Linux Distros Unpatched Vulnerability : CVE-2022-50095

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - posix-cpu-timers: Cleanup CPU timers before freeing them during exec Commit 55e8c8eb2c7b posix-cpu- timers: Store a reference to a pid not a task started lookin...

kernel: execve: must clear current->clear_child_tid

The execve function in the Linux kernel, possibly 2.6.30-rc6 and earlier, does not properly clear the current-clearchildtid pointer, which allows local users to cause a denial of service memory corruption or possibly gain privileges via a clone system call with CLONECHILDSETTID or...

2.2.12.execve.txt

From: [email protected] Subject: execve bug linux-2.2.12 While doing some debugging, I discovered a really nasty stack smash bug in linux-2.2.12. The I haven't checked previous versions of the 2.2 kernel but bug appears to be fixed in linux-2.2.13pre17. If I am reading this correctly, the...