Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: posix-cpu-timers: The process of cleaning up CPU timers before releasing them during execution. The commit 55e8c8eb2c7b “posix-cpu-timers: Store a reference to a pid instead of a task” corrected the behavior where tasks were...

SUSE-SU-2026:20635-1 Security update for the Linux Kernel (Live Patch 0 for SUSE Linux Enterprise 16)

This update for the SUSE Linux Enterprise kernel 6.12.0-160000.5.1 fixes various security issues The following security issues were fixed: - CVE-2025-38352: posix-cpu-timers: fix race between handleposixcputimers and posixcputimerdel bsc1249205. - CVE-2025-39698: iouring/futex: ensure iofutexwait...

kernel: posix-cpu-timers: fix race between handle_posix_cpu_timers() and posix_cpu_timer_del()

A race condition was found in the Linux kernel’s POSIX CPU timer handling, where handleposixcputimers may run concurrently with posixcputimerdel on an exiting task which could result in use-after-free scenarios. An attacker with local user access could use this flaw to crash or escalate their...

kernel: posix-cpu-timers: fix race between handle_posix_cpu_timers() and posix_cpu_timer_del()

A race condition was found in the Linux kernel’s POSIX CPU timer handling, where handleposixcputimers may run concurrently with posixcputimerdel on an exiting task which could result in use-after-free scenarios. An attacker with local user access could use this flaw to crash or escalate their...

RHEL 9 : kernel (RHSA-2025:15661)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:15661 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: drm/vkms: Fix use after free...

kernel: posix-cpu-timers: fix race between handle_posix_cpu_timers() and posix_cpu_timer_del()

A race condition was found in the Linux kernel’s POSIX CPU timer handling, where handleposixcputimers may run concurrently with posixcputimerdel on an exiting task which could result in use-after-free scenarios. An attacker with local user access could use this flaw to crash or escalate their...

Important: Red Hat Security Advisory: kernel security update

An update for kernel is now available for Red Hat Enterprise Linux 7 Extended Lifecycle Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

kernel: posix-cpu-timers: fix race between handle_posix_cpu_timers() and posix_cpu_timer_del()

A race condition was found in the Linux kernel’s POSIX CPU timer handling, where handleposixcputimers may run concurrently with posixcputimerdel on an exiting task which could result in use-after-free scenarios. An attacker with local user access could use this flaw to crash or escalate their...

ALSA-2025:15471 Important: kernel security update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: bpf: Don't use tnumrange on array range checking for poke descriptors CVE-2022-49985 kernel: posix-cpu-timers: fix race between handleposixcputimers and posixcputimerdel CVE-2025-38352 Fo...

DEBIAN-CVE-2025-38352

In the Linux kernel, the following vulnerability has been resolved: posix-cpu-timers: fix race between handleposixcputimers and posixcputimerdel If an exiting non-autoreaping task has already passed exitnotify and calls handleposixcputimers from IRQ, it can be reaped by its parent or debugger rig...

CVE-2025-38352 posix-cpu-timers: fix race between handle_posix_cpu_timers() and posix_cpu_timer_del()

In the Linux kernel, the following vulnerability has been resolved: posix-cpu-timers: fix race between handleposixcputimers and posixcputimerdel If an exiting non-autoreaping task has already passed exitnotify and calls handleposixcputimers from IRQ, it can be reaped by its parent or debugger rig...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a race condition between posix-cpu-timers and posixcputimerdel, which could result in tasks being incorrectl...

CVE-2022-2585

It was discovered that when exec'ing from a non-leader thread, armed POSIX CPU timers would be left on a list but freed, leading to a use-after-free...

Rocky Linux 9 : kernel (RLSA-2022:7318)

The remote Rocky Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2022:7318 advisory. - The Linux kernel before 5.17.2 mishandles seccomp permissions. The PTRACESEIZE code path allows attackers to bypass intended restrictions on setting t...

AlmaLinux 9 : kernel-rt (ALSA-2022:7319)

The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2022:7319 advisory. - The Linux kernel before 5.17.2 mishandles seccomp permissions. The PTRACESEIZE code path allows attackers to bypass intended restrictions on setting the...

Important: Red Hat Security Advisory: kpatch-patch security update

An update for kpatch-patch is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...

kernel security, bug fix, and enhancement update

An update is available for kernel. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The kernel packages contain the Linux kernel, the core of any Linux operating...

Important: kernel security, bug fix, and enhancement update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: posix cpu timer use-after-free may lead to local privilege escalation CVE-2022-2585 Unprivileged users may use PTRACESEIZE to set PTRACEOSUSPENDSECCOMP option CVE-2022-30594 For more details abou...

PT-2022-33813 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v5.15.61 Description: The issue is related to the cleanup of CPU timers before freeing them during exec. The actual impact and attack plausibility have not yet been proven. Recommendations: For Linux Kernel...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel POSIX CPU timer, which stems from the fact that reuse after release can lead to local privilege escalation...