7.2 High
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:C/I:C/A:C
0.002 Low
EPSS
Percentile
54.5%
The Linux kernel’s Performance Events implementation is susceptible to an out-of-bounds array vulnerability that may be used by a local unprivileged user to escalate privileges.
The Linux kernel’s Performance Events implementation is susceptible to an out-of-bounds array vulnerability that may be used by a local unprivileged user to escalate privileges. Additional analysis of the vulnerability may be found in the Red Hat bug report. A public exploit is available that has been reported to work against some Linux distributions.
A local authenticated user may be able to exploit this vulnerability to escalate privileges.
Apply an Update
Red Hat, Debian, CentOS, and Ubuntu have all released patches. Users should receive the patches through their Linux distributions’ normal update process.
Affected Distributions
* Red Hat Enterprise Linux 6 & Red Hat Enterprise MRG 2
* CentOS 6
* Debian 7.0 (Wheezy)
* Ubuntu 12.04 LTS, 12.10, 13.04
If you are unable to upgrade, please consider the following workaround.
Red Hat has provided mitigation advice in Red Hat Knowledge Solution 373743.
774103
Filter by status: All Affected Not Affected Unknown
Filter by content: __ Additional information available
__ Sort by: Status Alphabetical
Expand all
Javascript is disabled. Click here to view vendors.
Updated: May 17, 2013
Affected
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Updated: May 17, 2013
Affected
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Updated: May 17, 2013
Affected
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Updated: May 17, 2013
Affected
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Updated: May 17, 2013
Unknown
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Updated: May 17, 2013
Unknown
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Updated: May 17, 2013
Unknown
We have not received a statement from the vendor.
We are not aware of further vendor information regarding this vulnerability.
Group | Score | Vector |
---|---|---|
Base | 6.8 | AV:L/AC:L/Au:S/C:C/I:C/A:C |
Temporal | 5.9 | E:ND/RL:OF/RC:C |
Environmental | 4.4 | CDP:ND/TD:M/CR:ND/IR:ND/AR:ND |
Tommi Rantala discovered this vulnerability.
This document was written by Jared Allar.
CVE IDs: | CVE-2013-2094 |
---|---|
Date Public: | 2013-05-14 Date First Published: |
git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=b0a873ebbf87bf38bf70b5e39a7cadc96099fa13
git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/kernel/events/core.c?id=8176cced706b5e5d15887584150764894e94e02f
lists.centos.org/pipermail/centos-announce/2013-May/019729.html
lists.centos.org/pipermail/centos-announce/2013-May/019733.html
lkml.indiana.edu/hypermail/linux/kernel/1304.1/03652.html
packetstormsecurity.com/files/121616/semtex.c
www.debian.org/security/2013/dsa-2669
www.reddit.com/r/netsec/comments/1eb9iw/sdfucksheeporgs_semtexc_local_linux_root_exploit/c9ykrck
www.ubuntu.com/usn/usn-1825-1/
www.ubuntu.com/usn/usn-1826-1/
www.ubuntu.com/usn/usn-1827-1/
www.ubuntu.com/usn/usn-1828-1/
bugzilla.redhat.com/show_bug.cgi?id=962792
bugzilla.redhat.com/show_bug.cgi?id=962792#c16
bugzilla.redhat.com/show_bug.cgi?id=962799
rhn.redhat.com/errata/RHSA-2013-0830.html