CVE-2022-2585

Опубликовано: 08 янв. 2024

Источник: debian

EPSS Низкий

Описание

It was discovered that when exec'ing from a non-leader thread, armed POSIX CPU timers would be left on a list but freed, leading to a use-after-free.

Пакет	Статус	Версия исправления	Релиз	Тип
linux	fixed	5.18.16-1		package
linux	not-affected		buster	package

https://lore.kernel.org/lkml/20220809170751.164716-1-cascardo@canonical.com/T/#u
https://www.openwall.com/lists/oss-security/2022/08/09/7

EPSS

Процентиль: 65%

0.00488

Низкий

CVE-2022-2585

CVSS3: 5.3

ubuntu

почти 2 года назад

It was discovered that when exec'ing from a non-leader thread, armed POSIX CPU timers would be left on a list but freed, leading to a use-after-free.

CVE-2022-2585

CVSS3: 7.8

redhat

больше 3 лет назад

It was discovered that when exec'ing from a non-leader thread, armed POSIX CPU timers would be left on a list but freed, leading to a use-after-free.

CVE-2022-2585

CVSS3: 5.3

nvd

почти 2 года назад

It was discovered that when exec'ing from a non-leader thread, armed POSIX CPU timers would be left on a list but freed, leading to a use-after-free.

CVE-2022-2585

CVSS3: 7.8

msrc

почти 2 года назад

It was discovered that when exec'ing from a non-leader thread armed POSIX CPU timers would be left on a list but freed leading to a use-after-free.

BDU:2022-05633

CVSS3: 7.8

fstec

больше 3 лет назад

Уязвимость компонента POSIX CPU ядра операционной системы Linux, позволяющая нарушителю выполнить произвольный код

EPSS

Процентиль: 65%

0.00488

Низкий