CVE-2013-4254

Linux Kernel < 3.10.8 - Privilege Escalation via ARM Perf Event Validation

Title source: llm
STIX 2.1

Description

The validate_event function in arch/arm/kernel/perf_event.c in the Linux kernel before 3.10.8 on the ARM platform allows local users to gain privileges or cause a denial of service (NULL pointer dereference and system crash) by adding a hardware event to an event group led by a software event.

References (14)

Core 14
Core References
Vendor Advisory vendor-advisory x_refsource_ubuntu
http://www.ubuntu.com/usn/USN-1970-1
Third Party Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/54494
Vendor Advisory vendor-advisory x_refsource_ubuntu
http://www.ubuntu.com/usn/USN-1975-1
Vendor Advisory vendor-advisory x_refsource_ubuntu
http://www.ubuntu.com/usn/USN-1971-1
Vendor Advisory vendor-advisory x_refsource_ubuntu
http://www.ubuntu.com/usn/USN-1968-1
Vendor Advisory vendor-advisory x_refsource_ubuntu
http://www.ubuntu.com/usn/USN-1969-1
Issue Tracking x_refsource_confirm
https://bugzilla.redhat.com/show_bug.cgi?id=998878
Vendor Advisory vendor-advisory x_refsource_ubuntu
http://www.ubuntu.com/usn/USN-1973-1
Vendor Advisory vendor-advisory x_refsource_ubuntu
http://www.ubuntu.com/usn/USN-1974-1
Mailing List mailing-list x_refsource_mlist
http://www.openwall.com/lists/oss-security/2013/08/16/6
Vendor Advisory vendor-advisory x_refsource_ubuntu
http://www.ubuntu.com/usn/USN-1972-1

Scores

EPSS 0.0043
EPSS Percentile 34.2%

Details

CWE
CWE-20
Status published
Products (8)
linux/linux_kernel 3.10.0
linux/linux_kernel 3.10.1
linux/linux_kernel 3.10.2
linux/linux_kernel 3.10.3
linux/linux_kernel 3.10.4
linux/linux_kernel 3.10.5
linux/linux_kernel 3.10.6
linux/linux_kernel < 3.10.7
Published Aug 25, 2013
Tracked Since Feb 18, 2026