exploitDog - Комплексное решение для обнаружения, оценки и устранения уязвимостей.

БДУ ФСТЭК

Microsoft MSRC

NVD

Oracle ELSA

Red Hat CVE

РЕД ОС

Rocky RLSA

SUSE CVRF

Ubuntu

Debian

Github

Количество 13

CVE-2024-43870

10 месяцев назад

In the Linux kernel, the following vulnerability has been resolved: perf: Fix event leak upon exit When a task is scheduled out, pending sigtrap deliveries are deferred to the target task upon resume to userspace via task_work. However failures while adding an event's callback to the task_work engine are ignored. And since the last call for events exit happen after task work is eventually closed, there is a small window during which pending sigtrap can be queued though ignored, leaking the event refcount addition such as in the following scenario: TASK A ----- do_exit() exit_task_work(tsk); <IRQ> perf_event_overflow() event->pending_sigtrap = pending_id; irq_work_queue(&event->pending_irq); </IRQ> =========> PREEMPTION: TASK A -> TASK B event_sched_out() event->pending_sigtrap = 0; atomic_long_inc_not_zero(&event->refcount) // FAILS: task work has exited task_work_add(&event->pending_task) [...] <IRQ WORK> perf_pending_irq() // early return: event->oncpu = -1 </IRQ WORK> [...]...

EPSS: Низкий

CVE-2024-43870

10 месяцев назад

CVSS3: 5.1

EPSS: Низкий

CVE-2024-43870

10 месяцев назад

EPSS: Низкий

CVE-2024-43870

10 месяцев назад

In the Linux kernel, the following vulnerability has been resolved: p ...

EPSS: Низкий

GHSA-24f8-f4wm-56gg

10 месяцев назад

EPSS: Низкий

BDU:2025-01934

12 месяцев назад

Уязвимость компонента perf ядра операционной системы Linux, позволяющая нарушителю вызвать отказ в обслуживании

CVSS3: 5.5

EPSS: Низкий

ROS-20250205-02

4 месяца назад

Множественные уязвимости kernel-lt

CVSS3: 7.8

EPSS: Низкий

SUSE-SU-2024:3553-1

8 месяцев назад

Security update for the Linux Kernel

EPSS: Низкий

SUSE-SU-2024:3564-1

8 месяцев назад

Security update for the Linux Kernel

EPSS: Низкий

SUSE-SU-2024:3561-1

8 месяцев назад

Security update for the Linux Kernel

EPSS: Низкий

SUSE-SU-2024:3551-1

8 месяцев назад

Security update for the Linux Kernel

EPSS: Низкий

ELSA-2024-12815

7 месяцев назад

ELSA-2024-12815: Unbreakable Enterprise kernel security update (IMPORTANT)

EPSS: Низкий

ELSA-2024-9315

7 месяцев назад

ELSA-2024-9315: kernel security update (MODERATE)

EPSS: Низкий

Уязвимостей на страницу

Уязвимость	CVSS	EPSS	Опубликовано
CVE-2024-43870 In the Linux kernel, the following vulnerability has been resolved: perf: Fix event leak upon exit When a task is scheduled out, pending sigtrap deliveries are deferred to the target task upon resume to userspace via task_work. However failures while adding an event's callback to the task_work engine are ignored. And since the last call for events exit happen after task work is eventually closed, there is a small window during which pending sigtrap can be queued though ignored, leaking the event refcount addition such as in the following scenario: TASK A ----- do_exit() exit_task_work(tsk); <IRQ> perf_event_overflow() event->pending_sigtrap = pending_id; irq_work_queue(&event->pending_irq); </IRQ> =========> PREEMPTION: TASK A -> TASK B event_sched_out() event->pending_sigtrap = 0; atomic_long_inc_not_zero(&event->refcount) // FAILS: task work has exited task_work_add(&event->pending_task) [...] <IRQ WORK> perf_pending_irq() // early return: event->oncpu = -1 </IRQ WORK> [...]...		0% Низкий	10 месяцев назад
CVE-2024-43870 In the Linux kernel, the following vulnerability has been resolved: perf: Fix event leak upon exit When a task is scheduled out, pending sigtrap deliveries are deferred to the target task upon resume to userspace via task_work. However failures while adding an event's callback to the task_work engine are ignored. And since the last call for events exit happen after task work is eventually closed, there is a small window during which pending sigtrap can be queued though ignored, leaking the event refcount addition such as in the following scenario: TASK A ----- do_exit() exit_task_work(tsk); <IRQ> perf_event_overflow() event->pending_sigtrap = pending_id; irq_work_queue(&event->pending_irq); </IRQ> =========> PREEMPTION: TASK A -> TASK B event_sched_out() event->pending_sigtrap = 0; atomic_long_inc_not_zero(&event->refcount) // FAILS: task work has exited task_work_add(&event->pending_task) [...] <IRQ WORK> perf_pending_irq() // early return: event->oncpu = -1 </IRQ WORK> [...] =====...	CVSS3: 5.1	0% Низкий	10 месяцев назад
CVE-2024-43870 In the Linux kernel, the following vulnerability has been resolved: perf: Fix event leak upon exit When a task is scheduled out, pending sigtrap deliveries are deferred to the target task upon resume to userspace via task_work. However failures while adding an event's callback to the task_work engine are ignored. And since the last call for events exit happen after task work is eventually closed, there is a small window during which pending sigtrap can be queued though ignored, leaking the event refcount addition such as in the following scenario: TASK A ----- do_exit() exit_task_work(tsk); <IRQ> perf_event_overflow() event->pending_sigtrap = pending_id; irq_work_queue(&event->pending_irq); </IRQ> =========> PREEMPTION: TASK A -> TASK B event_sched_out() event->pending_sigtrap = 0; atomic_long_inc_not_zero(&event->refcount) // FAILS: task work has exited task_work_add(&e		0% Низкий	10 месяцев назад
CVE-2024-43870 In the Linux kernel, the following vulnerability has been resolved: p ...		0% Низкий	10 месяцев назад
GHSA-24f8-f4wm-56gg In the Linux kernel, the following vulnerability has been resolved: perf: Fix event leak upon exit When a task is scheduled out, pending sigtrap deliveries are deferred to the target task upon resume to userspace via task_work. However failures while adding an event's callback to the task_work engine are ignored. And since the last call for events exit happen after task work is eventually closed, there is a small window during which pending sigtrap can be queued though ignored, leaking the event refcount addition such as in the following scenario: TASK A ----- do_exit() exit_task_work(tsk); <IRQ> perf_event_overflow() event->pending_sigtrap = pending_id; irq_work_queue(&event->pending_irq); </IRQ> =========> PREEMPTION: TASK A -> TASK B event_sched_out() event->pending_sigtrap = 0; atomic_long_inc_not_zero(&event->refcount) // FAILS: task work has exited task_work_add...		0% Низкий	10 месяцев назад
BDU:2025-01934 Уязвимость компонента perf ядра операционной системы Linux, позволяющая нарушителю вызвать отказ в обслуживании	CVSS3: 5.5	0% Низкий	12 месяцев назад
ROS-20250205-02 Множественные уязвимости kernel-lt	CVSS3: 7.8		4 месяца назад
SUSE-SU-2024:3553-1 Security update for the Linux Kernel			8 месяцев назад
SUSE-SU-2024:3564-1 Security update for the Linux Kernel			8 месяцев назад
SUSE-SU-2024:3561-1 Security update for the Linux Kernel			8 месяцев назад
SUSE-SU-2024:3551-1 Security update for the Linux Kernel			8 месяцев назад
ELSA-2024-12815 ELSA-2024-12815: Unbreakable Enterprise kernel security update (IMPORTANT)			7 месяцев назад
ELSA-2024-9315 ELSA-2024-9315: kernel security update (MODERATE)			7 месяцев назад

Уязвимостей на страницу