Linux · Linux Kernel · CVE-2009-2767
**Name of the Vulnerable Software and Affected Versions**
Linux kernel versions prior to 2.6.31-rc6
**Description**
The issue allows local users to cause a denial of service or possibly gain privileges via a specific clock nanosleep call that triggers a NULL pointer dereference. This is related to the init posix timers function in kernel/posix-timers.c.
**Recommendations**
For versions prior to 2.6.31-rc6, update to version 2.6.31-rc6 or later to resolve the issue. As a temporary workaround, consider restricting access to the CLOCK MONOTONIC RAW clock to minimize the risk of exploitation.