{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-22T23:30:43.050","vulnerabilities":[{"cve":{"id":"CVE-2023-54303","sourceIdentifier":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","published":"2025-12-30T13:16:19.437","lastModified":"2026-04-15T00:35:42.020","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: Disable preemption in bpf_perf_event_output\n\nThe nesting protection in bpf_perf_event_output relies on disabled\npreemption, which is guaranteed for kprobes and tracepoints.\n\nHowever bpf_perf_event_output can be also called from uprobes context\nthrough bpf_prog_run_array_sleepable function which disables migration,\nbut keeps preemption enabled.\n\nThis can cause task to be preempted by another one inside the nesting\nprotection and lead eventually to two tasks using same perf_sample_data\nbuffer and cause crashes like:\n\n  kernel tried to execute NX-protected page - exploit attempt? (uid: 0)\n  BUG: unable to handle page fault for address: ffffffff82be3eea\n  ...\n  Call Trace:\n   ? __die+0x1f/0x70\n   ? page_fault_oops+0x176/0x4d0\n   ? exc_page_fault+0x132/0x230\n   ? asm_exc_page_fault+0x22/0x30\n   ? perf_output_sample+0x12b/0x910\n   ? perf_event_output+0xd0/0x1d0\n   ? bpf_perf_event_output+0x162/0x1d0\n   ? bpf_prog_c6271286d9a4c938_krava1+0x76/0x87\n   ? __uprobe_perf_func+0x12b/0x540\n   ? uprobe_dispatcher+0x2c4/0x430\n   ? uprobe_notify_resume+0x2da/0xce0\n   ? atomic_notifier_call_chain+0x7b/0x110\n   ? exit_to_user_mode_prepare+0x13e/0x290\n   ? irqentry_exit_to_user_mode+0x5/0x30\n   ? asm_exc_int3+0x35/0x40\n\nFixing this by disabling preemption in bpf_perf_event_output."},{"lang":"es","value":"En el kernel de Linux, la siguiente vulnerabilidad ha sido resuelta:\n\nbpf: Deshabilitar la preferencia en bpf_perf_event_output\n\nLa protección de anidamiento en bpf_perf_event_output se basa en la preferencia deshabilitada, lo cual está garantizado para kprobes y tracepoints.\n\nSin embargo, bpf_perf_event_output también puede ser llamado desde el contexto de uprobes a través de la función bpf_prog_run_array_sleepable que deshabilita la migración, pero mantiene la preferencia habilitada.\n\nEsto puede causar que una tarea sea preferida por otra dentro de la protección de anidamiento y eventualmente llevar a que dos tareas usen el mismo búfer perf_sample_data y causen fallos como:\n\n  el kernel intentó ejecutar una página protegida por NX - ¿intento de exploit? (uid: 0)\n  BUG: no se puede manejar el fallo de página para la dirección: ffffffff82be3eea\n  ...\n  Rastro de Llamada:\n   ? __die+0x1f/0x70\n   ? page_fault_oops+0x176/0x4d0\n   ? exc_page_fault+0x132/0x230\n   ? asm_exc_page_fault+0x22/0x30\n   ? perf_output_sample+0x12b/0x910\n   ? perf_event_output+0xd0/0x1d0\n   ? bpf_perf_event_output+0x162/0x1d0\n   ? bpf_prog_c6271286d9a4c938_krava1+0x76/0x87\n   ? __uprobe_perf_func+0x12b/0x540\n   ? uprobe_dispatcher+0x2c4/0x430\n   ? uprobe_notify_resume+0x2da/0xce0\n   ? atomic_notifier_call_chain+0x7b/0x110\n   ? exit_to_user_mode_prepare+0x13e/0x290\n   ? irqentry_exit_to_user_mode+0x5/0x30\n   ? asm_exc_int3+0x35/0x40\n\nEsto se soluciona deshabilitando la preferencia en bpf_perf_event_output."}],"metrics":{},"references":[{"url":"https://git.kernel.org/stable/c/3654ed5daf492463c3faa434c7000d45c2da2ace","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67"},{"url":"https://git.kernel.org/stable/c/a0ac32cf61e5a76e2429e486925a52ee41dd75e3","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67"},{"url":"https://git.kernel.org/stable/c/f2c67a3e60d1071b65848efaa8c3b66c363dd025","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67"}]}}]}