Aaron Russo

CVE-2013-2094 NOMISEC HIGH WORKING POC

Linux Kernel < 3.0.75 - Local Privilege Escalation via perf_event_open System Call

The perf_swevent_init function in kernel/events/core.c in the Linux kernel before 3.8.9 uses an incorrect integer data type, which allows local users to gain privileges via a crafted perf_event_open system call.

CVSS 8.4

View Code