Jens Rosenboom

**Name of the Vulnerable Software and Affected Versions** Linux kernel versions prior to 2.6.30-rc6 **Description** The issue is related to the `execve` function in the Linux kernel, which does not properly clear the `current->clear child tid` pointer. This can be exploited by local users to cause a denial of service, resulting in memory corruption, or possibly gain privileges. The exploitation is possible via a `clone` system call with `CLONE CHILD SETTID` or `CLONE CHILD CLEARTID` enabled, which is not properly handled during thread creation and exit. **Recommendations** For Linux kernel versions prior to 2.6.30-rc6, consider updating to a newer version to mitigate the risk of exploitation. As a temporary workaround, consider restricting the use of the `clone` system call with `CLONE CHILD SETTID` or `CLONE CHILD CLEARTID` enabled until a patch is available.