CyberSec.Space Logo
返回 CVE 瀏覽器

CVE-2013-2094

Known Exploited (CISA KEV)HIGH
8.4
CVSS Severity Score
EPSS Score60.3810%
EPSS Percentile94.11th
Published2013年5月14日
Last Modified2026年4月22日

Vulnerability Description

The perf_swevent_init function in kernel/events/core.c in the Linux kernel before 3.8.9 uses an incorrect integer data type, which allows local users to gain privileges via a crafted perf_event_open system call.

Affected Platforms (CPE)

💻
Linux

Linux Kernel

< 3.0.75
💻
Linux

Linux Kernel

>= 3.1 and < 3.2.45
💻
Linux

Linux Kernel

>= 3.3 and < 3.4.42
💻
Linux

Linux Kernel

>= 3.5 and < 3.8.9

References & Advisories

🔗 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=8176cced706b5e5d15887584150764894e94e02f
🔗 http://lists.centos.org/pipermail/centos-announce/2013-May/019729.html
🔗 http://lists.centos.org/pipermail/centos-announce/2013-May/019733.html
🔗 http://lists.opensuse.org/opensuse-security-announce/2013-05/msg00008.html
🔗 http://lists.opensuse.org/opensuse-security-announce/2013-05/msg00018.html
🔗 http://lists.opensuse.org/opensuse-security-announce/2013-06/msg00005.html
🔗 http://lists.opensuse.org/opensuse-security-announce/2013-06/msg00009.html
🔗 http://lists.opensuse.org/opensuse-security-announce/2013-06/msg00017.html

相關漏洞威脅

CVE-2000-074710.0

The logrotate script for OpenLDAP before 1.2.11 in Conectiva Linux sends an improper signal to the kernel log daemon (klogd) and k...

CVE-2002-157210.0

Signed integer overflow in the bttv_read function in the bttv driver (bttv-driver.c) in Linux kernel before 2.4.20 has unknown imp...

CVE-2000-050610.0

The "capabilities" feature in Linux before 2.2.16 allows local users to cause a denial of service or gain privileges by setting th...

CVE-2002-157310.0

Unspecified vulnerability in the pcilynx ieee1394 firewire driver (pcilynx.c) in Linux kernel before 2.4.20 has unknown impact and...