CVE Database · CVE-2013-2094
CVSS v3.1
8.4
EPSS
47.71%
Published
May 14, 2013
Modified
Apr 22, 2026
CISA Known Exploited Vulnerability
Added: 2022-09-15 · Due: 2022-10-06
Apply updates per vendor instructions.
Public PoC / Exploit (11)
All weaponized →Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.
Description
The perf_swevent_init function in kernel/events/core.c in the Linux kernel before 3.8.9 uses an incorrect integer data type, which allows local users to gain privileges via a crafted perf_event_open system call.
CVSS Vector
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HWeaknesses (CWE)
Affected Products (4)
References (20)