Integer Data Type Vulnerability in perf_swevent_init Function

Integer Data Type Vulnerability in perf_swevent_init Function

CVE-2013-2094 · HIGH Severity

AV:L/AC:L/AU:N/C:C/I:C/A:C

The perf_swevent_init function in kernel/events/core.c in the Linux kernel before 3.8.9 uses an incorrect integer data type, which allows local users to gain privileges via a crafted perf_event_open system call.

Learn more about our Cis Benchmark Audit For Distribution Independent Linux.