The execve function in unspecified versions of the Linux kernel does
not clear the current->clear_child_tid pointer, which allows local
users to cause a denial of service (memory corruption) via a clone
system call with CLONE_CHILD_SETTID or CLONE_CHILD_CLEARTID enabled,
which is not properly handled during thread creation and exit.