Ole

**Name of the Vulnerable Software and Affected Versions** Linux kernel versions prior to 6.10.9 **Description** The issue is related to the serialization of the AUX buffer in the Linux kernel. Specifically, the `event->mmap mutex` is insufficient to serialize the AUX buffer, allowing for potential deserialization issues. This could impact the confidentiality, integrity, and availability of the system. The problem arises from the incorrect lock order of `perf event::mmap mutex` under `mmap lock`. **Recommendations** To resolve the issue, upgrade the Linux kernel to a version newer than 6.10.9. As a temporary workaround, consider restricting access to the vulnerable `perf/aux` component until a patch is applied.