From 3a32e6a63a165e917f77b5766bda732cc730e682 Mon Sep 17 00:00:00 2001
From: Salvatore Bonaccorso <carnil@debian.org>
Date: Tue, 9 Aug 2022 19:21:45 +0200
Subject: Add CVE-2022-2585

---
 active/CVE-2022-2585 | 12 ++++++++++++
 1 file changed, 12 insertions(+)
 create mode 100644 active/CVE-2022-2585

diff --git a/active/CVE-2022-2585 b/active/CVE-2022-2585
new file mode 100644
index 00000000..06e4315e
--- /dev/null
+++ b/active/CVE-2022-2585
@@ -0,0 +1,12 @@
+Description: Linux kernel POSIX CPU timer UAF
+References:
+ https://www.openwall.com/lists/oss-security/2022/08/09/7
+ https://lore.kernel.org/lkml/20220809170751.164716-1-cascardo@canonical.com/T/#u
+Notes:
+Bugs:
+upstream: needed
+5.10-upstream-stable: needed
+4.19-upstream-stable: N/A "Vulnerable code introduced later"
+sid: pending (5.18.16-1) [bugfix/all/posix-cpu-timers-Cleanup-CPU-timers-before-freeing-t.patch]
+5.10-bullseye-security: needed
+4.19-buster-security: N/A "Vulnerable code introduced later"
-- 
cgit v1.2.3