CVE-2022-49607

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description A data race has been identified between perf event set output() and perf mmap close() in the Linux kernel. This issue occurs when there is a concurrent execution of these two functions, leading to a potential deadlock situation. The problem arises because the loop in perf mmap close() holds the e2->mmap mutex lock, while the attach in perf event set output() holds the e1->mmap mutex lock, resulting in no serialization to avoid this race. This can cause a subsequent perf mmap() call to loop forever.

Recommendations To alleviate this problem, it is recommended to modify the perf event set output() function to take both e1->mmap mutex and e2->mmap mutex locks. Additionally, the loop in perf mmap() should be modified to detach the rb directly, avoiding the need to wait for the concurrent perf mmap close() to complete. At the moment, there is no information about a newer version that contains a fix for this vulnerability.