PT-2025-18569 · Linux+1 · Linux Kernel+1
Published
2025-05-01
·
Updated
2026-01-23
·
CVE-2022-49852
CVSS v3.1
7.1
High
| Vector | AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H |
Name of the Vulnerable Software and Affected Versions
Linux kernel (affected versions not specified)
Description
A security issue has been identified in the Linux kernel, specifically related to the riscv process, where the
s[12] array in thread struct may contain random kernel memory content. This content could potentially leak to userspace, posing a security risk. The issue is resolved by clearing the s[12] array in thread struct when forking. Additionally, for the kthread case, it is recommended to clear the s[12] array as well.Recommendations
To resolve the issue, clear the
s[12] array in thread struct when forking.
As for the kthread case, clear the s[12] array as well to ensure security.Exploit
Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Astra Linux
Linux Kernel