Skip to main content
CVE-2013-2094 HIGH POC KEV PATCH THREAT Act Now

The perf_swevent_init function in kernel/events/core.c in the Linux kernel before 3.8.9 uses an incorrect integer data type, which allows local users to gain privileges via a crafted perf_event_open. Rated high severity (CVSS 8.4), this vulnerability is no authentication required, low attack complexity. Actively exploited in the wild (cisa kev) and public exploit code available.

Information Disclosure Linux
NVD Exploit-DB GitHub VulDB
CVSS 3.1
8.4
EPSS
65.9%
Threat
6.7

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy