In the Linux kernel, the following vulnerability has been resolved:
perf/aux: Fix AUX buffer serialization
Ole reported that event->mmap_mutex is strictly insufficient to serialize the AUX buffer, add a per RB mutex to fully serialize it.
Note that in the lock order comment the perfevent::mmapmutex order was already wrong, that is, it nesting under mmap_lock is not new with this patch.
{ "vanir_signatures": [ { "signature_version": "v1", "digest": { "length": 465.0, "function_hash": "311315743001601015796100920966320173108" }, "id": "CVE-2024-46713-02c6262c", "deprecated": false, "target": { "function": "ring_buffer_init", "file": "kernel/events/ring_buffer.c" }, "signature_type": "Function", "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@2ab9d830262c132ab5db2f571003d80850d56b2a" }, { "signature_version": "v1", "digest": { "length": 1452.0, "function_hash": "218048279105204688636301102860659340022" }, "id": "CVE-2024-46713-071b8f70", "deprecated": false, "target": { "function": "perf_mmap_close", "file": "kernel/events/core.c" }, "signature_type": "Function", "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@b9b6882e243b653d379abbeaa64a500182aba370" }, { "signature_version": "v1", "digest": { "length": 1452.0, "function_hash": "218048279105204688636301102860659340022" }, "id": "CVE-2024-46713-0d8e3100", "deprecated": false, "target": { "function": "perf_mmap_close", "file": "kernel/events/core.c" }, "signature_type": "Function", "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@2ab9d830262c132ab5db2f571003d80850d56b2a" }, { "signature_version": "v1", "digest": { "length": 1452.0, "function_hash": "218048279105204688636301102860659340022" }, "id": "CVE-2024-46713-10c78968", "deprecated": false, "target": { "function": "perf_mmap_close", "file": "kernel/events/core.c" }, "signature_type": "Function", "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@52d13d224fdf1299c8b642807fa1ea14d693f5ff" }, { "signature_version": "v1", "digest": { "threshold": 0.9, "line_hashes": [ "264953932619258206201369194162091933037", "300387027016771154413514653469030459289", "330306819072426770197281277041857632568", "219460719310306147576299243539429254013" ] }, "id": "CVE-2024-46713-128c003e", "deprecated": false, "target": { "file": "kernel/events/ring_buffer.c" }, "signature_type": "Line", "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@52d13d224fdf1299c8b642807fa1ea14d693f5ff" }, { "signature_version": "v1", "digest": { "threshold": 0.9, "line_hashes": [ "101326254264114840020399520977204517336", "90713298660558023956214232021362888146", "339404165277892593733421034382693510498", "303590902959380942993474013117449837617", "145222583803016392094120543979013523628", "156208127946292321189180455433979919403", "113345231382295142722012076982602286666", "26150179421585196557889584453446997369", "275084856169781524932716410136717245107", "87602005204243832993799473201018405122", "231136277237564589075064206761382954781", "324786018573981522791069876278801764493", "262279799937313526957174804097616528116", "121809988582883095589477545826920662126", "130730386637446236275719083645394378919", "168238779439217833357165368205611080282", "334285152114406779059518000013310033767", "116759486124304963532142102312125370172", "289619292251606408923450074169635870656", "217698662548734268600699714579521750943", "40011835096359705690780822247270380823", "141288691897826274019409485835987582178", "121027614219588262925086015133977303007" ] }, "id": "CVE-2024-46713-1a755990", "deprecated": false, "target": { "file": "kernel/events/core.c" }, "signature_type": "Line", "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@2ab9d830262c132ab5db2f571003d80850d56b2a" }, { "signature_version": "v1", "digest": { "threshold": 0.9, "line_hashes": [ "264953932619258206201369194162091933037", "300387027016771154413514653469030459289", "330306819072426770197281277041857632568", "219460719310306147576299243539429254013" ] }, "id": "CVE-2024-46713-1b97faf0", "deprecated": false, "target": { "file": "kernel/events/ring_buffer.c" }, "signature_type": "Line", "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@2ab9d830262c132ab5db2f571003d80850d56b2a" }, { "signature_version": "v1", "digest": { "length": 3459.0, "function_hash": "332696640457471933936974554351091169777" }, "id": "CVE-2024-46713-2005fdbe", "deprecated": false, "target": { "function": "perf_mmap", "file": "kernel/events/core.c" }, "signature_type": "Function", "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@c4b69bee3f4ef76809288fe6827bc14d4ae788ef" }, { "signature_version": "v1", "digest": { "threshold": 0.9, "line_hashes": [ "101326254264114840020399520977204517336", "90713298660558023956214232021362888146", "339404165277892593733421034382693510498", "303590902959380942993474013117449837617", "145222583803016392094120543979013523628", "156208127946292321189180455433979919403", "113345231382295142722012076982602286666", "26150179421585196557889584453446997369", "275084856169781524932716410136717245107", "87602005204243832993799473201018405122", "231136277237564589075064206761382954781", "324786018573981522791069876278801764493", "262279799937313526957174804097616528116", "121809988582883095589477545826920662126", "130730386637446236275719083645394378919", "168238779439217833357165368205611080282", "334285152114406779059518000013310033767", "116759486124304963532142102312125370172", "289619292251606408923450074169635870656", "217698662548734268600699714579521750943", "40011835096359705690780822247270380823", "141288691897826274019409485835987582178", "121027614219588262925086015133977303007" ] }, "id": "CVE-2024-46713-2088b16f", "deprecated": false, "target": { "file": "kernel/events/core.c" }, "signature_type": "Line", "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@c4b69bee3f4ef76809288fe6827bc14d4ae788ef" }, { "signature_version": "v1", "digest": { "length": 1452.0, "function_hash": "218048279105204688636301102860659340022" }, "id": "CVE-2024-46713-2a808760", "deprecated": false, "target": { "function": "perf_mmap_close", "file": "kernel/events/core.c" }, "signature_type": "Function", "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@c4b69bee3f4ef76809288fe6827bc14d4ae788ef" }, { "signature_version": "v1", "digest": { "length": 1452.0, "function_hash": "218048279105204688636301102860659340022" }, "id": "CVE-2024-46713-2ab72cbb", "deprecated": false, "target": { "function": "perf_mmap_close", "file": "kernel/events/core.c" }, "signature_type": "Function", "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@7882923f1cb88dc1a17f2bf0c81b1fc80d44db82" }, { "signature_version": "v1", "digest": { "threshold": 0.9, "line_hashes": [ "101326254264114840020399520977204517336", "90713298660558023956214232021362888146", "339404165277892593733421034382693510498", "303590902959380942993474013117449837617", "145222583803016392094120543979013523628", "156208127946292321189180455433979919403", "113345231382295142722012076982602286666", "26150179421585196557889584453446997369", "275084856169781524932716410136717245107", "87602005204243832993799473201018405122", "231136277237564589075064206761382954781", "324786018573981522791069876278801764493", "262279799937313526957174804097616528116", "121809988582883095589477545826920662126", "130730386637446236275719083645394378919", "168238779439217833357165368205611080282", "334285152114406779059518000013310033767", "116759486124304963532142102312125370172", "289619292251606408923450074169635870656", "217698662548734268600699714579521750943", "40011835096359705690780822247270380823", "17307190875178520111776109714869401093", "193501455718802766401491963518375876713" ] }, "id": "CVE-2024-46713-3460be5f", "deprecated": false, "target": { "file": "kernel/events/core.c" }, "signature_type": "Line", "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@7882923f1cb88dc1a17f2bf0c81b1fc80d44db82" }, { "signature_version": "v1", "digest": { "threshold": 0.9, "line_hashes": [ "224356433663039463675813024064096407207", "33195447788927696577170311766380565087", "172202286668291577421642424430042798227" ] }, "id": "CVE-2024-46713-38e31f5e", "deprecated": false, "target": { "file": "kernel/events/internal.h" }, "signature_type": "Line", "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@9dc7ad2b67772cfb94ceb3b0c9c4023c2463215d" }, { "signature_version": "v1", "digest": { "threshold": 0.9, "line_hashes": [ "101326254264114840020399520977204517336", "90713298660558023956214232021362888146", "339404165277892593733421034382693510498", "303590902959380942993474013117449837617", "145222583803016392094120543979013523628", "156208127946292321189180455433979919403", "113345231382295142722012076982602286666", "26150179421585196557889584453446997369", "275084856169781524932716410136717245107", "87602005204243832993799473201018405122", "231136277237564589075064206761382954781", "324786018573981522791069876278801764493", "262279799937313526957174804097616528116", "121809988582883095589477545826920662126", "130730386637446236275719083645394378919", "168238779439217833357165368205611080282", "334285152114406779059518000013310033767", "116759486124304963532142102312125370172", "289619292251606408923450074169635870656", "217698662548734268600699714579521750943", "40011835096359705690780822247270380823", "17307190875178520111776109714869401093", "193501455718802766401491963518375876713" ] }, "id": "CVE-2024-46713-4323ad40", "deprecated": false, "target": { "file": "kernel/events/core.c" }, "signature_type": "Line", "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@9dc7ad2b67772cfb94ceb3b0c9c4023c2463215d" }, { "signature_version": "v1", "digest": { "length": 465.0, "function_hash": "311315743001601015796100920966320173108" }, "id": "CVE-2024-46713-68b162cf", "deprecated": false, "target": { "function": "ring_buffer_init", "file": "kernel/events/ring_buffer.c" }, "signature_type": "Function", "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@7882923f1cb88dc1a17f2bf0c81b1fc80d44db82" }, { "signature_version": "v1", "digest": { "length": 465.0, "function_hash": "311315743001601015796100920966320173108" }, "id": "CVE-2024-46713-6d302552", "deprecated": false, "target": { "function": "ring_buffer_init", "file": "kernel/events/ring_buffer.c" }, "signature_type": "Function", "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@c4b69bee3f4ef76809288fe6827bc14d4ae788ef" }, { "signature_version": "v1", "digest": { "threshold": 0.9, "line_hashes": [ "224356433663039463675813024064096407207", "33195447788927696577170311766380565087", "172202286668291577421642424430042798227" ] }, "id": "CVE-2024-46713-7c2e861c", "deprecated": false, "target": { "file": "kernel/events/internal.h" }, "signature_type": "Line", "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@b9b6882e243b653d379abbeaa64a500182aba370" }, { "signature_version": "v1", "digest": { "threshold": 0.9, "line_hashes": [ "224356433663039463675813024064096407207", "33195447788927696577170311766380565087", "172202286668291577421642424430042798227" ] }, "id": "CVE-2024-46713-84b1ed82", "deprecated": false, "target": { "file": "kernel/events/internal.h" }, "signature_type": "Line", "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@7882923f1cb88dc1a17f2bf0c81b1fc80d44db82" }, { "signature_version": "v1", "digest": { "threshold": 0.9, "line_hashes": [ "101326254264114840020399520977204517336", "90713298660558023956214232021362888146", "339404165277892593733421034382693510498", "303590902959380942993474013117449837617", "145222583803016392094120543979013523628", "156208127946292321189180455433979919403", "113345231382295142722012076982602286666", "26150179421585196557889584453446997369", "275084856169781524932716410136717245107", "87602005204243832993799473201018405122", "231136277237564589075064206761382954781", "324786018573981522791069876278801764493", "262279799937313526957174804097616528116", "121809988582883095589477545826920662126", "130730386637446236275719083645394378919", "168238779439217833357165368205611080282", "334285152114406779059518000013310033767", "116759486124304963532142102312125370172", "289619292251606408923450074169635870656", "217698662548734268600699714579521750943", "40011835096359705690780822247270380823", "17307190875178520111776109714869401093", "193501455718802766401491963518375876713" ] }, "id": "CVE-2024-46713-9522018a", "deprecated": false, "target": { "file": "kernel/events/core.c" }, "signature_type": "Line", "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@52d13d224fdf1299c8b642807fa1ea14d693f5ff" }, { "signature_version": "v1", "digest": { "length": 465.0, "function_hash": "311315743001601015796100920966320173108" }, "id": "CVE-2024-46713-95271a08", "deprecated": false, "target": { "function": "ring_buffer_init", "file": "kernel/events/ring_buffer.c" }, "signature_type": "Function", "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@52d13d224fdf1299c8b642807fa1ea14d693f5ff" }, { "signature_version": "v1", "digest": { "length": 465.0, "function_hash": "311315743001601015796100920966320173108" }, "id": "CVE-2024-46713-9ee1c72e", "deprecated": false, "target": { "function": "ring_buffer_init", "file": "kernel/events/ring_buffer.c" }, "signature_type": "Function", "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@9dc7ad2b67772cfb94ceb3b0c9c4023c2463215d" }, { "signature_version": "v1", "digest": { "threshold": 0.9, "line_hashes": [ "264953932619258206201369194162091933037", "300387027016771154413514653469030459289", "330306819072426770197281277041857632568", "219460719310306147576299243539429254013" ] }, "id": "CVE-2024-46713-a3b35db3", "deprecated": false, "target": { "file": "kernel/events/ring_buffer.c" }, "signature_type": "Line", "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@b9b6882e243b653d379abbeaa64a500182aba370" }, { "signature_version": "v1", "digest": { "length": 3459.0, "function_hash": "19337692584186461614860229831658034196" }, "id": "CVE-2024-46713-ae8e2d14", "deprecated": false, "target": { "function": "perf_mmap", "file": "kernel/events/core.c" }, "signature_type": "Function", "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@9dc7ad2b67772cfb94ceb3b0c9c4023c2463215d" }, { "signature_version": "v1", "digest": { "threshold": 0.9, "line_hashes": [ "224356433663039463675813024064096407207", "33195447788927696577170311766380565087", "172202286668291577421642424430042798227" ] }, "id": "CVE-2024-46713-b01c556d", "deprecated": false, "target": { "file": "kernel/events/internal.h" }, "signature_type": "Line", "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@2ab9d830262c132ab5db2f571003d80850d56b2a" }, { "signature_version": "v1", "digest": { "length": 3459.0, "function_hash": "19337692584186461614860229831658034196" }, "id": "CVE-2024-46713-b40ee419", "deprecated": false, "target": { "function": "perf_mmap", "file": "kernel/events/core.c" }, "signature_type": "Function", "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@52d13d224fdf1299c8b642807fa1ea14d693f5ff" }, { "signature_version": "v1", "digest": { "length": 1452.0, "function_hash": "218048279105204688636301102860659340022" }, "id": "CVE-2024-46713-ba1d1dc1", "deprecated": false, "target": { "function": "perf_mmap_close", "file": "kernel/events/core.c" }, "signature_type": "Function", "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@9dc7ad2b67772cfb94ceb3b0c9c4023c2463215d" }, { "signature_version": "v1", "digest": { "threshold": 0.9, "line_hashes": [ "264953932619258206201369194162091933037", "300387027016771154413514653469030459289", "330306819072426770197281277041857632568", "219460719310306147576299243539429254013" ] }, "id": "CVE-2024-46713-bdb8af7d", "deprecated": false, "target": { "file": "kernel/events/ring_buffer.c" }, "signature_type": "Line", "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@c4b69bee3f4ef76809288fe6827bc14d4ae788ef" }, { "signature_version": "v1", "digest": { "threshold": 0.9, "line_hashes": [ "264953932619258206201369194162091933037", "300387027016771154413514653469030459289", "330306819072426770197281277041857632568", "219460719310306147576299243539429254013" ] }, "id": "CVE-2024-46713-be87f047", "deprecated": false, "target": { "file": "kernel/events/ring_buffer.c" }, "signature_type": "Line", "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@9dc7ad2b67772cfb94ceb3b0c9c4023c2463215d" }, { "signature_version": "v1", "digest": { "length": 3459.0, "function_hash": "332696640457471933936974554351091169777" }, "id": "CVE-2024-46713-c1d1e34a", "deprecated": false, "target": { "function": "perf_mmap", "file": "kernel/events/core.c" }, "signature_type": "Function", "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@2ab9d830262c132ab5db2f571003d80850d56b2a" }, { "signature_version": "v1", "digest": { "threshold": 0.9, "line_hashes": [ "224356433663039463675813024064096407207", "33195447788927696577170311766380565087", "172202286668291577421642424430042798227" ] }, "id": "CVE-2024-46713-c261487e", "deprecated": false, "target": { "file": "kernel/events/internal.h" }, "signature_type": "Line", "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@52d13d224fdf1299c8b642807fa1ea14d693f5ff" }, { "signature_version": "v1", "digest": { "threshold": 0.9, "line_hashes": [ "101326254264114840020399520977204517336", "90713298660558023956214232021362888146", "339404165277892593733421034382693510498", "303590902959380942993474013117449837617", "145222583803016392094120543979013523628", "156208127946292321189180455433979919403", "113345231382295142722012076982602286666", "26150179421585196557889584453446997369", "275084856169781524932716410136717245107", "87602005204243832993799473201018405122", "231136277237564589075064206761382954781", "324786018573981522791069876278801764493", "262279799937313526957174804097616528116", "121809988582883095589477545826920662126", "130730386637446236275719083645394378919", "168238779439217833357165368205611080282", "334285152114406779059518000013310033767", "116759486124304963532142102312125370172", "289619292251606408923450074169635870656", "217698662548734268600699714579521750943", "40011835096359705690780822247270380823", "141288691897826274019409485835987582178", "121027614219588262925086015133977303007" ] }, "id": "CVE-2024-46713-cce05a62", "deprecated": false, "target": { "file": "kernel/events/core.c" }, "signature_type": "Line", "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@b9b6882e243b653d379abbeaa64a500182aba370" }, { "signature_version": "v1", "digest": { "length": 3459.0, "function_hash": "332696640457471933936974554351091169777" }, "id": "CVE-2024-46713-d8bdf410", "deprecated": false, "target": { "function": "perf_mmap", "file": "kernel/events/core.c" }, "signature_type": "Function", "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@b9b6882e243b653d379abbeaa64a500182aba370" }, { "signature_version": "v1", "digest": { "threshold": 0.9, "line_hashes": [ "224356433663039463675813024064096407207", "33195447788927696577170311766380565087", "172202286668291577421642424430042798227" ] }, "id": "CVE-2024-46713-dc71a751", "deprecated": false, "target": { "file": "kernel/events/internal.h" }, "signature_type": "Line", "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@c4b69bee3f4ef76809288fe6827bc14d4ae788ef" }, { "signature_version": "v1", "digest": { "threshold": 0.9, "line_hashes": [ "264953932619258206201369194162091933037", "300387027016771154413514653469030459289", "330306819072426770197281277041857632568", "219460719310306147576299243539429254013" ] }, "id": "CVE-2024-46713-edac73d6", "deprecated": false, "target": { "file": "kernel/events/ring_buffer.c" }, "signature_type": "Line", "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@7882923f1cb88dc1a17f2bf0c81b1fc80d44db82" }, { "signature_version": "v1", "digest": { "length": 465.0, "function_hash": "311315743001601015796100920966320173108" }, "id": "CVE-2024-46713-f30f4dbc", "deprecated": false, "target": { "function": "ring_buffer_init", "file": "kernel/events/ring_buffer.c" }, "signature_type": "Function", "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@b9b6882e243b653d379abbeaa64a500182aba370" }, { "signature_version": "v1", "digest": { "length": 3459.0, "function_hash": "19337692584186461614860229831658034196" }, "id": "CVE-2024-46713-fb2cad07", "deprecated": false, "target": { "function": "perf_mmap", "file": "kernel/events/core.c" }, "signature_type": "Function", "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@7882923f1cb88dc1a17f2bf0c81b1fc80d44db82" } ] }