CVE-2024-46713

See a problem?
Please try reporting it to the source first.

Source

https://cve.org/CVERecord?id=CVE-2024-46713

Import Source

https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-46713.json

JSON Data

https://api.test.osv.dev/v1/vulns/CVE-2024-46713

Downstream

BELL-CVE-2024-46713

CLSA-2025-1763722365

CLSA-2025-1763734783

CLSA-2025-1764151168

CLSA-2026-1777614651

DEBIAN-CVE-2024-46713

DLA-3912-1

DLA-4008-1

DSA-5782-1

MGASA-2024-0316

MGASA-2024-0318

OESA-2024-2491

OESA-2024-2492

OESA-2024-2493

OESA-2024-2494

RHSA-2025:0059

SUSE-SU-2025:01919-1

SUSE-SU-2025:01951-1

SUSE-SU-2025:01964-1

SUSE-SU-2025:01965-1

SUSE-SU-2025:01967-1

SUSE-SU-2025:01972-1

SUSE-SU-2025:02000-1

SUSE-SU-2025:02846-1

SUSE-SU-2025:20408-1

SUSE-SU-2025:20413-1

SUSE-SU-2025:20419-1

SUSE-SU-2025:20421-1

UBUNTU-CVE-2024-46713

Related

Published

2024-09-13T14:49:13.691Z

Modified

2026-05-28T03:54:06.072793265Z

Summary

perf/aux: Fix AUX buffer serialization

Details

In the Linux kernel, the following vulnerability has been resolved:

perf/aux: Fix AUX buffer serialization

Ole reported that event->mmap_mutex is strictly insufficient to serialize the AUX buffer, add a per RB mutex to fully serialize it.

Note that in the lock order comment the perfevent::mmapmutex order was already wrong, that is, it nesting under mmap_lock is not new with this patch.

Database specific

{
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2024/46xxx/CVE-2024-46713.json",
    "cna_assigner": "Linux"
}

References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type: GIT
Repo: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events: Introduced

45bfb2e50471abbbfd83d40d28c986078b0d24ff

Fixed

7882923f1cb88dc1a17f2bf0c81b1fc80d44db82

Fixed

52d13d224fdf1299c8b642807fa1ea14d693f5ff

Fixed

9dc7ad2b67772cfb94ceb3b0c9c4023c2463215d

Fixed

c4b69bee3f4ef76809288fe6827bc14d4ae788ef

Fixed

b9b6882e243b653d379abbeaa64a500182aba370

Fixed

2ab9d830262c132ab5db2f571003d80850d56b2a

Database specific

source

"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-46713.json"

Linux / Kernel

Package

Name: Kernel

Affected ranges

Type: ECOSYSTEM
Events: Introduced

4.1.0

Fixed

5.10.226

Type: ECOSYSTEM
Events: Introduced

5.11.0

Fixed

5.15.167

Type: ECOSYSTEM
Events: Introduced

5.16.0

Fixed

6.1.110

Type: ECOSYSTEM
Events: Introduced

6.2.0

Fixed

6.6.51

Type: ECOSYSTEM
Events: Introduced

6.7.0

Fixed

6.10.10

Database specific

source

"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-46713.json"