Lucene search

K
veracodeVeracode Vulnerability DatabaseVERACODE:24897
HistoryApr 10, 2020 - 1:08 a.m.

Privilege Escalation

2020-04-1001:08:20
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
12

EPSS

0

Percentile

5.1%

kernel is vulnerable to privilege escalation. The vulnerability exists as it was found that the perf tool, a part of the Linux kernel’s Performance Events implementation, could load its configuration file from the current working directory. If a local user with access to the perf tool were tricked into running perf in a directory that contains a specially-crafted configuration file, it could cause perf to overwrite arbitrary files and directories accessible to that user.