CVE-2009-3234

Linux Kernel - Memory Corruption

Title source: rule

Description

Buffer overflow in the perf_copy_attr function in kernel/perf_counter.c in the Linux kernel 2.6.31-rc1 allows local users to cause a denial of service (crash) and execute arbitrary code via a "big size data" to the perf_counter_open system call.

Exploits (1)

exploitdb WRITEUP VERIFIED

by Xiao Guangrong · textdoslinux

https://www.exploit-db.com/exploits/33228

View Code ZIP pw:eip

References (4)

[Exploit] http://article.gmane.org/gmane.linux.kernel/890654

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/36423

[Mailing List] http://www.openwall.com/lists/oss-security/2009/09/16/1

[Mailing List] http://www.openwall.com/lists/oss-security/2009/09/17/13

Scores

EPSS 0.0086

EPSS Percentile 74.7%

Classification

CWE

CWE-119

Status draft

Affected Products (1)

linux/linux_kernel

Timeline

Published Sep 17, 2009

Tracked Since Feb 18, 2026