Linux Kernel SIGTRAP Handling Vulnerability in perf Event Management

A vulnerability in the Linux kernel's perf event management has been addressed, specifically related to the handling of SIGTRAP signals. The issue arose because the __perf_event_overflow() function did not adequately check for pending SIGTRAP signals before returning to user space. This oversight could allow certain events to interrupt the process before the SIGTRAP was properly handled, potentially leading to missed signals and improper event management. The vulnerability was identified in the context of software performance events, particularly those related to CPU clock counting.

Impact

The vulnerability could lead to improper handling of performance events, causing missed SIGTRAP signals which are crucial for event management in user space applications. This could disrupt the intended performance monitoring and event handling processes.

Reproduction

The vulnerability can be reproduced by creating a performance event of type PERF_TYPE_SOFTWARE with the configuration PERF_COUNT_SW_CPU_CLOCK. This event can be set to trigger before the associated IRQ work has a chance to run, all while not having returned to user space, thereby causing the __perf_event_overflow() function to issue a warning about the missed SIGTRAP.

Remediation

Users should upgrade to the latest stable version of the Linux kernel where this vulnerability has been addressed.