Linux kernel fails to check all 64 bits of attr.config passed by user space, resulting to out-of-bounds access of the perf_swevent_enabled array in sw_perf_event_destroy(). Explotation allows for privilege escalation.
PoC: cve-2013-2094
original cve-2013-2094 exploit and a rewritten version for educational purposes
PoC: libperf_event_exploit
CVE-2013-2094 exploit for android
PoC: cve-2013-2094
CVE-2013-2094 kernel exploit for i386
PoC: CVE-2013-2094
CVE-2013-2094 Linux 2.6.32/2.6.37 - 3.8.10 PERF_EVENTS local root x86/x86_64
PoC: CVE-2013-2094
perf_swevent_init
Get alerted for CVEs like this
Register your stack and get notified within minutes when a matching CVE drops.
Start monitoring free