CVE-2022-2585

Опубликовано: 08 янв. 2024

Источник: debian

EPSS Низкий

Описание

It was discovered that when exec'ing from a non-leader thread, armed POSIX CPU timers would be left on a list but freed, leading to a use-after-free.

Пакет	Статус	Версия исправления	Релиз	Тип
linux	fixed	5.18.16-1		package
linux	not-affected		buster	package

https://lore.kernel.org/lkml/20220809170751.164716-1-cascardo@canonical.com/T/#u
https://www.openwall.com/lists/oss-security/2022/08/09/7

EPSS

Процентиль: 52%

0.00296

Низкий

CVE-2022-2585

CVSS3: 5.3

ubuntu

больше 1 года назад

It was discovered that when exec'ing from a non-leader thread, armed POSIX CPU timers would be left on a list but freed, leading to a use-after-free.

CVE-2022-2585

CVSS3: 7.8

redhat

почти 3 года назад

It was discovered that when exec'ing from a non-leader thread, armed POSIX CPU timers would be left on a list but freed, leading to a use-after-free.

CVE-2022-2585

CVSS3: 5.3

nvd

больше 1 года назад

It was discovered that when exec'ing from a non-leader thread, armed POSIX CPU timers would be left on a list but freed, leading to a use-after-free.

CVE-2022-2585

CVSS3: 7.8

msrc

больше 1 года назад

Описание отсутствует

BDU:2022-05633

CVSS3: 7.8

fstec

почти 3 года назад

Уязвимость компонента POSIX CPU ядра операционной системы Linux, позволяющая нарушителю выполнить произвольный код

EPSS

Процентиль: 52%

0.00296

Низкий