The perf_swevent_init function in kernel/events/core.c in...
High severity
Unreviewed
Published
May 17, 2022
to the GitHub Advisory Database
•
Updated Feb 10, 2023
Description
Published by the National Vulnerability Database
May 14, 2013
Published to the GitHub Advisory Database
May 17, 2022
Last updated
Feb 10, 2023
The perf_swevent_init function in kernel/events/core.c in the Linux kernel before 3.8.9 uses an incorrect integer data type, which allows local users to gain privileges via a crafted perf_event_open system call.
References