{"containers":{"cna":{"affected":[{"product":"n/a","vendor":"n/a","versions":[{"status":"affected","version":"n/a"}]}],"datePublic":"2013-04-12T00:00:00.000Z","descriptions":[{"lang":"en","value":"The perf_swevent_init function in kernel/events/core.c in the Linux kernel before 3.8.9 uses an incorrect integer data type, which allows local users to gain privileges via a crafted perf_event_open system call."}],"problemTypes":[{"descriptions":[{"description":"n/a","lang":"en","type":"text"}]}],"providerMetadata":{"dateUpdated":"2017-01-04T17:57:01.000Z","orgId":"53f830b8-0a3f-465b-8143-3b8a9948e749","shortName":"redhat"},"references":[{"name":"openSUSE-SU-2013:0847","tags":["vendor-advisory","x_refsource_SUSE"],"url":"http://lists.opensuse.org/opensuse-security-announce/2013-05/msg00018.html"},{"name":"MDVSA-2013:176","tags":["vendor-advisory","x_refsource_MANDRIVA"],"url":"http://www.mandriva.com/security/advisories?name=MDVSA-2013:176"},{"name":"[linux-kernel] 20130413 Re: sw_perf_event_destroy() oops while fuzzing","tags":["mailing-list","x_refsource_MLIST"],"url":"http://lkml.indiana.edu/hypermail/linux/kernel/1304.1/04302.html"},{"name":"[linux-kernel] 20130412 sw_perf_event_destroy() oops while fuzzing","tags":["mailing-list","x_refsource_MLIST"],"url":"http://lkml.indiana.edu/hypermail/linux/kernel/1304.1/03652.html"},{"name":"[CentOS-announce] 20130517 CESA-2013:0830 Important CentOS 6 kernel Update","tags":["mailing-list","x_refsource_MLIST"],"url":"http://lists.centos.org/pipermail/centos-announce/2013-May/019733.html"},{"name":"USN-1826-1","tags":["vendor-advisory","x_refsource_UBUNTU"],"url":"http://www.ubuntu.com/usn/USN-1826-1"},{"name":"[linux-kernel] 20130412 Re: sw_perf_event_destroy() oops while fuzzing","tags":["mailing-list","x_refsource_MLIST"],"url":"http://lkml.indiana.edu/hypermail/linux/kernel/1304.1/03976.html"},{"name":"USN-1838-1","tags":["vendor-advisory","x_refsource_UBUNTU"],"url":"http://www.ubuntu.com/usn/USN-1838-1"},{"tags":["x_refsource_CONFIRM"],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=962792"},{"tags":["x_refsource_CONFIRM"],"url":"https://github.com/torvalds/linux/commit/8176cced706b5e5d15887584150764894e94e02f"},{"tags":["x_refsource_CONFIRM"],"url":"http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.8.9"},{"name":"USN-1828-1","tags":["vendor-advisory","x_refsource_UBUNTU"],"url":"http://www.ubuntu.com/usn/USN-1828-1"},{"name":"[CentOS-announce] 20130515 CentOS-6 CVE-2013-2094 Kernel Issue","tags":["mailing-list","x_refsource_MLIST"],"url":"http://lists.centos.org/pipermail/centos-announce/2013-May/019729.html"},{"name":"USN-1827-1","tags":["vendor-advisory","x_refsource_UBUNTU"],"url":"http://www.ubuntu.com/usn/USN-1827-1"},{"name":"USN-1836-1","tags":["vendor-advisory","x_refsource_UBUNTU"],"url":"http://www.ubuntu.com/usn/USN-1836-1"},{"name":"93361","tags":["vdb-entry","x_refsource_OSVDB"],"url":"http://www.osvdb.org/93361"},{"name":"33589","tags":["exploit","x_refsource_EXPLOIT-DB"],"url":"http://www.exploit-db.com/exploits/33589"},{"name":"RHSA-2013:0830","tags":["vendor-advisory","x_refsource_REDHAT"],"url":"http://rhn.redhat.com/errata/RHSA-2013-0830.html"},{"tags":["x_refsource_MISC"],"url":"http://news.ycombinator.com/item?id=5703758"},{"name":"[oss-security] 20130514 Re: CVE Request: linux kernel perf out-of-bounds access","tags":["mailing-list","x_refsource_MLIST"],"url":"http://www.openwall.com/lists/oss-security/2013/05/14/6"},{"tags":["x_refsource_CONFIRM"],"url":"http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=8176cced706b5e5d15887584150764894e94e02f"},{"name":"SUSE-SU-2013:0819","tags":["vendor-advisory","x_refsource_SUSE"],"url":"http://lists.opensuse.org/opensuse-security-announce/2013-05/msg00008.html"},{"tags":["x_refsource_MISC"],"url":"http://packetstormsecurity.com/files/121616/semtex.c"},{"name":"openSUSE-SU-2013:0925","tags":["vendor-advisory","x_refsource_SUSE"],"url":"http://lists.opensuse.org/opensuse-security-announce/2013-06/msg00005.html"},{"tags":["x_refsource_MISC"],"url":"http://twitter.com/djrbliss/statuses/334301992648331267"},{"tags":["x_refsource_MISC"],"url":"http://www.reddit.com/r/netsec/comments/1eb9iw"},{"name":"openSUSE-SU-2013:1042","tags":["vendor-advisory","x_refsource_SUSE"],"url":"http://lists.opensuse.org/opensuse-security-announce/2013-06/msg00017.html"},{"name":"USN-1825-1","tags":["vendor-advisory","x_refsource_UBUNTU"],"url":"http://www.ubuntu.com/usn/USN-1825-1"},{"name":"openSUSE-SU-2013:0951","tags":["vendor-advisory","x_refsource_SUSE"],"url":"http://lists.opensuse.org/opensuse-security-announce/2013-06/msg00009.html"}]},"adp":[{"providerMetadata":{"orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE","dateUpdated":"2024-08-06T15:27:41.124Z"},"title":"CVE Program Container","references":[{"name":"openSUSE-SU-2013:0847","tags":["vendor-advisory","x_refsource_SUSE","x_transferred"],"url":"http://lists.opensuse.org/opensuse-security-announce/2013-05/msg00018.html"},{"name":"MDVSA-2013:176","tags":["vendor-advisory","x_refsource_MANDRIVA","x_transferred"],"url":"http://www.mandriva.com/security/advisories?name=MDVSA-2013:176"},{"name":"[linux-kernel] 20130413 Re: sw_perf_event_destroy() oops while fuzzing","tags":["mailing-list","x_refsource_MLIST","x_transferred"],"url":"http://lkml.indiana.edu/hypermail/linux/kernel/1304.1/04302.html"},{"name":"[linux-kernel] 20130412 sw_perf_event_destroy() oops while fuzzing","tags":["mailing-list","x_refsource_MLIST","x_transferred"],"url":"http://lkml.indiana.edu/hypermail/linux/kernel/1304.1/03652.html"},{"name":"[CentOS-announce] 20130517 CESA-2013:0830 Important CentOS 6 kernel Update","tags":["mailing-list","x_refsource_MLIST","x_transferred"],"url":"http://lists.centos.org/pipermail/centos-announce/2013-May/019733.html"},{"name":"USN-1826-1","tags":["vendor-advisory","x_refsource_UBUNTU","x_transferred"],"url":"http://www.ubuntu.com/usn/USN-1826-1"},{"name":"[linux-kernel] 20130412 Re: sw_perf_event_destroy() oops while fuzzing","tags":["mailing-list","x_refsource_MLIST","x_transferred"],"url":"http://lkml.indiana.edu/hypermail/linux/kernel/1304.1/03976.html"},{"name":"USN-1838-1","tags":["vendor-advisory","x_refsource_UBUNTU","x_transferred"],"url":"http://www.ubuntu.com/usn/USN-1838-1"},{"tags":["x_refsource_CONFIRM","x_transferred"],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=962792"},{"tags":["x_refsource_CONFIRM","x_transferred"],"url":"https://github.com/torvalds/linux/commit/8176cced706b5e5d15887584150764894e94e02f"},{"tags":["x_refsource_CONFIRM","x_transferred"],"url":"http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.8.9"},{"name":"USN-1828-1","tags":["vendor-advisory","x_refsource_UBUNTU","x_transferred"],"url":"http://www.ubuntu.com/usn/USN-1828-1"},{"name":"[CentOS-announce] 20130515 CentOS-6 CVE-2013-2094 Kernel Issue","tags":["mailing-list","x_refsource_MLIST","x_transferred"],"url":"http://lists.centos.org/pipermail/centos-announce/2013-May/019729.html"},{"name":"USN-1827-1","tags":["vendor-advisory","x_refsource_UBUNTU","x_transferred"],"url":"http://www.ubuntu.com/usn/USN-1827-1"},{"name":"USN-1836-1","tags":["vendor-advisory","x_refsource_UBUNTU","x_transferred"],"url":"http://www.ubuntu.com/usn/USN-1836-1"},{"name":"93361","tags":["vdb-entry","x_refsource_OSVDB","x_transferred"],"url":"http://www.osvdb.org/93361"},{"name":"33589","tags":["exploit","x_refsource_EXPLOIT-DB","x_transferred"],"url":"http://www.exploit-db.com/exploits/33589"},{"name":"RHSA-2013:0830","tags":["vendor-advisory","x_refsource_REDHAT","x_transferred"],"url":"http://rhn.redhat.com/errata/RHSA-2013-0830.html"},{"tags":["x_refsource_MISC","x_transferred"],"url":"http://news.ycombinator.com/item?id=5703758"},{"name":"[oss-security] 20130514 Re: CVE Request: linux kernel perf out-of-bounds access","tags":["mailing-list","x_refsource_MLIST","x_transferred"],"url":"http://www.openwall.com/lists/oss-security/2013/05/14/6"},{"tags":["x_refsource_CONFIRM","x_transferred"],"url":"http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=8176cced706b5e5d15887584150764894e94e02f"},{"name":"SUSE-SU-2013:0819","tags":["vendor-advisory","x_refsource_SUSE","x_transferred"],"url":"http://lists.opensuse.org/opensuse-security-announce/2013-05/msg00008.html"},{"tags":["x_refsource_MISC","x_transferred"],"url":"http://packetstormsecurity.com/files/121616/semtex.c"},{"name":"openSUSE-SU-2013:0925","tags":["vendor-advisory","x_refsource_SUSE","x_transferred"],"url":"http://lists.opensuse.org/opensuse-security-announce/2013-06/msg00005.html"},{"tags":["x_refsource_MISC","x_transferred"],"url":"http://twitter.com/djrbliss/statuses/334301992648331267"},{"tags":["x_refsource_MISC","x_transferred"],"url":"http://www.reddit.com/r/netsec/comments/1eb9iw"},{"name":"openSUSE-SU-2013:1042","tags":["vendor-advisory","x_refsource_SUSE","x_transferred"],"url":"http://lists.opensuse.org/opensuse-security-announce/2013-06/msg00017.html"},{"name":"USN-1825-1","tags":["vendor-advisory","x_refsource_UBUNTU","x_transferred"],"url":"http://www.ubuntu.com/usn/USN-1825-1"},{"name":"openSUSE-SU-2013:0951","tags":["vendor-advisory","x_refsource_SUSE","x_transferred"],"url":"http://lists.opensuse.org/opensuse-security-announce/2013-06/msg00009.html"}]},{"metrics":[{"cvssV3_1":{"scope":"UNCHANGED","version":"3.1","baseScore":8.4,"attackVector":"LOCAL","baseSeverity":"HIGH","vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","integrityImpact":"HIGH","userInteraction":"NONE","attackComplexity":"LOW","availabilityImpact":"HIGH","privilegesRequired":"NONE","confidentialityImpact":"HIGH"}},{"other":{"type":"ssvc","content":{"id":"CVE-2013-2094","role":"CISA Coordinator","options":[{"Exploitation":"active"},{"Automatable":"no"},{"Technical Impact":"total"}],"version":"2.0.3","timestamp":"2025-05-01T03:55:11.896804Z"}}},{"other":{"type":"kev","content":{"dateAdded":"2022-09-15","reference":"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2013-2094"}}}],"references":[{"url":"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2013-2094","tags":["government-resource"]}],"problemTypes":[{"descriptions":[{"lang":"en","type":"CWE","description":"CWE-noinfo Not enough information"}]}],"timeline":[{"time":"2022-09-15T00:00:00.000Z","lang":"en","value":"CVE-2013-2094 added to CISA KEV"}],"title":"CISA ADP Vulnrichment","providerMetadata":{"orgId":"134c704f-9b21-4f2e-91b3-4a467353bcc0","shortName":"CISA-ADP","dateUpdated":"2025-10-22T00:05:42.816Z"}}]},"cveMetadata":{"assignerOrgId":"53f830b8-0a3f-465b-8143-3b8a9948e749","assignerShortName":"redhat","cveId":"CVE-2013-2094","datePublished":"2013-05-14T20:00:00.000Z","dateReserved":"2013-02-19T00:00:00.000Z","dateUpdated":"2025-10-22T00:05:42.816Z","state":"PUBLISHED"},"dataType":"CVE_RECORD","dataVersion":"5.1"}