VDB
CVE-2014-3813
CVE-2014-3813
PUBLISHED
CVSS 8.399999618530273 HIGH
The perf_swevent_init function in kernel/events/core.c in the Linux kernel before 3.8.9 uses an incorrect integer data type, which allows local users to gain privileges via a crafted perf_event_open system call.
EPSS 0.49% · 66.0th percentile
Risk Scores
CVSS 3.1
8.399999618530273
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS Score
0.49%
66.0th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| n/a | n/a | n/a |
Exploit Intelligence
- CVE-2013-2596 exploit for android (github-poc)
- CVE-2013-2596 exploit for android (github-poc)
- CVE-2013-2596 exploit for android (github-poc)
- CVE-2013-2596 exploit for android (github-poc)
- letsr00t/CVE-2013-2094 (github-poc)
- letsr00t/CVE-2013-2094 (github-poc)
- letsr00t/CVE-2013-2094 (github-poc)
- letsr00t/CVE-2013-2094 (github-poc)
- perf_swevent_init (github-poc)
- perf_swevent_init (github-poc)
…and 64 more exploits
Timeline
- Jun 11, 2013 PoC Published
- May 31, 2014 PoC Published
- Jun 13, 2014 CVE Published
- Dec 3, 2017 PoC Published
- Feb 4, 2022 EPSS Score
- Mar 29, 2022 EPSS Score
- May 20, 2022 EPSS Score
- Jul 12, 2022 EPSS Score
- Sep 3, 2022 EPSS Score
- Oct 26, 2022 EPSS Score
- Dec 18, 2022 EPSS Score
- Feb 8, 2023 EPSS Score
References
- http://kb.juniper.net/InfoCenter/index?page=content&id=http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10631 advisory
- http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10630 advisory
- http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10628 advisory
- http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10632 advisory
- openSUSE-SU-2013:0847 vendor-advisory
- MDVSA-2013:176 vendor-advisory
- [linux-kernel] 20130413 Re: sw_perf_event_destroy() oops while fuzzing mailing-list
- [linux-kernel] 20130412 sw_perf_event_destroy() oops while fuzzing mailing-list
- [CentOS-announce] 20130517 CESA-2013:0830 Important CentOS 6 kernel Update mailing-list
- USN-1826-1 vendor-advisory
- [linux-kernel] 20130412 Re: sw_perf_event_destroy() oops while fuzzing mailing-list
- USN-1838-1 vendor-advisory
- https://bugzilla.redhat.com/show_bug.cgi?id=962792 url
- https://github.com/torvalds/linux/commit/8176cced706b5e5d15887584150764894e94e02f url
- http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.8.9 url
- USN-1828-1 vendor-advisory
- [CentOS-announce] 20130515 CentOS-6 CVE-2013-2094 Kernel Issue mailing-list
- USN-1827-1 vendor-advisory
- USN-1836-1 vendor-advisory
- 93361 vdb
…and 14 more