog)
* [Cloud Security](https://www.paloaltonetworks.com/blog/cloud-security/)
* [Announcement](https://www.paloaltonetworks.com/blog/category/announcement/)
* What Does the Latest Linu...

# What Does the Latest Linux Kernel Vulnerability Mean for Kubernetes Users and How Prisma Cloud Protects Against it?

[](https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Fwww.paloaltonetworks.com%2Fblog%2Fcloud-security%2Flinux-kernel-vulnerabilities%2F)  
[](https://twitter.com/share?text=What+Does+the+Latest+Linux+Kernel+Vulnerability+Mean+for+Kubernetes+Users+and+How+Prisma+Cloud+Protects+Against+it%3F&url=https%3A%2F%2Fwww.paloaltonetworks.com%2Fblog%2Fcloud-security%2Flinux-kernel-vulnerabilities%2F)  
[](https://www.linkedin.com/shareArticle?mini=true&url=https%3A%2F%2Fwww.paloaltonetworks.com%2Fblog%2Fcloud-security%2Flinux-kernel-vulnerabilities%2F&title=What+Does+the+Latest+Linux+Kernel+Vulnerability+Mean+for+Kubernetes+Users+and+How+Prisma+Cloud+Protects+Against+it%3F&summary=&source=)  
[](https://www.paloaltonetworks.com//www.reddit.com/submit?url=https://www.paloaltonetworks.com/blog/cloud-security/linux-kernel-vulnerabilities/&ts=markdown)  
\[\](mailto:?subject=What Does the Latest Linux Kernel Vulnerability Mean for Kubernetes Users and How Prisma Cloud Protects Against it?)  
Link copied  
By [Daniel Prizmant](https://www.paloaltonetworks.com/blog/author/daniel-prizmant/?ts=markdown "Posts by Daniel Prizmant") and [Ariel Zelivansky](https://www.paloaltonetworks.com/blog/author/ariel-zelivansky/?ts=markdown "Posts by Ariel Zelivansky")  
Feb 01, 2022  
6 minutes  
[Announcement](https://www.paloaltonetworks.com/blog/category/announcement/?ts=markdown)  
[DevSecOps](https://www.paloaltonetworks.com/blog/cloud-security/category/devsecops/?ts=markdown)  
[Partners](https://www.paloaltonetworks.com/blog/category/partners/?ts=markdown)  
[Products and Services](https://www.paloaltonetworks.com/blog/category/products-and-services/?ts=markdown)  
[CIEM](https://www.paloaltonetworks.com/blog/tag/ciem/?ts=markdown)  
[CNS](https://www.paloaltonetworks.com/blog/tag/cns/?ts=markdown)  
[CSPM](https://www.paloaltonetworks.com/blog/tag/cspm/?ts=markdown)  
[CWPP](https://www.paloaltonetworks.com/blog/tag/cwpp/?ts=markdown)  
[Kubernetes](https://www.paloaltonetworks.com/blog/tag/kubernetes/?ts=markdown)  
[Linux-Kernel](https://www.paloaltonetworks.com/blog/tag/linux-kernel/?ts=markdown)  
[Vulnerabilities](https://www.paloaltonetworks.com/blog/tag/vulnerabilities/?ts=markdown)

### Executive Summary

On 01/18/2022, an [Integer Underflow](https://cwe.mitre.org/data/definitions/191.html) vulnerability was discovered in the Linux Kernel. The vulnerability, assigned CVE-2022-0185, lies in the legacy\_parse\_param linux kernel function. If used correctly, the vulnerability can be leveraged to an infinite kernel heap overflow, by bypassing some of the checks implemented in the Linux kernel.

The vulnerability can be triggered by any user with the CAP\_SYS\_ADMIN privileges. However, the privilege only needs to be granted to the current namespace, so most unprivileged users could achieve it by creating a new namespace with the capability granted, making the exploitation of this vulnerability possible with low privileges. Prisma Cloud can [alert on the use of privileged containers](https://docs.paloaltonetworks.com/prisma/prisma-cloud/prisma-cloud-policy-reference/configuration-policies/configuration-policies-build-phase/kubernetes-configuration-policies/policy_e2a2f39e-1de6-4b14-802a-d6e6852490a6.html) in your environment.

Most Docker instances are not affected by this exploit as [Docker's seccomp profile](https://blog.aquasec.com/cve-2022-0185-linux-kernel-container-escape-in-kubernetes) blocks [unshare](https://man7.org/linux/man-pages/man1/unshare.1.html), the command that is used to start a program in a new namespace, by default.

Kubernetes clusters are likely affected by the vulnerability as the seccomp filter is disabled in it by default. The simplest remedy is upgrading all clusters to use a fixed Linux kernel; more advanced mitigations are described further in this article. Prisma Cloud can detect vulnerable instances and alert on the use of a vulnerable kernel.

In addition, another local privilege escalation vulnerability was discovered on 01/25 in the Linux polkit toolkit. The vulnerability was named PwnKit by the researchers and was assigned [CVE-2021-4034](https://nvd.nist.gov/vuln/detail/CVE-2021-4034). polkit is an application-level toolkit for defining and handling the policy that allows unprivileged processes to speak to privileged processes. The vulnerability tracks back all the way to the initial commit of the pkexec command, over 12 years ago, so all versions of polkit are affected. This vulnerability is easy to exploit and there are already several public exploits available. Prisma Cloud alerts on use of a vulnerable kernel.

### Background

We would like to focus on CVE-2022-0185 in this article as it had recently been a subject for concern in the cloud security community. CVE-2022-0185 was discovered by security researchers while fuzzing the Linux kernel. Only later, and after an exploit was already developed, the researchers decided to use this vulnerability to try to break out of [Google's Kubernetes CTF](https://google.github.io/kctf/) platform (also known as kCTF). This platform allows researchers to experiment with vulnerability exploitation for containers in general and Kubernetes in particular.

This vulnerability, while being severe as any other local privilege escalation (LPE) vulnerability, is not related to containers or Kubernetes any more than any other kernel vulnerability is.

### Technical Summary

The problem lies in the kernel function legacy\_parse\_param which is used to add a new parameter to the legacy file system context structure.

What exactly this function does, or how to get it executed is outside the scope of this post. A full explanation of the exploitation chain can be found in the [original paper](https://www.willsroot.io/2022/01/cve-2022-0185.html#comment-form) by the researchers who discovered this vulnerability.

Suffice to say that any unprivileged user with a CAP\_SYS\_ADMIN capability in his current namespace can exploit this vulnerability.

### The Offending Line

The vulnerability is caused by a single insufficient [if condition](https://elixir.bootlin.com/linux/v5.14.21/source/fs/fs_context.c#L551):

if (len \> PAGE\_SIZE - 2 - size)  
return invalf(fc, "VFS: Legacy: Cumulative options too large");

Starting from the left, len represents the length of the value the user wants to add to the kernel structure, PAGE\_SIZE is 4096 and size is the current size of the structure. This structure can hold up to "PAGE\_SIZE" (4096) bytes of data, so the condition tries to make sure the added parameter won't overflow it.

The problem lies in the way the comparison is made. For a size big enough, the right side of the equation can actually underflow and result in a negative value, which means there *isn't*enough space in the kernel buffer for the new parameter.

However, because both len and size are unsigned integers, a negative value is actually a very big positive value. This means that if PAGE\_SIZE - 2 - size results in a negative value, the condition isn't met and the function execution continues, regardless of len size.

Later in the function, the provided input from the user is [copied to the kernel structure](https://elixir.bootlin.com/linux/v5.14.21/source/fs/fs_context.c#L570), which completes the heap overflow vulnerability.

### The Fix

The vulnerability fix is [the following](https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=722d94847de29310e8aa03fcbdb41fc92c521756):

- if (len \> PAGE\_SIZE - 2 - size)

+ if (size + len + 2 \> PAGE\_SIZE)

By simply removing the minus instruction, the condition won't be possible to be passed as before, and because len is unsigned, it can't be negative either.

### Who's Affected

This bug affects all kernel versions since 5.1 in systems where an unprivileged user can create new namespaces (default behavior), this includes most recent Kubernetes versions.

### Mitigations

#### Host

The easiest way to fix the problem is to update your distribution. For example, Ubuntu fixed the issue in version 5.13.0-27.29 and 5.11.0-49.55. Other distributions might have different versions.

Another possibility is to remove the capability of unprivileged users to create namespaces. These commands may affect the host's ability to run containers, depending on the configuration.

On Ubuntu and most other distributions:

sysctl -w kernel.unprivileged\_userns\_clone = 0

Om Red Hat:

echo "user.max\_user\_namespaces = 0" \>\> /etc/sysctl.d/userns.conf  
sysctl -p /etc/sysctl.d/userns.conf

#### Kubernetes

A possible mitigation for Kubernetes is to use the [securityContext](https://kubernetes.io/docs/tutorials/security/seccomp/#create-pod-that-uses-the-container-runtime-default-seccomp-profile) field of the workload definition.

Moreover, there is a [new feature](https://kubernetes.io/docs/tutorials/security/seccomp/#enable-the-use-of-runtimedefault-as-the-default-seccomp-profile-for-all-workloads), currently in alpha stage, that will allow the use of the CRI's defaults (RuntimeDefault) as the default seccomp profile for all workloads. To use this feature, one needs to opt in the feature flag. More information about this can be found in the link above.

### How does Prisma Cloud Protect Against this Issue?

Prisma Cloud Compute alerts or completely blocks its users from running privileged containers, which is required in most cloud environments for an attacker to take advantage of this vulnerability.

![Figure 1. Prisma Cloud Compute blocking an attempt to run a privileged container](https://www.paloaltonetworks.com/blog/wp-content/uploads/2023/02/graphical-user-interface-application-description-2.png)
Figure 1. Prisma Cloud Compute blocking an attempt to run a privileged container

Moreover, Prisma Cloud Compute alerts users running vulnerable applications or kernel versions.
![Figure 2. Prisma Cloud Compute listing this vulnerability for different distributions ](https://www.paloaltonetworks.com/blog/wp-content/uploads/2023/02/graphical-user-interface-application-teams-desc.png)
Figure 2. Prisma Cloud Compute listing this vulnerability for different distributions

### Get Started with Prisma Cloud

Existing customers can protect against privileged containers with a few clicks in their environment with Prisma Cloud Compute. New customers can see Prisma Cloud's Compute capabilities in action, by requesting a [free trial here](https://www.paloaltonetworks.com/prisma/request-a-prisma-cloud-trial?ts=markdown).

*** ** * ** ***

## Related Blogs

### [Announcement](https://www.paloaltonetworks.com/blog/category/announcement/?ts=markdown), [Cloud Infrastructure Entitlement Management](https://www.paloaltonetworks.com/blog/cloud-security/category/cloud-infrastructure-entitlement-management/?ts=markdown), [Cloud Native Security Platform](https://www.paloaltonetworks.com/blog/cloud-security/category/cloud-native-security-platform/?ts=markdown), [Cloud Network Security](https://www.paloaltonetworks.com/blog/cloud-security/category/cloud-network-security/?ts=markdown), [Cloud Posture Security](https://www.paloaltonetworks.com/blog/cloud-security/category/cloud-security-posture-management/?ts=markdown), [Cloud Workload Protection Platform](https://www.paloaltonetworks.com/blog/cloud-security/category/cloud-workload-protection-platform/?ts=markdown), [DevSecOps](https://www.paloaltonetworks.com/blog/cloud-security/category/devsecops/?ts=markdown)

[#### Prisma Cloud at Ignite '21: What to Know](https://www.paloaltonetworks.com/blog/cloud-security/prisma-cloud-ignite-21/)

### [Announcement](https://www.paloaltonetworks.com/blog/category/announcement/?ts=markdown), [Cloud Workload Protection Platform](https://www.paloaltonetworks.com/blog/cloud-security/category/cloud-workload-protection-platform/?ts=markdown), [DevSecOps](https://www.paloaltonetworks.com/blog/cloud-security/category/devsecops/?ts=markdown), [Partners](https://www.paloaltonetworks.com/blog/cloud-security/category/partners/?ts=markdown), [Products and Services](https://www.paloaltonetworks.com/blog/category/products-and-services/?ts=markdown)

[#### Prisma Cloud Automatically Secures Unprotected Cloud Workloads](https://www.paloaltonetworks.com/blog/2021/04/april-2021-release-prisma-cloud/)

### [AI Security](https://www.paloaltonetworks.com/blog/category/ai-security/?ts=markdown), [Announcement](https://www.paloaltonetworks.com/blog/category/announcement/?ts=markdown), [Partners](https://www.paloaltonetworks.com/blog/category/partners/?ts=markdown), [Products and Services](https://www.paloaltonetworks.com/blog/category/products-and-services/?ts=markdown)

[#### The Power of Glean and Prisma AIRS Integration](https://www.paloaltonetworks.com/blog/2026/02/power-of-glean-and-prisma-airs-integration/)

### [Announcement](https://www.paloaltonetworks.com/blog/category/announcement/?ts=markdown), [Partners](https://www.paloaltonetworks.com/blog/category/partners/?ts=markdown), [Products and Services](https://www.paloaltonetworks.com/blog/category/products-and-services/?ts=markdown)

[#### New Year, New Program, New Opportunities](https://www.paloaltonetworks.com/blog/2026/02/new-year-new-program-new-opportunities/)

### [AI Application Security](https://www.paloaltonetworks.com/blog/network-security/category/ai-application-security/?ts=markdown), [AI Governance](https://www.paloaltonetworks.com/blog/category/ai-governance/?ts=markdown), [Announcement](https://www.paloaltonetworks.com/blog/category/announcement/?ts=markdown), [Firewall](https://www.paloaltonetworks.com/blog/category/firewall/?ts=markdown), [Next-Generation Firewalls](https://www.paloaltonetworks.com/blog/network-security/category/next-generation-firewalls/?ts=markdown), [Partners](https://www.paloaltonetworks.com/blog/category/partners/?ts=markdown), [Products and Services](https://www.paloaltonetworks.com/blog/category/products-and-services/?ts=markdown)

[#### Palo Alto Networks Announces Support for NVIDIA Enterprise AI Factory](https://www.paloaltonetworks.com/blog/2026/01/support-nvidia-enterprise-ai-factory/)

### [Announcement](https://www.paloaltonetworks.com/blog/category/announcement/?ts=markdown), [Cloud Network Security](https://www.paloaltonetworks.com/blog/category/cloud-network-security/?ts=markdown), [Cloud NGFW](https://www.paloaltonetworks.com/blog/network-security/category/cloud-ngfw/?ts=markdown), [Guest Post](https://www.paloaltonetworks.com/blog/category/guest-post/?ts=markdown), [Hybrid Cloud Data Center](https://www.paloaltonetworks.com/blog/network-security/category/hybrid-cloud-data-center/?ts=markdown), [Partners](https://www.paloaltonetworks.com/blog/category/partners/?ts=markdown), [Products and Services](https://www.paloaltonetworks.com/blog/category/products-and-services/?ts=markdown)

[#### Untangling Hybrid Cloud Security](https://www.paloaltonetworks.com/blog/2025/12/untangling-hybrid-cloud-security/)

### Subscribe to Cloud Security Blogs!

Sign up to receive must-read articles, Playbooks of the Week, new feature announcements, and more.
![spinner](https://www.paloaltonetworks.com/blog/wp-content/themes/panwblog2023/dist/images/ajax-loader.gif) Sign up  
Please enter a valid email.  
By submitting this form, you agree to our [Terms of Use](https://www.paloaltonetworks.com/legal-notices/terms-of-use?ts=markdown) and acknowledge our [Privacy Statement](https://www.paloaltonetworks.com/legal-notices/privacy?ts=markdown). Please look for a confirmation email from us. If you don't receive it in the next 10 minutes, please check your spam folder.  
This site is protected by reCAPTCHA and the Google [Privacy Policy](https://policies.google.com/privacy) and [Terms of Service](https://policies.google.com/terms) apply.  
{#footer} {#footer}

## Products and Services

* [AI-Powered Network Security Platform](https://www.paloaltonetworks.com/network-security?ts=markdown)

* [Secure AI by Design](https://www.paloaltonetworks.com/precision-ai-security/secure-ai-by-design?ts=markdown)

* [Prisma AIRS](https://www.paloaltonetworks.com/prisma/prisma-ai-runtime-security?ts=markdown)

* [AI Access Security](https://www.paloaltonetworks.com/sase/ai-access-security?ts=markdown)

* [Cloud Delivered Security Services](https://www.paloaltonetworks.com/network-security/security-subscriptions?ts=markdown)

* [Advanced Threat Prevention](https://www.paloaltonetworks.com/network-security/advanced-threat-prevention?ts=markdown)

* [Advanced URL Filtering](https://www.paloaltonetworks.com/network-security/advanced-url-filtering?ts=markdown)

* [Advanced WildFire](https://www.paloaltonetworks.com/network-security/advanced-wildfire?ts=markdown)

* [Advanced DNS Security](https://www.paloaltonetworks.com/network-security/advanced-dns-security?ts=markdown)

* [Enterprise Data Loss Prevention](https://www.paloaltonetworks.com/sase/enterprise-data-loss-prevention?ts=markdown)

* [Enterprise IoT Security](https://www.paloaltonetworks.com/network-security/enterprise-device-security?ts=markdown)

* [Medical IoT Security](https://www.paloaltonetworks.com/network-security/medical-device-security?ts=markdown)

* [Industrial OT Security](https://www.paloaltonetworks.com/network-security/medical-device-security?ts=markdown)

* [SaaS Security](https://www.paloaltonetworks.com/sase/saas-security?ts=markdown)

* [Next-Generation Firewalls](https://www.paloaltonetworks.com/network-security/next-generation-firewall?ts=markdown)

* [Hardware Firewalls](https://www.paloaltonetworks.com/network-security/hardware-firewall-innovations?ts=markdown)

* [Software Firewalls](https://www.paloaltonetworks.com/network-security/software-firewalls?ts=markdown)

* [Strata Cloud Manager](https://www.paloaltonetworks.com/network-security/strata-cloud-manager?ts=markdown)

* [SD-WAN for NGFW](https://www.paloaltonetworks.com/network-security/sd-wan-subscription?ts=markdown)

* [PAN-OS](https://www.paloaltonetworks.com/network-security/pan-os?ts=markdown)

* [Panorama](https://www.paloaltonetworks.com/network-security/panorama?ts=markdown)

* [Secure Access Service Edge](https://www.paloaltonetworks.com/sase?ts=markdown)

* [Prisma SASE](https://www.paloaltonetworks.com/sase?ts=markdown)

* [Application Acceleration](https://www.paloaltonetworks.com/sase/app-acceleration?ts=markdown)

* [Autonomous Digital Experience Management](https://www.paloaltonetworks.com/sase/adem?ts=markdown)

* [Enterprise DLP](https://www.paloaltonetworks.com/sase/enterprise-data-loss-prevention?ts=markdown)

* [Prisma Access](https://www.paloaltonetworks.com/sase/access?ts=markdown)

* [Prisma Browser](https://www.paloaltonetworks.com/sase/prisma-browser?ts=markdown)

* [Prisma SD-WAN](https://www.paloaltonetworks.com/sase/sd-wan?ts=markdown)

* [Remote Browser Isolation](https://www.paloaltonetworks.com/sase/remote-browser-isolation?ts=markdown)

* [SaaS Security](https://www.paloaltonetworks.com/sase/saas-security?ts=markdown)

* [AI-Driven Security Operations Platform](https://www.paloaltonetworks.com/cortex?ts=markdown)

* [Cloud Security](https://www.paloaltonetworks.com/cortex/cloud?ts=markdown)

* [Cortex Cloud](https://www.paloaltonetworks.com/cortex/cloud?ts=markdown)

* [Application Security](https://www.paloaltonetworks.com/cortex/cloud/application-security?ts=markdown)

* [Cloud Posture Security](https://www.paloaltonetworks.com/cortex/cloud/cloud-posture-security?ts=markdown)

* [Cloud Runtime Security](https://www.paloaltonetworks.com/cortex/cloud/runtime-security?ts=markdown)

* [Prisma Cloud](https://www.paloaltonetworks.com/prisma/cloud?ts=markdown)

* [AI-Driven SOC](https://www.paloaltonetworks.com/cortex?ts=markdown)

* [Cortex XSIAM](https://www.paloaltonetworks.com/cortex/cortex-xsiam?ts=markdown)

* [Cortex XDR](https://www.paloaltonetworks.com/cortex/cortex-xdr?ts=markdown)

* [Cortex XSOAR](https://www.paloaltonetworks.com/cortex/cortex-xsoar?ts=markdown)

* [Cortex Xpanse](https://www.paloaltonetworks.com/cortex/cortex-xpanse?ts=markdown)

* [Unit 42 Managed Detection \& Response](https://www.paloaltonetworks.com/cortex/managed-detection-and-response?ts=markdown)

* [Managed XSIAM](https://www.paloaltonetworks.com/cortex/managed-xsiam?ts=markdown)

* [Threat Intel and Incident Response Services](https://www.paloaltonetworks.com/unit42?ts=markdown)

* [Proactive Assessments](https://www.paloaltonetworks.com/unit42/assess?ts=markdown)

* [Incident Response](https://www.paloaltonetworks.com/unit42/respond?ts=markdown)

* [Transform Your Security Strategy](https://www.paloaltonetworks.com/unit42/transform?ts=markdown)

* [Discover Threat Intelligence](https://www.paloaltonetworks.com/unit42/threat-intelligence-partners?ts=markdown)

## Company

* [About Us](https://www.paloaltonetworks.com/about-us?ts=markdown)
* [Careers](https://jobs.paloaltonetworks.com/en/)
* [Contact Us](https://www.paloaltonetworks.com/company/contact-sales?ts=markdown)
* [Corporate Responsibility](https://www.paloaltonetworks.com/about-us/corporate-responsibility?ts=markdown)
* [Customers](https://www.paloaltonetworks.com/customers?ts=markdown)
* [Investor Relations](https://investors.paloaltonetworks.com/)
* [Location](https://www.paloaltonetworks.com/about-us/locations?ts=markdown)
* [Newsroom](https://www.paloaltonetworks.com/company/newsroom?ts=markdown)

## Popular Links

* [Blog](https://www.paloaltonetworks.com/blog/?ts=markdown)
* [Communities](https://www.paloaltonetworks.com/communities?ts=markdown)
* [Content Library](https://www.paloaltonetworks.com/resources?ts=markdown)
* [Cyberpedia](https://www.paloaltonetworks.com/cyberpedia?ts=markdown)
* [Event Center](https://events.paloaltonetworks.com/)
* [Manage Email Preferences](https://start.paloaltonetworks.com/preference-center)
* [Products A-Z](https://www.paloaltonetworks.com/products/products-a-z?ts=markdown)
* [Product Certifications](https://www.paloaltonetworks.com/legal-notices/trust-center/compliance?ts=markdown)
* [Report a Vulnerability](https://www.paloaltonetworks.com/security-disclosure?ts=markdown)
* [Sitemap](https://www.paloaltonetworks.com/sitemap?ts=markdown)
* [Tech Docs](https://docs.paloaltonetworks.com/)
* [Unit 42](https://unit42.paloaltonetworks.com/)
* [Do Not Sell or Share My Personal Information](https://panwedd.exterro.net/portal/dsar.htm?target=panwedd)
  ![PAN logo](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/pan-logo-dark.svg)
* [Privacy](https://www.paloaltonetworks.com/legal-notices/privacy?ts=markdown)
* [Trust Center](https://www.paloaltonetworks.com/legal-notices/trust-center?ts=markdown)
* [Terms of Use](https://www.paloaltonetworks.com/legal-notices/terms-of-use?ts=markdown)
* [Documents](https://www.paloaltonetworks.com/legal?ts=markdown)

Copyright © 2026 Palo Alto Networks. All Rights Reserved

* [![Youtube](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/youtube-black.svg)](https://www.youtube.com/user/paloaltonetworks)
* [![Podcast](https://www.paloaltonetworks.com/content/dam/pan/en_US/images/icons/podcast.svg)](https://www.paloaltonetworks.com/podcasts/threat-vector?ts=markdown)
* [![Facebook](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/facebook-black.svg)](https://www.facebook.com/PaloAltoNetworks/)
* [![LinkedIn](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/linkedin-black.svg)](https://www.linkedin.com/company/palo-alto-networks)
* [![Twitter](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/twitter-x-black.svg)](https://twitter.com/PaloAltoNtwks)
* EN  
  Select your language