[Forgot Password]
Login  Register Subscribe

30479

 
 

423868

 
 

248149

 
 

909

 
 

194803

 
 

282

 
Paid content will be excluded from the download.


Download | Alert*
CVE
view JSON

CVE-2013-2930Date: (C)2013-12-10   (M)2024-04-19


The perf_trace_event_perm function in kernel/trace/trace_event_perf.c in the Linux kernel before 3.12.2 does not properly restrict access to the perf subsystem, which allows local users to enable function tracing via a crafted application.

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V2 Severity:
CVSS Score : 3.6
Exploit Score: 3.9
Impact Score: 4.9
 
CVSS V2 Metrics:
Access Vector: LOCAL
Access Complexity: LOW
Authentication: NONE
Confidentiality: PARTIAL
Integrity: PARTIAL
Availability: NONE
  
Reference:
RHSA-2014:0100
USN-2068-1
USN-2070-1
USN-2071-1
USN-2072-1
USN-2074-1
USN-2075-1
USN-2076-1
USN-2112-1
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=12ae030d54ef250706da5642fc7697cc60ad0df7
http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.12.2
https://github.com/torvalds/linux/commit/12ae030d54ef250706da5642fc7697cc60ad0df7

CPE    274
cpe:/o:linux:linux_kernel:3.0.40
cpe:/o:linux:linux_kernel:3.1.10
cpe:/o:linux:linux_kernel:3.0.42
cpe:/o:linux:linux_kernel:3.0.41
...
CWE    1
CWE-264
OVAL    10
oval:org.secpod.oval:def:701530
oval:org.secpod.oval:def:1500682
oval:org.secpod.oval:def:701533
oval:org.secpod.oval:def:701531
...

© SecPod Technologies