|Created||Wed May 25 19:31:41 2022|
A use-after-free flaw was found in the Linux kernel’s performance events functionality. A user triggers a race condition in setting up performance...
By default, for linux-hardened, an unprivileged user can't trigger an attack. To prevent the possibility of an unprivileged users' attack, set kernel.perf_event_paranoid to the value 3. To confirm the current state, inspect the sysctl with the command: cat /proc/sys/kernel/perf_event_paranoid The setting >=3 would mean that unprivileged users can not use performance events, mitigating the flaw.