CVE-2022-2585

Description

It was discovered that when exec'ing from a non-leader thread, armed POSIX CPU timers would be left on a list but freed, leading to a use-after-free.

CVSS Version 3.1

nvd
CVE ID: CVE-2022-2585
Base Score: 7.8
Base Severity: HIGH
Vector String:CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Impact Score: 5.9
Exploitability Score: 1.8

ubuntu
CVE ID: CVE-2022-2585
Base Score: 5.3
Base Severity: MEDIUM
Vector String:CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:H
Impact Score: 4.2
Exploitability Score: 1.0

Content on GitHub

pirenga | watchers:7

2022-LPE-UAF
CVE-2022-2588,CVE-2022-2586,CVE-2022-2585

Refrence: GitHub

konoha279 | watchers:4

2022-LPE-UAF
CVE-2022-2588,CVE-2022-2586,CVE-2022-2585

Refrence: GitHub

Refrence: NVD MITRE

Description​

Content on GitHub​

Description

Content on GitHub