Lucene search
K

40 matches found

Tenable Nessus
Tenable Nessus
added 2025/08/07 12:0 a.m.11 views

Linux Distros Unpatched Vulnerability : CVE-2022-2585

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - It was discovered that when exec'ing from a non-leader thread, armed POSIX CPU timers would be left on a list but freed, leading to a use-after-free...

7.8CVSS6.5AI score0.01284EPSS
Exploits3References2
Tenable Nessus
Tenable Nessus
added 2025/05/14 12:0 a.m.14 views

Alibaba Cloud Linux 3 : 0002: cloud-kernel bugfix, enhancement and (ALINUX3-SA-2023:0002)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALINUX3-SA-2023:0002 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2021-4037: A vulnerability was found i...

8.8CVSS4.9AI score0.12746EPSS
Exploits27References52
Tenable Nessus
Tenable Nessus
added 2025/02/25 12:0 a.m.20 views

Siemens SIMATIC S7-1500 TM MFP BIOS Use After Free (CVE-2022-2585)

A use-after-free flaw was found in the Linux kernel's POSIX CPU timers functionality in the way a user creates and then deletes the timer in the non-leader thread of the program. This flaw allows a local user to crash or potentially escalate their privileges on the system. This plugin only works...

7.8CVSS6.4AI score0.01284EPSS
Exploits3References4
CBLMariner
CBLMariner
added 2024/04/09 8:48 p.m.18 views

CVE-2022-2585 affecting package kernel for versions less than 5.15.153.1-1

CVE-2022-2585 affecting package kernel for versions less than 5.15.153.1-1. A patched version of the package is available...

7.8CVSS6.6AI score0.01284EPSS
Exploits3
CVE
CVE
added 2024/01/08 5:38 p.m.248 views

CVE-2022-2585

CVE-2022-2585 is a Linux kernel use-after-free vulnerability in POSIX CPU timers when exec() occurs from a non-leader thread. The issue stems from armed timers left on a list but freed, enabling local privilege escalation. Public advisories (e.g., AlmaLinux/ALAS and Debian bulletins) confirm the ...

7.8CVSS7.3AI score0.01284EPSS
Exploits3References7Affected Software1
Cvelist
Cvelist
added 2024/01/08 5:38 p.m.31 views

CVE-2022-2585

It was discovered that when exec'ing from a non-leader thread, armed POSIX CPU timers would be left on a list but freed, leading to a use-after-free...

5.3CVSS7.8AI score0.01284EPSS
Exploits3References7
Tenable Nessus
Tenable Nessus
added 2023/11/07 12:0 a.m.26 views

Rocky Linux 9 : kernel-rt (RLSA-2022:7319)

The remote Rocky Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2022:7319 advisory. - The Linux kernel before 5.17.2 mishandles seccomp permissions. The PTRACESEIZE code path allows attackers to bypass intended restrictions on setting t...

7.8CVSS6.9AI score0.01284EPSS
Exploits4References5
Tenable Nessus
Tenable Nessus
added 2022/11/03 12:0 a.m.40 views

AlmaLinux 9 : kernel (ALSA-2022:7318)

The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2022:7318 advisory. - The Linux kernel before 5.17.2 mishandles seccomp permissions. The PTRACESEIZE code path allows attackers to bypass intended restrictions on setting the...

7.8CVSS6.9AI score0.01284EPSS
Exploits4References3
Tenable Nessus
Tenable Nessus
added 2022/11/03 12:0 a.m.24 views

RHEL 9 : kpatch-patch (RHSA-2022:7330)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2022:7330 advisory. This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Security Fixe...

7.8CVSS6.9AI score0.01284EPSS
Exploits3References4
Tenable Nessus
Tenable Nessus
added 2022/11/03 12:0 a.m.38 views

RHEL 9 : kernel-rt (RHSA-2022:7319)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2022:7319 advisory. The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirement...

7.8CVSS6.8AI score0.01284EPSS
Exploits4References6
Tenable Nessus
Tenable Nessus
added 2022/11/03 12:0 a.m.31 views

RHEL 9 : kernel (RHSA-2022:7318)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2022:7318 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: posix cpu timer use-after-free may lea...

7.8CVSS6.7AI score0.01284EPSS
Exploits4References7
OSV
OSV
added 2022/11/02 1:52 p.m.35 views

RLSA-2022:7319 Important: kernel-rt security and bug fix update

The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Security Fixes: posix cpu timer use-after-free may lead to local privilege escalation CVE-2022-2585 Unprivileged users may use PTRACESEIZE to set...

7.8CVSS7.3AI score0.01284EPSS
Exploits4References3
OSV
OSV
added 2022/11/02 1:52 p.m.39 views

RLSA-2022:7318 Important: kernel security, bug fix, and enhancement update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: posix cpu timer use-after-free may lead to local privilege escalation CVE-2022-2585 Unprivileged users may use PTRACESEIZE to set PTRACEOSUSPENDSECCOMP option CVE-2022-30594 For more details abou...

7.8CVSS7.1AI score0.01284EPSS
Exploits4References3
OSV
OSV
added 2022/11/02 12:0 a.m.46 views

ALSA-2022:7319 Important: kernel-rt security and bug fix update

The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Security Fixes: posix cpu timer use-after-free may lead to local privilege escalation CVE-2022-2585 Unprivileged users may use PTRACESEIZE to set...

7.8CVSS7.2AI score0.01284EPSS
Exploits4References6
OSV
OSV
added 2022/11/02 12:0 a.m.46 views

ALSA-2022:7318 Important: kernel security, bug fix, and enhancement update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: posix cpu timer use-after-free may lead to local privilege escalation CVE-2022-2585 Unprivileged users may use PTRACESEIZE to set PTRACEOSUSPENDSECCOMP option CVE-2022-30594 For more details abou...

7.8CVSS7AI score0.01284EPSS
Exploits4References6
AlmaLinux
AlmaLinux
added 2022/11/02 12:0 a.m.47 views

Important: kernel-rt security and bug fix update

The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Security Fixes: posix cpu timer use-after-free may lead to local privilege escalation CVE-2022-2585 Unprivileged users may use PTRACESEIZE to set...

7.8CVSS7.6AI score0.01284EPSS
Exploits4References6
Amazon
Amazon
added 2022/10/11 12:0 a.m.10 views

Important: kernel

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: i2c: Fix a potential use after free Free the adap structure only after we are done using it. This patch just moves the putdevice down a bit to avoid the use after free. wsa: added comment to the code, added Fixes...

7.8CVSS5.2AI score0.12746EPSS
Exploits17
Tenable Nessus
Tenable Nessus
added 2022/09/22 12:0 a.m.50 views

Oracle Linux 8 : Unbreakable Enterprise kernel-container (ELSA-2022-9830)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2022-9830 advisory. - posix-cpu-timers: Cleanup CPU timers before freeing them during exec Thadeu Lima de Souza Cascardo Orabug: 34495548 CVE-2022-2585 - netfilter:...

7.8CVSS7.4AI score0.12746EPSS
Exploits23References7
Oracle linux
Oracle linux
added 2022/09/21 12:0 a.m.52 views

Unbreakable Enterprise kernel security update

5.15.0-2.52.3 - posix-cpu-timers: Cleanup CPU timers before freeing them during exec Thadeu Lima de Souza Cascardo Orabug: 34495548 CVE-2022-2585 - fix race between exititimers and /proc/pid/timers Oleg Nesterov Orabug: 34495548 - rds: ib: Add preemption control when using per-cpu variables Hakon...

7.8CVSS7.8AI score0.12746EPSS
Exploits23
Oracle linux
Oracle linux
added 2022/09/21 12:0 a.m.68 views

Unbreakable Enterprise kernel-container security update

5.15.0-2.52.3.el8 - posix-cpu-timers: Cleanup CPU timers before freeing them during exec Thadeu Lima de Souza Cascardo Orabug: 34495548 CVE-2022-2585 - fix race between exititimers and /proc/pid/timers Oleg Nesterov Orabug: 34495548 - rds: ib: Add preemption control when using per-cpu variables...

7.8CVSS7.8AI score0.12746EPSS
Exploits23
Rows per page
Query Builder