CVE-2024-43869

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.6.50

Description The Linux kernel has a vulnerability that can cause an event leak upon exec and file release. This occurs when the perf pending task work is never waited upon the matching event release, potentially resulting in a leaked event. The issue can be triggered in scenarios involving child events released via free event() directly, and can also happen with perf event remove on exec() or concurrent perf event release(). The fix involves synchronizing against the possibly remaining pending task work while freeing the event.

Recommendations To resolve the issue, update the Linux kernel to version 6.6.50 or later. As a temporary workaround, consider disabling the perf event functionality until a patch is available. Restrict access to the perf event module to minimize the risk of exploitation. Avoid using the event->pending sigtrap variable in the affected API endpoints until the issue is resolved.