Vulnetix
Try Vulnetix Request Demo
CVE-2019-3901 PUBLISHED

A race condition in perf_event_open() allows local attackers to leak sensitive data from setuid programs. As no relevant locks (in particular the cred_guard_mutex) are held during the ptrace_may_access() call, it is possible for the specified target task to perform an execve() syscall with setuid execution before perf_event_alloc() actually attaches to it, allowing an attacker to bypass the ptrace_may_access() check and the perf_event_exit_task(current) call that is performed in install_exec_creds() during privileged execve() calls. This issue affects kernel versions before 4.8.

EPSS 0.07% · 20.9th percentile

Risk Scores

EPSS Score
0.07%
20.9th percentile

Affected Products

VendorProductVersions
Ubuntu:24.04:LTSlinux-raspi-realtime0, 6.8.0-2019.20
Ubuntu:Pro:14.04:LTSlinux3.13.0-17.37, 3.13.0-18.38, 3.13.0-19.39
Ubuntu:14.04:LTSlinux-lts-xenial4.4.0-24.43~14.04.1, 4.4.0-22.40~14.04.1, 4.4.0-13.29~14.04.1
Ubuntu:24.04:LTSlinux-hwe-6.116.11.0-28.28~24.04.1, 6.11.0-29.29~24.04.1, 6.11.0-17.17~24.04.2
Ubuntu:22.04:LTSlinux-riscv5.15.0-1019.22, 5.15.0-1018.21, 5.15.0-1017.19
Ubuntu:20.04:LTSlinux-raspi20, 5.3.0-1007.8, 5.3.0-1014.16
Ubuntu:16.04:LTSlinux4.4.0-12.28, 4.4.0-13.29, 4.4.0-14.30
Ubuntu:16.04:LTSlinux-raspi24.4.0-1010.13, 4.4.0-1009.10, 4.4.0-1004.5
Ubuntu:22.04:LTSlinux-intel-iot-realtime0, 5.15.0-1073.75
Ubuntu:24.04:LTSlinux-gcp-6.116.11.0-1011.11~24.04.1, 6.11.0-1006.6~24.04.2, 0
Ubuntu:16.04:LTSlinux-snapdragon4.4.0-1015.18, 4.4.0-1013.14, 4.4.0-1012.12
Ubuntu:24.04:LTSlinux-azure-6.116.11.0-1018.18~24.04.1, 6.11.0-1017.17~24.04.1, 6.11.0-1015.15~24.04.1
Ubuntu:22.04:LTSlinux-realtime5.15.0-1032.35, 0
Ubuntu:Pro:20.04:LTSlinux-azure-fde-5.155.15.0-1054.62~20.04.1.1, 0, 5.15.0-1019.24~20.04.1.1
Ubuntu:24.04:LTSlinux-lowlatency-hwe-6.116.11.0-1014.15~24.04.1, 6.11.0-1013.14~24.04.1, 6.11.0-1012.13~24.04.1
Ubuntu:20.04:LTSlinux-gkeop-5.155.15.0-1052.59~20.04.1, 0, 5.15.0-1003.5~20.04.2
Ubuntu:20.04:LTSlinux-gkeop5.4.0-1077.81, 5.4.0-1078.82, 5.4.0-1079.83
Ubuntu:20.04:LTSlinux-riscv5.4.0-26.30, 5.4.0-27.31, 5.4.0-28.32
Ubuntu:20.04:LTSlinux-gke5.4.0-1076.82, 5.4.0-1074.79, 5.4.0-1072.77
Ubuntu:20.04:LTSlinux-azure-fde5.4.0-1086.91+cvm1.1, 5.4.0-1085.90+cvm2.1, 5.4.0-1085.90+cvm1.1

Timeline

References

Open in Interactive Console →