← Back

CVE-2024-46713

nvd nist
Published: Sep 13, 2024Modified: Nov 3, 2025

JSON object

Loading...
7.8
Vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Exploitability: 1.8 / Impact: 5.9
Source: NVD

Description

In the Linux kernel, the following vulnerability has been resolved: perf/aux: Fix AUX buffer serialization Ole reported that event->mmap_mutex is strictly insufficient to serialize the AUX buffer, add a per RB mutex to fully serialize it. Note that in the lock order comment the perf_event::mmap_mutex order was already wrong, that is, it nesting under mmap_lock is not new with this patch.

Affected (11)

Products: Linux: Linux Kernel
Linux
1 product
Linux Kernel
Configuration A
11 vulnerable
Vulnerable SoftwareAffected Versions
Linux
Linux Kernel
From 4.1 to 5.10.226
Linux Kernel
From 5.11 to 5.15.167
Linux Kernel
From 5.16 to 6.1.110
Linux Kernel
From 6.2 to 6.6.51
Linux Kernel
From 6.7 to 6.10.10
Linux Kernel
Version 6.11 rc1
Linux Kernel
Version 6.11 rc2
Linux Kernel
Version 6.11 rc3
Linux Kernel
Version 6.11 rc4
Linux Kernel
Version 6.11 rc5
Linux Kernel
Version 6.11 rc6

Related CWEs

CWE-787
Out-of-bounds Write
The product writes data past the end, or before the beginning, of the intended buffer.

References (8)

Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67
Patch
Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67
Patch
Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67
Patch
Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67
Patch
Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67
Patch
Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67
Patch
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.