Techly NewsGet the app

Get the latest tech news

Race conditions in Linux Kernel perf events


We disclosed this vulnerability to the kernel security team through responsible disclosure.The patch on the mailing list is visible here. We are publishing the vulnerability to demonstrate that it is fully exploitable and to ensure that the technical details are available.

No CVE number has been assigned yet, as per the kernel teams policy CVEs are only issued once a fix is available and rolled out.We will retroactively add that information when it becomes available. In particular as long as check_pages_enabled is true, the exploit strategy laid out in this blog post will not work.This is the case if init_on_alloc, page poisoning, init_on_free, CONFIG_DEBUG_PAGEALLOC or CONFIG_DEBUG_VM are enabled. user_page points to a special page that the user space can write to, to communicate ring buffer state and configuration.

Get the Android app

Or read this on Hacker News

Read more on:

Photo of linux kernel

linux kernel

Photo of Race conditions

Race conditions

Related news:

News photo

Linux Kernel 6.11 is Out

News photo

Updated Patches Allow Compiling The Linux Kernel From Within macOS

News photo

Klp-build Proposed As A New Means Of Generating Linux Kernel Livepatch Modules

« Advice on Reading Homer in Translation
Accenture to Delay Bulk of Promotions by Six Months on Outlook »