CVE-2013-2094: Linux Kernel Privilege Escalation Vulnerability. Linux

Linux Kernel Privilege Escalation Vulnerability. Linux kernel fails to check all 64 bits of attr.config passed by user space, resulting to out-of-bounds access of the perf_swevent_enabled array in sw_perf_event_destroy(). Explotation allows for privilege escalation.

• CISA KEV-listed (remediation due 2022-10-06)
• EPSS 65.9% (98.5% percentile)

Browse the CVE database

Read the full analysis on IntelFusions