ID CVE-2013-2094
Summary The perf_swevent_init function in kernel/events/core.c in the Linux kernel before 3.8.9 uses an incorrect integer data type, which allows local users to gain privileges via a crafted perf_event_open system call.
References
Vulnerable Configurations
  • Linux Kernel 3.8.8
    cpe:2.3:o:linux:linux_kernel:3.8.8
  • Linux Kernel 3.8.4
    cpe:2.3:o:linux:linux_kernel:3.8.4
  • Linux Kernel 3.8.1
    cpe:2.3:o:linux:linux_kernel:3.8.1
  • Linux Kernel 3.8.0
    cpe:2.3:o:linux:linux_kernel:3.8.0
  • Linux Kernel 3.8.2
    cpe:2.3:o:linux:linux_kernel:3.8.2
  • Linux Kernel 3.8.5
    cpe:2.3:o:linux:linux_kernel:3.8.5
  • Linux Kernel 3.8.7
    cpe:2.3:o:linux:linux_kernel:3.8.7
  • Linux Kernel 3.8.3
    cpe:2.3:o:linux:linux_kernel:3.8.3
  • Linux Kernel 3.8.6
    cpe:2.3:o:linux:linux_kernel:3.8.6
CVSS
Base: 7.2 (as of 14-05-2013 - 19:31)
Impact:
Exploitability:
CWE CWE-189
CAPEC
Access
VectorComplexityAuthentication
LOCAL LOW NONE
Impact
ConfidentialityIntegrityAvailability
COMPLETE COMPLETE COMPLETE
exploit-db via4
  • description Ubuntu 12.04.0-2LTS x64 - perf_swevent_init Kernel Local Root Exploit. CVE-2013-2094. Local exploit for linux platform
    file exploits/linux_x86-64/local/33589.c
    id EDB-ID:33589
    last seen 2016-02-03
    modified 2014-05-31
    platform linux_x86-64
    port
    published 2014-05-31
    reporter Vitaly Nikolenko
    source https://www.exploit-db.com/download/33589/
    title Ubuntu 12.04.0-2LTS x64 - perf_swevent_init Kernel Local Root Exploit
    type local
  • description Linux Kernel < 3.8.9 - x86_64 perf_swevent_init Local Root Exploit. CVE-2013-2094. Local exploit for linux platform
    id EDB-ID:26131
    last seen 2016-02-03
    modified 2013-06-11
    published 2013-06-11
    reporter Andrea Bittau
    source https://www.exploit-db.com/download/26131/
    title Linux Kernel < 3.8.9 - x86_64 perf_swevent_init Local Root Exploit
  • description Linux Kernel 2.6.37 <= 3.x.x - PERF_EVENTS Local Root Exploit. CVE-2013-2094. Local exploit for linux platform
    id EDB-ID:25444
    last seen 2016-02-03
    modified 2013-05-14
    published 2013-05-14
    reporter sd
    source https://www.exploit-db.com/download/25444/
    title Linux Kernel 2.6.37 <= 3.x.x - PERF_EVENTS Local Root Exploit
nessus via4
  • NASL family Ubuntu Local Security Checks
    NASL id UBUNTU_USN-1825-1.NASL
    description An flaw was discovered in the Linux kernel's perf_events interface. A local user could exploit this flaw to escalate privileges on the system. Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-12-01
    plugin id 66468
    published 2013-05-16
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=66468
    title Ubuntu 12.04 LTS : linux vulnerability (USN-1825-1)
  • NASL family Mandriva Local Security Checks
    NASL id MANDRIVA_MDVSA-2013-176.NASL
    description Multiple vulnerabilities has been found and corrected in the Linux kernel : The scm_set_cred function in include/net/scm.h in the Linux kernel before 3.8.11 uses incorrect uid and gid values during credentials passing, which allows local users to gain privileges via a crafted application. (CVE-2013-1979) The nr_recvmsg function in net/netrom/af_netrom.c in the Linux kernel before 3.9-rc7 does not initialize a certain data structure, which allows local users to obtain sensitive information from kernel stack memory via a crafted recvmsg or recvfrom system call. (CVE-2013-3232) net/tipc/socket.c in the Linux kernel before 3.9-rc7 does not initialize a certain data structure and a certain length variable, which allows local users to obtain sensitive information from kernel stack memory via a crafted recvmsg or recvfrom system call. (CVE-2013-3235) The rose_recvmsg function in net/rose/af_rose.c in the Linux kernel before 3.9-rc7 does not initialize a certain data structure, which allows local users to obtain sensitive information from kernel stack memory via a crafted recvmsg or recvfrom system call. (CVE-2013-3234) The llcp_sock_recvmsg function in net/nfc/llcp/sock.c in the Linux kernel before 3.9-rc7 does not initialize a certain length variable and a certain data structure, which allows local users to obtain sensitive information from kernel stack memory via a crafted recvmsg or recvfrom system call. (CVE-2013-3233) The llc_ui_recvmsg function in net/llc/af_llc.c in the Linux kernel before 3.9-rc7 does not initialize a certain length variable, which allows local users to obtain sensitive information from kernel stack memory via a crafted recvmsg or recvfrom system call. (CVE-2013-3231) The iucv_sock_recvmsg function in net/iucv/af_iucv.c in the Linux kernel before 3.9-rc7 does not initialize a certain length variable, which allows local users to obtain sensitive information from kernel stack memory via a crafted recvmsg or recvfrom system call. (CVE-2013-3229) The irda_recvmsg_dgram function in net/irda/af_irda.c in the Linux kernel before 3.9-rc7 does not initialize a certain length variable, which allows local users to obtain sensitive information from kernel stack memory via a crafted recvmsg or recvfrom system call. (CVE-2013-3228) The caif_seqpkt_recvmsg function in net/caif/caif_socket.c in the Linux kernel before 3.9-rc7 does not initialize a certain length variable, which allows local users to obtain sensitive information from kernel stack memory via a crafted recvmsg or recvfrom system call. (CVE-2013-3227) The rfcomm_sock_recvmsg function in net/bluetooth/rfcomm/sock.c in the Linux kernel before 3.9-rc7 does not initialize a certain length variable, which allows local users to obtain sensitive information from kernel stack memory via a crafted recvmsg or recvfrom system call. (CVE-2013-3225) The bt_sock_recvmsg function in net/bluetooth/af_bluetooth.c in the Linux kernel before 3.9-rc7 does not properly initialize a certain length variable, which allows local users to obtain sensitive information from kernel stack memory via a crafted recvmsg or recvfrom system call. (CVE-2013-3224) The ax25_recvmsg function in net/ax25/af_ax25.c in the Linux kernel before 3.9-rc7 does not initialize a certain data structure, which allows local users to obtain sensitive information from kernel stack memory via a crafted recvmsg or recvfrom system call. (CVE-2013-3223) The vcc_recvmsg function in net/atm/common.c in the Linux kernel before 3.9-rc7 does not initialize a certain length variable, which allows local users to obtain sensitive information from kernel stack memory via a crafted recvmsg or recvfrom system call. (CVE-2013-3222) Integer overflow in the fb_mmap function in drivers/video/fbmem.c in the Linux kernel before 3.8.9, as used in a certain Motorola build of Android 4.1.2 and other products, allows local users to create a read-write memory mapping for the entirety of kernel memory, and consequently gain privileges, via crafted /dev/graphics/fb0 mmap2 system calls, as demonstrated by the Motochopper pwn program. (CVE-2013-2596) arch/x86/kernel/cpu/perf_event_intel.c in the Linux kernel before 3.8.9, when the Performance Events Subsystem is enabled, specifies an incorrect bitmask, which allows local users to cause a denial of service (general protection fault and system crash) by attempting to set a reserved bit. (CVE-2013-2146) The perf_swevent_init function in kernel/events/core.c in the Linux kernel before 3.8.9 uses an incorrect integer data type, which allows local users to gain privileges via a crafted perf_event_open system call. (CVE-2013-2094) The ioapic_read_indirect function in virt/kvm/ioapic.c in the Linux kernel through 3.8.4 does not properly handle a certain combination of invalid IOAPIC_REG_SELECT and IOAPIC_REG_WINDOW operations, which allows guest OS users to obtain sensitive information from host OS memory or cause a denial of service (host OS OOPS) via a crafted application. (CVE-2013-1798) Use-after-free vulnerability in arch/x86/kvm/x86.c in the Linux kernel through 3.8.4 allows guest OS users to cause a denial of service (host OS memory corruption) or possibly have unspecified other impact via a crafted application that triggers use of a guest physical address (GPA) in (1) movable or (2) removable memory during an MSR_KVM_SYSTEM_TIME kvm_set_msr_common operation. (CVE-2013-1797) The kvm_set_msr_common function in arch/x86/kvm/x86.c in the Linux kernel through 3.8.4 does not ensure a required time_page alignment during an MSR_KVM_SYSTEM_TIME operation, which allows guest OS users to cause a denial of service (buffer overflow and host OS memory corruption) or possibly have unspecified other impact via a crafted application. (CVE-2013-1796) The do_tkill function in kernel/signal.c in the Linux kernel before 3.8.9 does not initialize a certain data structure, which allows local users to obtain sensitive information from kernel memory via a crafted application that makes a (1) tkill or (2) tgkill system call. (CVE-2013-2141) Heap-based buffer overflow in the tg3_read_vpd function in drivers/net/ethernet/broadcom/tg3.c in the Linux kernel before 3.8.6 allows physically proximate attackers to cause a denial of service (system crash) or possibly execute arbitrary code via crafted firmware that specifies a long string in the Vital Product Data (VPD) data structure. (CVE-2013-1929) The main function in tools/hv/hv_kvp_daemon.c in hypervkvpd, as distributed in the Linux kernel before 3.8-rc1, allows local users to cause a denial of service (daemon exit) via a crafted application that sends a Netlink message. NOTE: this vulnerability exists because of an incorrect fix for CVE-2012-2669. (CVE-2012-5532) The udf_encode_fh function in fs/udf/namei.c in the Linux kernel before 3.6 does not initialize a certain structure member, which allows local users to obtain sensitive information from kernel heap memory via a crafted application. (CVE-2012-6548) The isofs_export_encode_fh function in fs/isofs/export.c in the Linux kernel before 3.6 does not initialize a certain structure member, which allows local users to obtain sensitive information from kernel heap memory via a crafted application. (CVE-2012-6549) net/dcb/dcbnl.c in the Linux kernel before 3.8.4 does not initialize certain structures, which allows local users to obtain sensitive information from kernel stack memory via a crafted application. (CVE-2013-2634) The rtnl_fill_ifinfo function in net/core/rtnetlink.c in the Linux kernel before 3.8.4 does not initialize a certain structure member, which allows local users to obtain sensitive information from kernel stack memory via a crafted application. (CVE-2013-2635) fs/ext3/super.c in the Linux kernel before 3.8.4 uses incorrect arguments to functions in certain circumstances related to printk input, which allows local users to conduct format-string attacks and possibly gain privileges via a crafted application. (CVE-2013-1848) The flush_signal_handlers function in kernel/signal.c in the Linux kernel before 3.8.4 preserves the value of the sa_restorer field across an exec operation, which makes it easier for local users to bypass the ASLR protection mechanism via a crafted application containing a sigaction system call. (CVE-2013-0914) Heap-based buffer overflow in the wdm_in_callback function in drivers/usb/class/cdc-wdm.c in the Linux kernel before 3.8.4 allows physically proximate attackers to cause a denial of service (system crash) or possibly execute arbitrary code via a crafted cdc-wdm USB device. (CVE-2013-1860) Race condition in the install_user_keyrings function in security/keys/process_keys.c in the Linux kernel before 3.8.3 allows local users to cause a denial of service (NULL pointer dereference and system crash) via crafted keyctl system calls that trigger keyring operations in simultaneous threads. (CVE-2013-1792) The report API in the crypto user configuration API in the Linux kernel through 3.8.2 uses an incorrect C library function for copying strings, which allows local users to obtain sensitive information from kernel stack memory by leveraging the CAP_NET_ADMIN capability. (CVE-2013-2546) The crypto_report_one function in crypto/crypto_user.c in the report API in the crypto user configuration API in the Linux kernel through 3.8.2 does not initialize certain structure members, which allows local users to obtain sensitive information from kernel heap memory by leveraging the CAP_NET_ADMIN capability. (CVE-2013-2547) The crypto_report_one function in crypto/crypto_user.c in the report API in the crypto user configuration API in the Linux kernel through 3.8.2 uses an incorrect length value during a copy operation, which allows local users to obtain sensitive information from kernel memory by leveraging the CAP_NET_ADMIN capability. (CVE-2013-2548) The translate_desc function in drivers/vhost/vhost.c in the Linux kernel before 3.7 does not properly handle cross-region descriptors, which allows guest OS users to obtain host OS privileges by leveraging KVM guest OS privileges. (CVE-2013-0311) Array index error in the __sock_diag_rcv_msg function in net/core/sock_diag.c in the Linux kernel before 3.7.10 allows local users to gain privileges via a large family value in a Netlink message. (CVE-2013-1763) The __skb_recv_datagram function in net/core/datagram.c in the Linux kernel before 3.8 does not properly handle the MSG_PEEK flag with zero-length data, which allows local users to cause a denial of service (infinite loop and system hang) via a crafted application. (CVE-2013-0290) Use-after-free vulnerability in the shmem_remount_fs function in mm/shmem.c in the Linux kernel before 3.7.10 allows local users to gain privileges or cause a denial of service (system crash) by remounting a tmpfs filesystem without specifying a required mpol (aka mempolicy) mount option. (CVE-2013-1767) The xen_iret function in arch/x86/xen/xen-asm_32.S in the Linux kernel before 3.7.9 on 32-bit Xen paravirt_ops platforms does not properly handle an invalid value in the DS segment register, which allows guest OS users to gain guest OS privileges via a crafted application. (CVE-2013-0228) Memory leak in drivers/net/xen-netback/netback.c in the Xen netback functionality in the Linux kernel before 3.7.8 allows guest OS users to cause a denial of service (memory consumption) by triggering certain error conditions. (CVE-2013-0217) The Xen netback functionality in the Linux kernel before 3.7.8 allows guest OS users to cause a denial of service (loop) by triggering ring pointer corruption. (CVE-2013-0216) The __tun_chr_ioctl function in drivers/net/tun.c in the Linux kernel before 3.6 does not initialize a certain structure, which allows local users to obtain sensitive information from kernel stack memory via a crafted application. (CVE-2012-6547) The updated packages provides a solution for these security issues.
    last seen 2019-02-21
    modified 2018-07-19
    plugin id 66975
    published 2013-06-25
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=66975
    title Mandriva Linux Security Advisory : kernel (MDVSA-2013:176)
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2013-0829.NASL
    description Updated kernel-rt packages that fix several security issues and multiple bugs are now available for Red Hat Enterprise MRG 2.3. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. Security fixes : * It was found that the kernel-rt update RHBA-2012:0044 introduced an integer conversion issue in the Linux kernel's Performance Events implementation. This led to a user-supplied index into the perf_swevent_enabled array not being validated properly, resulting in out-of-bounds kernel memory access. A local, unprivileged user could use this flaw to escalate their privileges. (CVE-2013-2094, Important) A public exploit for CVE-2013-2094 that affects Red Hat Enterprise MRG 2 is available. Refer to Red Hat Knowledge Solution 373743, linked to in the References, for further information and mitigation instructions for users who are unable to immediately apply this update. * An integer overflow flaw, leading to a heap-based buffer overflow, was found in the way the Intel i915 driver in the Linux kernel handled the allocation of the buffer used for relocation copies. A local user with console access could use this flaw to cause a denial of service or escalate their privileges. (CVE-2013-0913, Important) * It was found that the Linux kernel used effective user and group IDs instead of real ones when passing messages with SCM_CREDENTIALS ancillary data. A local, unprivileged user could leverage this flaw with a set user ID (setuid) application, allowing them to escalate their privileges. (CVE-2013-1979, Important) * A race condition in install_user_keyrings(), leading to a NULL pointer dereference, was found in the key management facility. A local, unprivileged user could use this flaw to cause a denial of service. (CVE-2013-1792, Moderate) * A NULL pointer dereference flaw was found in the Linux kernel's XFS file system implementation. A local user who is able to mount an XFS file system could use this flaw to cause a denial of service. (CVE-2013-1819, Moderate) * An information leak was found in the Linux kernel's POSIX signals implementation. A local, unprivileged user could use this flaw to bypass the Address Space Layout Randomization (ASLR) security feature. (CVE-2013-0914, Low) * A use-after-free flaw was found in the tmpfs implementation. A local user able to mount and unmount a tmpfs file system could use this flaw to cause a denial of service or, potentially, escalate their privileges. (CVE-2013-1767, Low) * A NULL pointer dereference flaw was found in the Linux kernel's USB Inside Out Edgeport Serial Driver implementation. A local user with physical access to a system and with access to a USB device's tty file could use this flaw to cause a denial of service. (CVE-2013-1774, Low) * A format string flaw was found in the ext3_msg() function in the Linux kernel's ext3 file system implementation. A local user who is able to mount an ext3 file system could use this flaw to cause a denial of service or, potentially, escalate their privileges. (CVE-2013-1848, Low) * A heap-based buffer overflow flaw was found in the Linux kernel's cdc-wdm driver, used for USB CDC WCM device management. An attacker with physical access to a system could use this flaw to cause a denial of service or, potentially, escalate their privileges. (CVE-2013-1860, Low) * A heap-based buffer overflow in the way the tg3 Ethernet driver parsed the vital product data (VPD) of devices could allow an attacker with physical access to a system to cause a denial of service or, potentially, escalate their privileges. (CVE-2013-1929, Low) * Information leaks in the Linux kernel's cryptographic API could allow a local user who has the CAP_NET_ADMIN capability to leak kernel stack memory to user-space. (CVE-2013-2546, CVE-2013-2547, CVE-2013-2548, Low) * Information leaks in the Linux kernel could allow a local, unprivileged user to leak kernel stack memory to user-space. (CVE-2013-2634, CVE-2013-2635, CVE-2013-3076, CVE-2013-3222, CVE-2013-3224, CVE-2013-3225, CVE-2013-3231, Low) Red Hat would like to thank Andy Lutomirski for reporting CVE-2013-1979. CVE-2013-1792 was discovered by Mateusz Guzik of Red Hat EMEA GSS SEG Team.
    last seen 2019-02-21
    modified 2018-12-20
    plugin id 76660
    published 2014-07-22
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=76660
    title RHEL 6 : MRG (RHSA-2013:0829)
  • NASL family Ubuntu Local Security Checks
    NASL id UBUNTU_USN-1827-1.NASL
    description An flaw was discovered in the Linux kernel's perf_events interface. A local user could exploit this flaw to escalate privileges on the system. Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-12-01
    plugin id 66470
    published 2013-05-16
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=66470
    title Ubuntu 13.04 : linux vulnerability (USN-1827-1)
  • NASL family Amazon Linux Local Security Checks
    NASL id ALA_ALAS-2013-190.NASL
    description A flaw was found in the way index into perf_swevent_enabled array was sanitized. A local, unprivileged user could leverage this flaw to gain elevated privileges on the system.
    last seen 2019-02-21
    modified 2018-06-27
    plugin id 73126
    published 2014-03-20
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=73126
    title Amazon Linux AMI : kernel Privilege Escalation (ALAS-2013-190)
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2013-0841.NASL
    description Updated kernel packages that fix one security issue are now available for Red Hat Enterprise Linux 6.1 Extended Update Support. The Red Hat Security Response Team has rated this update as having important security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. The kernel packages contain the Linux kernel, the core of any Linux operating system. This update fixes the following security issue : * It was found that the Red Hat Enterprise Linux 6.1 kernel update (RHSA-2011:0542) introduced an integer conversion issue in the Linux kernel's Performance Events implementation. This led to a user-supplied index into the perf_swevent_enabled array not being validated properly, resulting in out-of-bounds kernel memory access. A local, unprivileged user could use this flaw to escalate their privileges. (CVE-2013-2094, Important) A public exploit that affects Red Hat Enterprise Linux 6 is available. Refer to Red Hat Knowledge Solution 373743, linked to in the References, for further information and mitigation instructions for users who are unable to immediately apply this update. Users should upgrade to these updated packages, which contain a backported patch to correct this issue. The system must be rebooted for this update to take effect.
    last seen 2019-02-21
    modified 2018-12-20
    plugin id 66525
    published 2013-05-21
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=66525
    title RHEL 6 : kernel (RHSA-2013:0841)
  • NASL family Scientific Linux Local Security Checks
    NASL id SL_20130516_KERNEL_ON_SL6_X.NASL
    description This update fixes the following security issue : - It was found that the Scientific Linux 6.1 kernel update (SLSA-2011:0542) introduced an integer conversion issue in the Linux kernel's Performance Events implementation. This led to a user-supplied index into the perf_swevent_enabled array not being validated properly, resulting in out-of-bounds kernel memory access. A local, unprivileged user could use this flaw to escalate their privileges. (CVE-2013-2094, Important) A public exploit that affects Scientific Linux 6 is available. Refer to Red Hat Knowledge Solution 373743 for further information and mitigation instructions for users who are unable to immediately apply this update. The system must be rebooted for this update to take effect.
    last seen 2019-02-21
    modified 2018-12-31
    plugin id 66490
    published 2013-05-17
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=66490
    title Scientific Linux Security Update : kernel on SL6.x i386/x86_64
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2013-0830.NASL
    description Updated kernel packages that fix one security issue are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having important security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. The kernel packages contain the Linux kernel, the core of any Linux operating system. This update fixes the following security issue : * It was found that the Red Hat Enterprise Linux 6.1 kernel update (RHSA-2011:0542) introduced an integer conversion issue in the Linux kernel's Performance Events implementation. This led to a user-supplied index into the perf_swevent_enabled array not being validated properly, resulting in out-of-bounds kernel memory access. A local, unprivileged user could use this flaw to escalate their privileges. (CVE-2013-2094, Important) A public exploit that affects Red Hat Enterprise Linux 6 is available. Refer to Red Hat Knowledge Solution 373743, linked to in the References, for further information and mitigation instructions for users who are unable to immediately apply this update. Users should upgrade to these updated packages, which contain a backported patch to correct this issue. The system must be rebooted for this update to take effect.
    last seen 2019-02-21
    modified 2018-12-20
    plugin id 66488
    published 2013-05-17
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=66488
    title RHEL 6 : kernel (RHSA-2013:0830)
  • NASL family F5 Networks Local Security Checks
    NASL id F5_BIGIP_SOL14445.NASL
    description The perf_swevent_init function in kernel/events/core.c in the Linux kernel before 3.8.9 uses an incorrect integer data type. (CVE-2013-2094)
    last seen 2019-02-21
    modified 2019-01-04
    plugin id 78150
    published 2014-10-10
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=78150
    title F5 Networks BIG-IP : Linux kernel vulnerability (K14445)
  • NASL family Oracle Linux Local Security Checks
    NASL id ORACLELINUX_ELSA-2013-0830.NASL
    description From Red Hat Security Advisory 2013:0830 : Updated kernel packages that fix one security issue are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having important security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. The kernel packages contain the Linux kernel, the core of any Linux operating system. This update fixes the following security issue : * It was found that the Red Hat Enterprise Linux 6.1 kernel update (RHSA-2011:0542) introduced an integer conversion issue in the Linux kernel's Performance Events implementation. This led to a user-supplied index into the perf_swevent_enabled array not being validated properly, resulting in out-of-bounds kernel memory access. A local, unprivileged user could use this flaw to escalate their privileges. (CVE-2013-2094, Important) A public exploit that affects Red Hat Enterprise Linux 6 is available. Refer to Red Hat Knowledge Solution 373743, linked to in the References, for further information and mitigation instructions for users who are unable to immediately apply this update. Users should upgrade to these updated packages, which contain a backported patch to correct this issue. The system must be rebooted for this update to take effect.
    last seen 2019-02-21
    modified 2018-07-18
    plugin id 68823
    published 2013-07-12
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=68823
    title Oracle Linux 6 : kernel (ELSA-2013-0830)
  • NASL family Ubuntu Local Security Checks
    NASL id UBUNTU_USN-1826-1.NASL
    description An flaw was discovered in the Linux kernel's perf_events interface. A local user could exploit this flaw to escalate privileges on the system. Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-12-01
    plugin id 66469
    published 2013-05-16
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=66469
    title Ubuntu 12.10 : linux vulnerability (USN-1826-1)
  • NASL family Oracle Linux Local Security Checks
    NASL id ORACLELINUX_ELSA-2013-2525.NASL
    description The remote Oracle Linux host is missing a security update for the Unbreakable Enterprise kernel package(s).
    last seen 2019-02-21
    modified 2015-12-01
    plugin id 68855
    published 2013-07-12
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=68855
    title Oracle Linux 5 / 6 : Unbreakable Enterprise kernel (ELSA-2013-2525)
  • NASL family SuSE Local Security Checks
    NASL id OPENSUSE-2013-512.NASL
    description The openSUSE 12.2 kernel was updated to fix security issue and other bugs. Security issues fixed: CVE-2013-2850: Incorrect strncpy usage in the network listening part of the iscsi target driver could have been used by remote attackers to crash the kernel or execute code. This required the iscsi target running on the machine and the attacker able to make a network connection to it (aka not filtered by firewalls). CVE-2013-2094: The perf_swevent_init function in kernel/events/core.c in the Linux kernel used an incorrect integer data type, which allowed local users to gain privileges via a crafted perf_event_open system call. CVE-2013-0290: The __skb_recv_datagram function in net/core/datagram.c in the Linux kernel did not properly handle the MSG_PEEK flag with zero-length data, which allowed local users to cause a denial of service (infinite loop and system hang) via a crafted application. Bugs fixed : - reiserfs: fix spurious multiple-fill in reiserfs_readdir_dentry (bnc#822722). - reiserfs: fix problems with chowning setuid file w/ xattrs (bnc#790920). - qlge: fix dma map leak when the last chunk is not allocated (bnc#819519). - Update config files: disable UCB1400 on all but ARM Currently UCB1400 is only used on ARM OMAP systems, and part of the code is dead code that can't even be modularized. - CONFIG_UCB1400_CORE=n - CONFIG_TOUCHSCREEN_UCB1400=n - CONFIG_GPIO_UCB1400=n - mm/mmap: check for RLIMIT_AS before unmapping (bnc#818327). - unix/stream: fix peeking with an offset larger than data in queue (bnc#803931 CVE-2013-0290). - unix/dgram: fix peeking with an offset larger than data in queue (bnc#803931 CVE-2013-0290). - unix/dgram: peek beyond 0-sized skbs (bnc#803931 CVE-2013-0290).
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 75048
    published 2014-06-13
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=75048
    title openSUSE Security Update : kernel (openSUSE-SU-2013:1042-1)
  • NASL family Oracle Linux Local Security Checks
    NASL id ORACLELINUX_ELSA-2013-2524.NASL
    description Description of changes: [2.6.39-400.24.1.el6uek] - perf: Treat attr.config as u64 in perf_swevent_init() (Tommi Rantala) [Orabug: 16808734] {CVE-2013-2094}
    last seen 2019-02-21
    modified 2016-05-20
    plugin id 68854
    published 2013-07-12
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=68854
    title Oracle Linux 5 / 6 : Unbreakable Enterprise kernel (ELSA-2013-2524)
  • NASL family CentOS Local Security Checks
    NASL id CENTOS_RHSA-2013-0830.NASL
    description Updated kernel packages that fix one security issue are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having important security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. The kernel packages contain the Linux kernel, the core of any Linux operating system. This update fixes the following security issue : * It was found that the Red Hat Enterprise Linux 6.1 kernel update (RHSA-2011:0542) introduced an integer conversion issue in the Linux kernel's Performance Events implementation. This led to a user-supplied index into the perf_swevent_enabled array not being validated properly, resulting in out-of-bounds kernel memory access. A local, unprivileged user could use this flaw to escalate their privileges. (CVE-2013-2094, Important) A public exploit that affects Red Hat Enterprise Linux 6 is available. Refer to Red Hat Knowledge Solution 373743, linked to in the References, for further information and mitigation instructions for users who are unable to immediately apply this update. Users should upgrade to these updated packages, which contain a backported patch to correct this issue. The system must be rebooted for this update to take effect.
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 66521
    published 2013-05-21
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=66521
    title CentOS 6 : kernel (CESA-2013:0830)
  • NASL family Ubuntu Local Security Checks
    NASL id UBUNTU_USN-1828-1.NASL
    description An flaw was discovered in the Linux kernel's perf_events interface. A local user could exploit this flaw to escalate privileges on the system. Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-12-01
    plugin id 66471
    published 2013-05-16
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=66471
    title Ubuntu 12.04 LTS : linux-lts-quantal vulnerability (USN-1828-1)
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2013-0840.NASL
    description Updated kernel packages that fix one security issue are now available for Red Hat Enterprise Linux 6.2 Extended Update Support. The Red Hat Security Response Team has rated this update as having important security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. The kernel packages contain the Linux kernel, the core of any Linux operating system. This update fixes the following security issue : * It was found that the Red Hat Enterprise Linux 6.1 kernel update (RHSA-2011:0542) introduced an integer conversion issue in the Linux kernel's Performance Events implementation. This led to a user-supplied index into the perf_swevent_enabled array not being validated properly, resulting in out-of-bounds kernel memory access. A local, unprivileged user could use this flaw to escalate their privileges. (CVE-2013-2094, Important) A public exploit that affects Red Hat Enterprise Linux 6 is available. Refer to Red Hat Knowledge Solution 373743, linked to in the References, for further information and mitigation instructions for users who are unable to immediately apply this update. Users should upgrade to these updated packages, which contain a backported patch to correct this issue. The system must be rebooted for this update to take effect.
    last seen 2019-02-21
    modified 2018-12-20
    plugin id 66524
    published 2013-05-21
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=66524
    title RHEL 6 : kernel (RHSA-2013:0840)
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2013-0832.NASL
    description Updated kernel packages that fix one security issue are now available for Red Hat Enterprise Linux 6.3 Extended Update Support. The Red Hat Security Response Team has rated this update as having important security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. The kernel packages contain the Linux kernel, the core of any Linux operating system. This update fixes the following security issue : * It was found that the Red Hat Enterprise Linux 6.1 kernel update (RHSA-2011:0542) introduced an integer conversion issue in the Linux kernel's Performance Events implementation. This led to a user-supplied index into the perf_swevent_enabled array not being validated properly, resulting in out-of-bounds kernel memory access. A local, unprivileged user could use this flaw to escalate their privileges. (CVE-2013-2094, Important) A public exploit that affects Red Hat Enterprise Linux 6 is available. Refer to Red Hat Knowledge Solution 373743, linked to in the References, for further information and mitigation instructions for users who are unable to immediately apply this update. Users should upgrade to these updated packages, which contain a backported patch to correct this issue. The system must be rebooted for this update to take effect.
    last seen 2019-02-21
    modified 2018-12-20
    plugin id 78957
    published 2014-11-08
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=78957
    title RHEL 6 : kernel (RHSA-2013:0832)
  • NASL family Slackware Local Security Checks
    NASL id SLACKWARE_SSA_2013-140-01.NASL
    description New Linux kernel packages are available for Slackware 13.37 and 14.0 to fix a security issue.
    last seen 2019-02-21
    modified 2014-02-10
    plugin id 66638
    published 2013-05-29
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=66638
    title Slackware 13.37 / 14.0 : kernel (SSA:2013-140-01)
  • NASL family Ubuntu Local Security Checks
    NASL id UBUNTU_USN-1849-1.NASL
    description A flaw was discovered in the Linux kernel's perf_events interface. A local user could exploit this flaw to escalate privileges on the system. Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-12-01
    plugin id 66716
    published 2013-05-31
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=66716
    title Ubuntu 12.04 LTS : linux-lts-raring vulnerability (USN-1849-1)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_11_KERNEL-130515.NASL
    description This update to the SUSE Linux Enterprise 11 SP2 kernel fixes the following critical security issue : - A bounds checking problem in the perf systemcall could be used by local attackers to crash the kernel or execute code in kernel context. (CVE-2013-2094)
    last seen 2019-02-21
    modified 2014-02-10
    plugin id 66539
    published 2013-05-22
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=66539
    title SuSE 11.2 Security Update : Linux Kernel (SAT Patch Numbers 7723 / 7726 / 7727)
  • NASL family SuSE Local Security Checks
    NASL id OPENSUSE-2013-454.NASL
    description The openSUSE 12.1 kernel was updated to fix a severe secrutiy issue and various bugs. Security issues fixed: CVE-2013-2094: The perf_swevent_init function in kernel/events/core.c in the Linux kernel used an incorrect integer data type, which allowed local users to gain privileges via a crafted perf_event_open system call. CVE-2013-1774: The chase_port function in drivers/usb/serial/io_ti.c in the Linux kernel allowed local users to cause a denial of service (NULL pointer dereference and system crash) via an attempted /dev/ttyUSB read or write operation on a disconnected Edgeport USB serial converter. CVE-2013-1928: The do_video_set_spu_palette function in fs/compat_ioctl.c in the Linux kernel lacked a certain error check, which might have allowed local users to obtain sensitive information from kernel stack memory via a crafted VIDEO_SET_SPU_PALETTE ioctl call on a /dev/dvb device. CVE-2013-1796: The kvm_set_msr_common function in arch/x86/kvm/x86.c in the Linux kernel did not ensure a required time_page alignment during an MSR_KVM_SYSTEM_TIME operation, which allowed guest OS users to cause a denial of service (buffer overflow and host OS memory corruption) or possibly have unspecified other impact via a crafted application. CVE-2013-1797: Use-after-free vulnerability in arch/x86/kvm/x86.c in the Linux kernel allowed guest OS users to cause a denial of service (host OS memory corruption) or possibly have unspecified other impact via a crafted application that triggers use of a guest physical address (GPA) in (1) movable or (2) removable memory during an MSR_KVM_SYSTEM_TIME kvm_set_msr_common operation. CVE-2013-1798: The ioapic_read_indirect function in virt/kvm/ioapic.c in the Linux kernel did not properly handle a certain combination of invalid IOAPIC_REG_SELECT and IOAPIC_REG_WINDOW operations, which allowed guest OS users to obtain sensitive information from host OS memory or cause a denial of service (host OS OOPS) via a crafted application. CVE-2013-1767: Use-after-free vulnerability in the shmem_remount_fs function in mm/shmem.c in the Linux kernel allowed local users to gain privileges or cause a denial of service (system crash) by remounting a tmpfs filesystem without specifying a required mpol (aka mempolicy) mount option. CVE-2013-0913: Integer overflow in drivers/gpu/drm/i915/i915_gem_execbuffer.c in the i915 driver in the Direct Rendering Manager (DRM) subsystem in the Linux kernel allowed local users to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via a crafted application that triggers many relocation copies, and potentially leads to a race condition. Bugs fixed : - qlge: fix dma map leak when the last chunk is not allocated (bnc#819519). - TTY: fix atime/mtime regression (bnc#815745). - fs/compat_ioctl.c: VIDEO_SET_SPU_PALETTE missing error check (bnc#813735). - USB: io_ti: Fix NULL dereference in chase_port() (bnc#806976, CVE-2013-1774). - KVM: Convert MSR_KVM_SYSTEM_TIME to use gfn_to_hva_cache_init (bnc#806980 CVE-2013-1797). - KVM: Fix bounds checking in ioapic indirect register read (bnc#806980 CVE-2013-1798). - KVM: Fix for buffer overflow in handling of MSR_KVM_SYSTEM_TIME (bnc#806980 CVE-2013-1796). - kabi/severities: Allow kvm module abi changes - modules are self consistent - loopdev: fix a deadlock (bnc#809748). - block: use i_size_write() in bd_set_size() (bnc#809748). - drm/i915: bounds check execbuffer relocation count (bnc#808829,CVE-2013-0913). - tmpfs: fix use-after-free of mempolicy object (bnc#806138, CVE-2013-1767).
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 75018
    published 2014-06-13
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=75018
    title openSUSE Security Update : kernel (openSUSE-SU-2013:0847-1)
  • NASL family SuSE Local Security Checks
    NASL id OPENSUSE-2013-452.NASL
    description The openSUSE 12.3 kernel was updated to fix a critical security issue, other security issues and several bugs. Security issues fixed: CVE-2013-2094: The perf_swevent_init function in kernel/events/core.c in the Linux kernel used an incorrect integer data type, which allowed local users to gain privileges via a crafted perf_event_open system call. CVE-2013-0290: The __skb_recv_datagram function in net/core/datagram.c in the Linux kernel did not properly handle the MSG_PEEK flag with zero-length data, which allowed local users to cause a denial of service (infinite loop and system hang) via a crafted application. Bugs fixed : - qlge: fix dma map leak when the last chunk is not allocated (bnc#819519). - ACPI / thermal: do not always return THERMAL_TREND_RAISING for active trip points (bnc#820048). - perf: Treat attr.config as u64 in perf_swevent_init() (bnc#819789, CVE-2013-2094). - cxgb4: fix error recovery when t4_fw_hello returns a positive value (bnc#818497). - kabi/severities: Ignore drivers/mfd/ucb1400_core It provides internal exports to UCB1400 drivers, that we have just disabled. - Fix -devel package for armv7hl armv7hl kernel flavors in the non-multiplatform configuration (which is the default for our openSUSE 12.3 release), needs more header files from the machine specific directories to be included in kernel-devel. - Update config files: disable UCB1400 on all but ARM Currently UCB1400 is only used on ARM OMAP systems, and part of the code is dead code that can't even be modularized. - CONFIG_UCB1400_CORE=n - CONFIG_TOUCHSCREEN_UCB1400=n - CONFIG_GPIO_UCB1400=n - rpm/config.sh: Drop the ARM repository, the KOTD will build against the 'ports' repository of openSUSE:12.3 - mm/mmap: check for RLIMIT_AS before unmapping (bnc#818327). - rpm/kernel-spec-macros: Properly handle KOTD release numbers with .g suffix - rpm/kernel-spec-macros: Drop the %release_num macro We no longer put the -rcX tag into the release string. - xen-pciback: notify hypervisor about devices intended to be assigned to guests. - unix/stream: fix peeking with an offset larger than data in queue (bnc#803931 CVE-2013-0290). - unix/dgram: fix peeking with an offset larger than data in queue (bnc#803931 CVE-2013-0290). - unix/dgram: peek beyond 0-sized skbs (bnc#803931 CVE-2013-0290). - net: fix infinite loop in __skb_recv_datagram() (bnc#803931 CVE-2013-0290). - TTY: fix atime/mtime regression (bnc#815745). - md/raid1,raid10: fix deadlock with freeze_array() (813889). - md: raid1,10: Handle REQ_WRITE_SAME flag in write bios (bnc#813889). - KMS: fix EDID detailed timing vsync parsing. - KMS: fix EDID detailed timing frame rate. - Add Netfilter/ebtables support Those modues are needed for proper OpenStack support on ARM, and are also enabled on x86(_64)
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 75016
    published 2014-06-13
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=75016
    title openSUSE Security Update : kernel (openSUSE-SU-2013:0951-1)
  • NASL family Oracle Linux Local Security Checks
    NASL id ORACLELINUX_ELSA-2013-2546.NASL
    description The remote Oracle Linux host is missing a security update for the Unbreakable Enterprise Kernel package(s).
    last seen 2019-02-21
    modified 2015-12-01
    plugin id 69942
    published 2013-09-18
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=69942
    title Oracle Linux 5 / 6 : Unbreakable Enterprise Kernel (ELSA-2013-2546)
  • NASL family Debian Local Security Checks
    NASL id DEBIAN_DSA-2669.NASL
    description Several vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service, information leak or privilege escalation. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2013-0160 vladz reported a timing leak with the /dev/ptmx character device. A local user could use this to determine sensitive information such as password length. - CVE-2013-1796 Andrew Honig of Google reported an issue in the KVM subsystem. A user in a guest operating system could corrupt kernel memory, resulting in a denial of service. - CVE-2013-1929 Oded Horovitz and Brad Spengler reported an issue in the device driver for Broadcom Tigon3 based gigabit Ethernet. Users with the ability to attach untrusted devices can create an overflow condition, resulting in a denial of service or elevated privileges. - CVE-2013-1979 Andy Lutomirski reported an issue in the socket level control message processing subsystem. Local users may be able to gain eleveated privileges. - CVE-2013-2015 Theodore Ts'o provided a fix for an issue in the ext4 filesystem. Local users with the ability to mount a specially crafted filesystem can cause a denial of service (infinite loop). - CVE-2013-2094 Tommie Rantala discovered an issue in the perf subsystem. An out-of-bounds access vulnerability allows local users to gain elevated privileges. - CVE-2013-3076 Mathias Krause discovered an issue in the userspace interface for hash algorithms. Local users can gain access to sensitive kernel memory. - CVE-2013-3222 Mathias Krause discovered an issue in the Asynchronous Transfer Mode (ATM) protocol support. Local users can gain access to sensitive kernel memory. - CVE-2013-3223 Mathias Krause discovered an issue in the Amateur Radio AX.25 protocol support. Local users can gain access to sensitive kernel memory. - CVE-2013-3224 Mathias Krause discovered an issue in the Bluetooth subsystem. Local users can gain access to sensitive kernel memory. - CVE-2013-3225 Mathias Krause discovered an issue in the Bluetooth RFCOMM protocol support. Local users can gain access to sensitive kernel memory. - CVE-2013-3227 Mathias Krause discovered an issue in the Communication CPU to Application CPU Interface (CAIF). Local users can gain access to sensitive kernel memory. - CVE-2013-3228 Mathias Krause discovered an issue in the IrDA (infrared) subsystem support. Local users can gain access to sensitive kernel memory. - CVE-2013-3229 Mathias Krause discovered an issue in the IUCV support on s390 systems. Local users can gain access to sensitive kernel memory. - CVE-2013-3231 Mathias Krause discovered an issue in the ANSI/IEEE 802.2 LLC type 2 protocol support. Local users can gain access to sensitive kernel memory. - CVE-2013-3234 Mathias Krause discovered an issue in the Amateur Radio X.25 PLP (Rose) protocol support. Local users can gain access to sensitive kernel memory. - CVE-2013-3235 Mathias Krause discovered an issue in the Transparent Inter Process Communication (TIPC) protocol support. Local users can gain access to sensitive kernel memory. - CVE-2013-3301 Namhyung Kim reported an issue in the tracing subsystem. A privileged local user could cause a denial of service (system crash). This vulnerabililty is not applicable to Debian systems by default.
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 66486
    published 2013-05-17
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=66486
    title Debian DSA-2669-1 : linux - privilege escalation/denial of service/information leak
packetstorm via4
redhat via4
advisories
bugzilla
id 962792
title CVE-2013-2094 kernel: perf_swevent_enabled array out-of-bound access
oval
AND
  • OR
    • comment Red Hat Enterprise Linux 6 Client is installed
      oval oval:com.redhat.rhba:tst:20111656001
    • comment Red Hat Enterprise Linux 6 Server is installed
      oval oval:com.redhat.rhba:tst:20111656002
    • comment Red Hat Enterprise Linux 6 Workstation is installed
      oval oval:com.redhat.rhba:tst:20111656003
    • comment Red Hat Enterprise Linux 6 ComputeNode is installed
      oval oval:com.redhat.rhba:tst:20111656004
  • OR
    • AND
      • comment kernel is earlier than 0:2.6.32-358.6.2.el6
        oval oval:com.redhat.rhsa:tst:20130830005
      • comment kernel is signed with Red Hat redhatrelease2 key
        oval oval:com.redhat.rhsa:tst:20100842006
    • AND
      • comment kernel-bootwrapper is earlier than 0:2.6.32-358.6.2.el6
        oval oval:com.redhat.rhsa:tst:20130830009
      • comment kernel-bootwrapper is signed with Red Hat redhatrelease2 key
        oval oval:com.redhat.rhsa:tst:20100842010
    • AND
      • comment kernel-debug is earlier than 0:2.6.32-358.6.2.el6
        oval oval:com.redhat.rhsa:tst:20130830013
      • comment kernel-debug is signed with Red Hat redhatrelease2 key
        oval oval:com.redhat.rhsa:tst:20100842012
    • AND
      • comment kernel-debug-devel is earlier than 0:2.6.32-358.6.2.el6
        oval oval:com.redhat.rhsa:tst:20130830019
      • comment kernel-debug-devel is signed with Red Hat redhatrelease2 key
        oval oval:com.redhat.rhsa:tst:20100842014
    • AND
      • comment kernel-devel is earlier than 0:2.6.32-358.6.2.el6
        oval oval:com.redhat.rhsa:tst:20130830015
      • comment kernel-devel is signed with Red Hat redhatrelease2 key
        oval oval:com.redhat.rhsa:tst:20100842016
    • AND
      • comment kernel-doc is earlier than 0:2.6.32-358.6.2.el6
        oval oval:com.redhat.rhsa:tst:20130830025
      • comment kernel-doc is signed with Red Hat redhatrelease2 key
        oval oval:com.redhat.rhsa:tst:20100842024
    • AND
      • comment kernel-firmware is earlier than 0:2.6.32-358.6.2.el6
        oval oval:com.redhat.rhsa:tst:20130830027
      • comment kernel-firmware is signed with Red Hat redhatrelease2 key
        oval oval:com.redhat.rhsa:tst:20100842026
    • AND
      • comment kernel-headers is earlier than 0:2.6.32-358.6.2.el6
        oval oval:com.redhat.rhsa:tst:20130830007
      • comment kernel-headers is signed with Red Hat redhatrelease2 key
        oval oval:com.redhat.rhsa:tst:20100842008
    • AND
      • comment kernel-kdump is earlier than 0:2.6.32-358.6.2.el6
        oval oval:com.redhat.rhsa:tst:20130830023
      • comment kernel-kdump is signed with Red Hat redhatrelease2 key
        oval oval:com.redhat.rhsa:tst:20100842018
    • AND
      • comment kernel-kdump-devel is earlier than 0:2.6.32-358.6.2.el6
        oval oval:com.redhat.rhsa:tst:20130830021
      • comment kernel-kdump-devel is signed with Red Hat redhatrelease2 key
        oval oval:com.redhat.rhsa:tst:20100842020
    • AND
      • comment perf is earlier than 0:2.6.32-358.6.2.el6
        oval oval:com.redhat.rhsa:tst:20130830017
      • comment perf is signed with Red Hat redhatrelease2 key
        oval oval:com.redhat.rhsa:tst:20100842022
    • AND
      • comment python-perf is earlier than 0:2.6.32-358.6.2.el6
        oval oval:com.redhat.rhsa:tst:20130830011
      • comment python-perf is signed with Red Hat redhatrelease2 key
        oval oval:com.redhat.rhsa:tst:20111530020
rhsa
id RHSA-2013:0830
released 2013-05-16
severity Important
title RHSA-2013:0830: kernel security update (Important)
rpms
  • kernel-0:2.6.32-358.6.2.el6
  • kernel-bootwrapper-0:2.6.32-358.6.2.el6
  • kernel-debug-0:2.6.32-358.6.2.el6
  • kernel-debug-devel-0:2.6.32-358.6.2.el6
  • kernel-devel-0:2.6.32-358.6.2.el6
  • kernel-doc-0:2.6.32-358.6.2.el6
  • kernel-firmware-0:2.6.32-358.6.2.el6
  • kernel-headers-0:2.6.32-358.6.2.el6
  • kernel-kdump-0:2.6.32-358.6.2.el6
  • kernel-kdump-devel-0:2.6.32-358.6.2.el6
  • perf-0:2.6.32-358.6.2.el6
  • python-perf-0:2.6.32-358.6.2.el6
refmap via4
confirm
exploit-db 33589
mandriva MDVSA-2013:176
misc
mlist
  • [CentOS-announce] 20130515 CentOS-6 CVE-2013-2094 Kernel Issue
  • [CentOS-announce] 20130517 CESA-2013:0830 Important CentOS 6 kernel Update
  • [linux-kernel] 20130412 Re: sw_perf_event_destroy() oops while fuzzing
  • [linux-kernel] 20130412 sw_perf_event_destroy() oops while fuzzing
  • [linux-kernel] 20130413 Re: sw_perf_event_destroy() oops while fuzzing
  • [oss-security] 20130514 Re: CVE Request: linux kernel perf out-of-bounds access
osvdb 93361
suse
  • SUSE-SU-2013:0819
  • openSUSE-SU-2013:0847
  • openSUSE-SU-2013:0925
  • openSUSE-SU-2013:0951
  • openSUSE-SU-2013:1042
ubuntu
  • USN-1825-1
  • USN-1826-1
  • USN-1827-1
  • USN-1828-1
  • USN-1836-1
  • USN-1838-1
the hacker news via4
Last major update 06-01-2017 - 21:59
Published 14-05-2013 - 16:55
Back to Top