Linux Kernel Race Condition Vulnerability in Performance Event Handling

A race condition vulnerability has been identified in the Linux kernel's performance event handling. This issue arises in the 'perf_event_overflow' function, where interrupts should be disabled to prevent conflicts with the 'perf_remove_from_context' function. The vulnerability allows 'perf_event_exit_event' to free resources that 'perf_event_overflow' relies on, such as the BPF program. The problem occurs because software events can trigger 'perf_event_overflow' with only preemption disabled, leaving it vulnerable to interference.

Impact

Exploitation of this vulnerability can lead to a race condition that disrupts the normal handling of performance events, potentially causing inconsistencies or errors in event processing.

Reproduction

The vulnerability can be reproduced by creating a performance event that is configured to generate overflow conditions, such as a software event that is only preemption-disabled. This can be done by setting up a BPF program that interacts with performance events and allows 'perf_event_exit_event' to remove the event while it is being processed, creating a race condition.

Remediation

Users can upgrade to the latest version of the Linux kernel where this vulnerability has been addressed.