It was discovered that when exec'ing from a non-leader thread, armed POSIX CPU timers would be left on a list but freed, leading to a use-after-free.
Created kernel tracking bugs for this issue: Affects: fedora-all [bug 2117010]
This issue has been addressed in the following products: Red Hat Enterprise Linux 9 Via RHSA-2022:7318 https://access.redhat.com/errata/RHSA-2022:7318
This issue has been addressed in the following products: Red Hat Enterprise Linux 9 Via RHSA-2022:7319 https://access.redhat.com/errata/RHSA-2022:7319
This issue has been addressed in the following products: Red Hat Enterprise Linux 9 Via RHSA-2022:7330 https://access.redhat.com/errata/RHSA-2022:7330
This bug is now closed. Further updates for individual products will be reflected on the CVE page(s): https://access.redhat.com/security/cve/cve-2022-2585