Steven Rostedt - Security Researcher - Exploit Intelligence Platform

CVE-2013-2930 WRITEUP WRITEUP

Linux kernel <3.12.2 - Local Info Disclosure

The perf_trace_event_perm function in kernel/trace/trace_event_perf.c in the Linux kernel before 3.12.2 does not properly restrict access to the perf subsystem, which allows local users to enable function tracing via a crafted application.

View Code

CVE-2016-9754 WRITEUP HIGH WRITEUP

Linux Kernel < 3.10.102 - Integer Overflow

The ring_buffer_resize function in kernel/trace/ring_buffer.c in the profiling subsystem in the Linux kernel before 4.6.1 mishandles certain integer calculations, which allows local users to gain privileges by writing to the /sys/kernel/debug/tracing/buffer_size_kb file.

CVSS 7.8

View Code

CVE-2019-19072 WRITEUP MEDIUM WRITEUP

Linux kernel <5.3.11 - DoS

A memory leak in the predicate_parse() function in kernel/trace/trace_events_filter.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption), aka CID-96c5c6e6a5b6.

CVSS 4.4

View Code