**Name of the Vulnerable Software and Affected Versions:**

Linux kernel versions prior to 6.1.147-1

Linux kernel version 6.6.101

**Description:**

A race condition exists in the Linux kernel’s POSIX CPU timer handling, specifically within the `handle posix cpu timers()` and `posix cpu timer del()` functions. This condition can occur when an exiting task is reaped, potentially leading to a use-after-free scenario. An attacker with local user access could exploit this flaw to crash the system or escalate their privileges. The vulnerability is actively exploited. The fix involves adding a check for `tsk->exit state` within the `run posix cpu timers()` function. This fix is not required if `CONFIG POSIX CPU TIMERS TASK WORK=y` is enabled.

**Recommendations:**

Linux kernel versions prior to 6.1.147-1: Upgrade to version 6.1.147-1 or later.

Linux kernel versions prior to 6.6.101: Upgrade to version 6.6.101 or later.