CVE-2024-46713
N/A
N/A
Summary
In the Linux kernel, the following vulnerability has been resolved:
perf/aux: Fix AUX buffer serialization
Ole reported that event->mmap_mutex is strictly insufficient to serialize the AUX buffer, add a per RB mutex to fully serialize it.
Note that in the lock order comment the perf_event::mmap_mutex order was already wrong, that is, it nesting under mmap_lock is not new with this patch.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Linux | Linux | 45bfb2e50471abbbfd83d40d28c986078b0d24ff < 7882923f1cb88dc1a17f2bf0c81b1fc80d44db82 | affected |
| Linux | Linux | 45bfb2e50471abbbfd83d40d28c986078b0d24ff < 52d13d224fdf1299c8b642807fa1ea14d693f5ff | affected |
| Linux | Linux | 45bfb2e50471abbbfd83d40d28c986078b0d24ff < 9dc7ad2b67772cfb94ceb3b0c9c4023c2463215d | affected |
| Linux | Linux | 45bfb2e50471abbbfd83d40d28c986078b0d24ff < c4b69bee3f4ef76809288fe6827bc14d4ae788ef | affected |
| Linux | Linux | 45bfb2e50471abbbfd83d40d28c986078b0d24ff < b9b6882e243b653d379abbeaa64a500182aba370 | affected |
| Linux | Linux | 45bfb2e50471abbbfd83d40d28c986078b0d24ff < 2ab9d830262c132ab5db2f571003d80850d56b2a | affected |
| Linux | Linux | 4.1 | affected |
| Linux | Linux | 0 < 4.1 | unaffected |
| Linux | Linux | 5.10.226 <= 5.10.* | unaffected |
| Linux | Linux | 5.15.167 <= 5.15.* | unaffected |
| Linux | Linux | 6.1.110 <= 6.1.* | unaffected |
| Linux | Linux | 6.6.51 <= 6.6.* | unaffected |
| Linux | Linux | 6.10.10 <= 6.10.* | unaffected |
| Linux | Linux | 6.11 <= * | unaffected |
Weaknesses
ADP Enrichment
CISA ADP Vulnrichment
- SSVC:
- Exploitation: none
- Automatable: no
- Technical Impact: partial
CVE Program Container
Additional References
- https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html
- https://lists.debian.org/debian-lts-announce/2024/10/msg00003.html
References
- https://git.kernel.org/stable/c/7882923f1cb88dc1a17f2bf0c81b1fc80d44db82
- https://git.kernel.org/stable/c/52d13d224fdf1299c8b642807fa1ea14d693f5ff
- https://git.kernel.org/stable/c/9dc7ad2b67772cfb94ceb3b0c9c4023c2463215d
- https://git.kernel.org/stable/c/c4b69bee3f4ef76809288fe6827bc14d4ae788ef
- https://git.kernel.org/stable/c/b9b6882e243b653d379abbeaa64a500182aba370
- https://git.kernel.org/stable/c/2ab9d830262c132ab5db2f571003d80850d56b2a
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.