Shuai Xue

**Name of the Vulnerable Software and Affected Versions** Linux kernel (affected versions not specified) **Description** The issue is related to the perf/core component of the Linux kernel, where a large AUX area request can cause the system to fail with a "Cannot allocate memory" error, revealing a WARNING with alloc pages(). This occurs when the size of the pointer array `rb->aux pages` crosses the limitation set by MAX ORDER. The allocated page for this array is physically contiguous and virtually contiguous with an order of 0..MAX ORDER. Technical details about exploitation include: - The `rb alloc aux` function is involved in the allocation of the `rb->aux pages` array. - The `perf mmap` function is used to map the AUX area into memory. - The `/usr/bin/perf record` command with a large AUX area can trigger the issue, for example: `#perf record -C 0 -m ,4G -e arm spe 0// -- sleep 1`. - The ` alloc pages` function is where the WARNING is triggered. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.