CVE-2024-57941 The advisory has been revoked - it doesn't affect any version of package libperf (opens in a new tab)
Threat Intelligence
The probability is the direct output of the EPSS model, and conveys an overall sense of the threat of exploitation in the wild. The percentile measures the EPSS probability relative to all known EPSS scores. Note: This data is updated daily, relying on the latest available EPSS model version. Check out the EPSS documentation for more details.
Do your applications use this vulnerable package?
In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.
Test your applications- Snyk IDSNYK-ALMALINUX10-LIBPERF-14116197
- published26 Nov 2025
- disclosed11 Nov 2025
Introduced: 11 Nov 2025
CVE-2024-57941 (opens in a new tab)Amendment
The AlmaLinux security team deemed this advisory irrelevant for AlmaLinux:10.
NVD Description
Note: Versions mentioned in the description apply only to the upstream libperf package and not the libperf package as distributed by AlmaLinux.
In the Linux kernel, the following vulnerability has been resolved:
netfs: Fix the (non-)cancellation of copy when cache is temporarily disabled
When the caching for a cookie is temporarily disabled (e.g. due to a DIO write on that file), future copying to the cache for that file is disabled until all fds open on that file are closed. However, if netfslib is using the deprecated PG_private_2 method (such as is currently used by ceph), and decides it wants to copy to the cache, netfs_advance_write() will just bail at the first check seeing that the cache stream is unavailable, and indicate that it dealt with all the content.
This means that we have no subrequests to provide notifications to drive the state machine or even to pin the request and the request just gets discarded, leaving the folios with PG_private_2 set.
Fix this by jumping directly to cancel the request if the cache is not available. That way, we don't remove mark3 from the folio_queue list and netfs_pgpriv2_cancel() will clean up the folios.
This was found by running the generic/013 xfstest against ceph with an active cache and the "-o fsc" option passed to ceph. That would usually hang
References
- https://errata.almalinux.org/10/ALSA-2025-20095.html
- https://access.redhat.com/security/cve/CVE-2024-57941
- https://access.redhat.com/errata/RHSA-2025:20095
- https://git.kernel.org/stable/c/ba37bdfe59fb43e80dd79290340a21864ba4b61e
- https://git.kernel.org/stable/c/d0327c824338cdccad058723a31d038ecd553409