{"id":"CVE-2022-2585","details":"It was discovered that when exec'ing from a non-leader thread, armed POSIX CPU timers would be left on a list but freed, leading to a use-after-free.","modified":"2026-04-03T13:14:40.962310705Z","published":"2024-01-08T18:15:44.383Z","related":["ALSA-2022:7318","ALSA-2022:7319","MGASA-2022-0305","MGASA-2022-0308","SUSE-SU-2022:2803-1","SUSE-SU-2022:3072-1","SUSE-SU-2022:3108-1","SUSE-SU-2022:3288-1","SUSE-SU-2025:02264-1","SUSE-SU-2025:02321-1","SUSE-SU-2025:02322-1","SUSE-SU-2025:02537-1"],"references":[{"type":"ADVISORY","url":"https://ubuntu.com/security/notices/USN-5564-1"},{"type":"ADVISORY","url":"https://ubuntu.com/security/notices/USN-5565-1"},{"type":"ADVISORY","url":"https://ubuntu.com/security/notices/USN-5566-1"},{"type":"ADVISORY","url":"https://ubuntu.com/security/notices/USN-5567-1"},{"type":"ADVISORY","url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2585"},{"type":"FIX","url":"https://lore.kernel.org/lkml/20220809170751.164716-1-cascardo@canonical.com/T/#u"},{"type":"ARTICLE","url":"https://www.openwall.com/lists/oss-security/2022/08/09/7"}],"affected":[{"database_specific":{"unresolved_ranges":[{"events":[{"introduced":"5.7"},{"fixed":"5.10.137"}]},{"events":[{"introduced":"5.11"},{"fixed":"5.15.61"}]},{"events":[{"introduced":"5.16"},{"fixed":"5.18.18"}]},{"events":[{"introduced":"5.19"},{"fixed":"5.19.2"}]},{"events":[{"introduced":"0"},{"last_affected":"20.04"}]},{"events":[{"introduced":"0"},{"last_affected":"22.04"}]}],"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2022-2585.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}]}