Linux Kernel Race Condition Vulnerability in perf Event Handling

A race condition vulnerability has been identified in the Linux kernel's perf subsystem, specifically between the functions perf_event_set_output() and perf_mmap_close(). This vulnerability allows for improper synchronization when managing event output and memory mapping, potentially leading to a denial-of-service condition. The issue arises when one CPU thread closes a memory mapping for a perf event while another thread is in the process of setting the output for a different event. This can cause the second event to become attached to an unmapped resource, leading to an infinite loop in subsequent memory mapping operations.

Impact

Exploitation of this vulnerability causes a deadlock situation, where the system gets stuck in a loop, unable to complete a memory mapping operation due to improper event detachment.

Remediation

The vulnerability has been addressed by modifying the perf_event_set_output() function to acquire the necessary locks for both the output and the memory mapping, ensuring proper synchronization. Users should upgrade to the latest version of the Linux kernel where this fix has been applied.