CVE-2022-2585
It was discovered that when exec'ing from a non-leader thread, armed POSIX CPU timers would be left on a list but freed, leading to a use-after-free.
| Software | From | Fixed in |
|---|---|---|
| canonical / ubuntu_linux | 20.04 | 20.04.x |
| canonical / ubuntu_linux | 22.04 | 22.04.x |
| linux / linux_kernel | 5.16 | 5.18.18 |
| linux / linux_kernel | 5.19 | 5.19.2 |
| linux / linux_kernel | 5.11 | 5.15.61 |
| linux / linux_kernel | 5.7 | 5.10.137 |
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2585
- https://lore.kernel.org/lkml/20220809170751.164716-1-cascardo@canonical.com/T/#u
- https://ubuntu.com/security/notices/USN-5564-1
- https://ubuntu.com/security/notices/USN-5565-1
- https://ubuntu.com/security/notices/USN-5566-1
- https://ubuntu.com/security/notices/USN-5567-1
- https://www.openwall.com/lists/oss-security/2022/08/09/7
Deep Security Visibility Without the Complexity
SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.
- No setup fees
- 5-min deployment
- Cancel anytime