exploitDog - Комплексное решение для обнаружения, оценки и устранения уязвимостей.

БДУ ФСТЭК

Microsoft MSRC

NVD

Oracle ELSA

Red Hat CVE

РЕД ОС

Rocky RLSA

SUSE CVRF

Ubuntu

Debian

Github

Количество 11

CVE-2024-43869

10 месяцев назад

In the Linux kernel, the following vulnerability has been resolved: perf: Fix event leak upon exec and file release The perf pending task work is never waited upon the matching event release. In the case of a child event, released via free_event() directly, this can potentially result in a leaked event, such as in the following scenario that doesn't even require a weak IRQ work implementation to trigger: schedule() prepare_task_switch() =======> <NMI> perf_event_overflow() event->pending_sigtrap = ... irq_work_queue(&event->pending_irq) <======= </NMI> perf_event_task_sched_out() event_sched_out() event->pending_sigtrap = 0; atomic_long_inc_not_zero(&event->refcount) task_work_add(&event->pending_task) finish_lock_switch() =======> <IRQ> perf_pending_irq() //do nothing, rely on pending task work <======= </IRQ> begin_new_exec() perf_event_exit_task() perf_event_exit_event() // If is child event free_event() WARN(atomic_long_cmpxchg(&event->refcount, 1, 0) != 1) // event is leake...

EPSS: Низкий

CVE-2024-43869

10 месяцев назад

CVSS3: 6.1

EPSS: Низкий

CVE-2024-43869

10 месяцев назад

EPSS: Низкий

CVE-2024-43869

10 месяцев назад

In the Linux kernel, the following vulnerability has been resolved: p ...

EPSS: Низкий

GHSA-9vrp-98c8-qqx8

10 месяцев назад

EPSS: Низкий

BDU:2025-01731

12 месяцев назад

Уязвимость компонента perf ядра операционной системы Linux, позволяющая нарушителю вызвать отказ в обслуживании

CVSS3: 5.5

EPSS: Низкий

ROS-20250204-01

5 месяцев назад

Множественные уязвимости kernel-lt

CVSS3: 7.8

EPSS: Низкий

SUSE-SU-2025:01965-1

3 дня назад

Security update for the Linux Kernel

EPSS: Низкий

SUSE-SU-2025:01964-1

3 дня назад

Security update for the Linux Kernel

EPSS: Низкий

SUSE-SU-2025:01919-1

8 дней назад

Security update for the Linux Kernel

EPSS: Низкий

ELSA-2024-9315

7 месяцев назад

ELSA-2024-9315: kernel security update (MODERATE)

EPSS: Низкий

Уязвимостей на страницу

Уязвимость	CVSS	EPSS	Опубликовано
CVE-2024-43869 In the Linux kernel, the following vulnerability has been resolved: perf: Fix event leak upon exec and file release The perf pending task work is never waited upon the matching event release. In the case of a child event, released via free_event() directly, this can potentially result in a leaked event, such as in the following scenario that doesn't even require a weak IRQ work implementation to trigger: schedule() prepare_task_switch() =======> <NMI> perf_event_overflow() event->pending_sigtrap = ... irq_work_queue(&event->pending_irq) <======= </NMI> perf_event_task_sched_out() event_sched_out() event->pending_sigtrap = 0; atomic_long_inc_not_zero(&event->refcount) task_work_add(&event->pending_task) finish_lock_switch() =======> <IRQ> perf_pending_irq() //do nothing, rely on pending task work <======= </IRQ> begin_new_exec() perf_event_exit_task() perf_event_exit_event() // If is child event free_event() WARN(atomic_long_cmpxchg(&event->refcount, 1, 0) != 1) // event is leake...		0% Низкий	10 месяцев назад
CVE-2024-43869 In the Linux kernel, the following vulnerability has been resolved: perf: Fix event leak upon exec and file release The perf pending task work is never waited upon the matching event release. In the case of a child event, released via free_event() directly, this can potentially result in a leaked event, such as in the following scenario that doesn't even require a weak IRQ work implementation to trigger: schedule() prepare_task_switch() =======> <NMI> perf_event_overflow() event->pending_sigtrap = ... irq_work_queue(&event->pending_irq) <======= </NMI> perf_event_task_sched_out() event_sched_out() event->pending_sigtrap = 0; atomic_long_inc_not_zero(&event->refcount) task_work_add(&event->pending_task) finish_lock_switch() =======> <IRQ> perf_pending_irq() //do nothing, rely on pending task work <======= </IRQ> begin_new_exec() perf_event_exit_task() perf_event_exit_event() // If is child event free_event() WARN(atomic_long_cmpxchg(&event->refcount, 1, 0) != 1) // event is leaked Si...	CVSS3: 6.1	0% Низкий	10 месяцев назад
CVE-2024-43869 In the Linux kernel, the following vulnerability has been resolved: perf: Fix event leak upon exec and file release The perf pending task work is never waited upon the matching event release. In the case of a child event, released via free_event() directly, this can potentially result in a leaked event, such as in the following scenario that doesn't even require a weak IRQ work implementation to trigger: schedule() prepare_task_switch() =======> <NMI> perf_event_overflow() event->pending_sigtrap = ... irq_work_queue(&event->pending_irq) <======= </NMI> perf_event_task_sched_out() event_sched_out() event->pending_sigtrap = 0; atomic_long_inc_not_zero(&event->refcount) task_work_add(&event->pending_task) finish_lock_switch() =======> <IRQ> perf_pending_irq() //do nothing, rely on pending task work <======= </IRQ> begin_new_exec() perf_event_exit_task() perf_event_exit_event()		0% Низкий	10 месяцев назад
CVE-2024-43869 In the Linux kernel, the following vulnerability has been resolved: p ...		0% Низкий	10 месяцев назад
GHSA-9vrp-98c8-qqx8 In the Linux kernel, the following vulnerability has been resolved: perf: Fix event leak upon exec and file release The perf pending task work is never waited upon the matching event release. In the case of a child event, released via free_event() directly, this can potentially result in a leaked event, such as in the following scenario that doesn't even require a weak IRQ work implementation to trigger: schedule() prepare_task_switch() =======> <NMI> perf_event_overflow() event->pending_sigtrap = ... irq_work_queue(&event->pending_irq) <======= </NMI> perf_event_task_sched_out() event_sched_out() event->pending_sigtrap = 0; atomic_long_inc_not_zero(&event->refcount) task_work_add(&event->pending_task) finish_lock_switch() =======> <IRQ> perf_pending_irq() //do nothing, rely on pending task work <======= </IRQ> begin_new_exec() perf_event_exit_task() perf_event_exit_event() ...		0% Низкий	10 месяцев назад
BDU:2025-01731 Уязвимость компонента perf ядра операционной системы Linux, позволяющая нарушителю вызвать отказ в обслуживании	CVSS3: 5.5	0% Низкий	12 месяцев назад
ROS-20250204-01 Множественные уязвимости kernel-lt	CVSS3: 7.8		5 месяцев назад
SUSE-SU-2025:01965-1 Security update for the Linux Kernel			3 дня назад
SUSE-SU-2025:01964-1 Security update for the Linux Kernel			3 дня назад
SUSE-SU-2025:01919-1 Security update for the Linux Kernel			8 дней назад
ELSA-2024-9315 ELSA-2024-9315: kernel security update (MODERATE)			7 месяцев назад

Уязвимостей на страницу