CVE-2009-3234

Linux Kernel 2.6.31-rc1 - Buffer Overflow via perf_counter_open System Call

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2009-3234. PoCs published by Xiao Guangrong.

AI-analyzed exploit summary This is a writeup describing a local buffer overflow vulnerability in the Linux kernel versions 2.6.31-rc1 through 2.6.31. The vulnerability allows local attackers to execute arbitrary code with elevated privileges or cause a denial of service.

Description

Buffer overflow in the perf_copy_attr function in kernel/perf_counter.c in the Linux kernel 2.6.31-rc1 allows local users to cause a denial of service (crash) and execute arbitrary code via a "big size data" to the perf_counter_open system call.

Exploits (1)

exploitdb WRITEUP VERIFIED
by Xiao Guangrong · textdoslinux
https://www.exploit-db.com/exploits/33228

This is a writeup describing a local buffer overflow vulnerability in the Linux kernel versions 2.6.31-rc1 through 2.6.31. The vulnerability allows local attackers to execute arbitrary code with elevated privileges or cause a denial of service.

Classification
Writeup 90%
Attack Type
Lpe
Complexity
Moderate
Reliability
Theoretical
Target: Linux Kernel 2.6.31-rc1 through 2.6.31
Auth required
Prerequisites: Local access to the target system
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (4)

Core 4
Core References
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/36423
Exploit mailing-list x_refsource_mlist
http://article.gmane.org/gmane.linux.kernel/890654
Mailing List mailing-list x_refsource_mlist
http://www.openwall.com/lists/oss-security/2009/09/17/13
Mailing List mailing-list x_refsource_mlist
http://www.openwall.com/lists/oss-security/2009/09/16/1

Scores

EPSS 0.0086
EPSS Percentile 75.2%

Details

CWE
CWE-119
Status published
Products (1)
linux/linux_kernel 2.6.31 rc1
Published Sep 17, 2009
Tracked Since Feb 18, 2026