CVE-2013-4254

The validate_event function in arch/arm/kernel/perf_event.c in the Linux kernel before 3.10.8 on the ARM platform allows local users to gain privileges or cause a denial of service (NULL pointer dereference and system crash) by adding a hardware event to an event group led by a software event.

CVSS v2.0 6.9 MEDIUM

6.9^/10

CVSS v2.0 : MEDIUM

Vector : AV:L/AC:M/Au:N/C:C/I:C/A:C

Exploitability : 3.4 / Impact : 10.0

Access Vector LOCAL

Access Complexity MEDIUM

Authentication NONE

Confidentiality Impact COMPLETE

Integrity Impact COMPLETE

Availability Impact COMPLETE

References

Link	Resource
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=c95eb3184ea1a3a2551df57190c81da695e2144b
http://secunia.com/advisories/54494
http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.10.8
http://www.openwall.com/lists/oss-security/2013/08/16/6
http://www.ubuntu.com/usn/USN-1968-1
http://www.ubuntu.com/usn/USN-1969-1
http://www.ubuntu.com/usn/USN-1970-1
http://www.ubuntu.com/usn/USN-1971-1
http://www.ubuntu.com/usn/USN-1972-1
http://www.ubuntu.com/usn/USN-1973-1
http://www.ubuntu.com/usn/USN-1974-1
http://www.ubuntu.com/usn/USN-1975-1
https://bugzilla.redhat.com/show_bug.cgi?id=998878
https://github.com/torvalds/linux/commit/c95eb3184ea1a3a2551df57190c81da695e2144b	Patch

Configurations

Configuration 1 (hide)

OR	cpe:2.3:o:linux:linux_kernel:::::::arm64:*
	cpe:2.3:o:linux:linux_kernel:3.10.0::::::arm64:
	cpe:2.3:o:linux:linux_kernel:3.10.1::::::arm64:
	cpe:2.3:o:linux:linux_kernel:3.10.2::::::arm64:
	cpe:2.3:o:linux:linux_kernel:3.10.3::::::arm64:
	cpe:2.3:o:linux:linux_kernel:3.10.4::::::arm64:
	cpe:2.3:o:linux:linux_kernel:3.10.5::::::arm64:
	cpe:2.3:o:linux:linux_kernel:3.10.6::::::arm64:

History

No history.

Information

Published : 2013-08-25 03:27

Updated : 2024-02-28 12:00

NVD link : CVE-2013-4254

Mitre link : CVE-2013-4254

CVE.ORG link : CVE-2013-4254

JSON object : View

Products Affected

linux

linux_kernel

CWE

CWE-20

Improper Input Validation

{"id": "CVE-2013-4254", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 6.9, "accessVector": "LOCAL", "vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C", "authentication": "NONE", "integrityImpact": "COMPLETE", "accessComplexity": "MEDIUM", "availabilityImpact": "COMPLETE", "confidentialityImpact": "COMPLETE"}, "acInsufInfo": false, "impactScore": 10.0, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 3.4, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2013-08-25T03:27:32.987", "references": [{"url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=c95eb3184ea1a3a2551df57190c81da695e2144b", "source": "secalert@redhat.com"}, {"url": "http://secunia.com/advisories/54494", "source": "secalert@redhat.com"}, {"url": "http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.10.8", "source": "secalert@redhat.com"}, {"url": "http://www.openwall.com/lists/oss-security/2013/08/16/6", "source": "secalert@redhat.com"}, {"url": "http://www.ubuntu.com/usn/USN-1968-1", "source": "secalert@redhat.com"}, {"url": "http://www.ubuntu.com/usn/USN-1969-1", "source": "secalert@redhat.com"}, {"url": "http://www.ubuntu.com/usn/USN-1970-1", "source": "secalert@redhat.com"}, {"url": "http://www.ubuntu.com/usn/USN-1971-1", "source": "secalert@redhat.com"}, {"url": "http://www.ubuntu.com/usn/USN-1972-1", "source": "secalert@redhat.com"}, {"url": "http://www.ubuntu.com/usn/USN-1973-1", "source": "secalert@redhat.com"}, {"url": "http://www.ubuntu.com/usn/USN-1974-1", "source": "secalert@redhat.com"}, {"url": "http://www.ubuntu.com/usn/USN-1975-1", "source": "secalert@redhat.com"}, {"url": "https://bugzilla.redhat.com/show_bug.cgi?id=998878", "source": "secalert@redhat.com"}, {"url": "https://github.com/torvalds/linux/commit/c95eb3184ea1a3a2551df57190c81da695e2144b", "tags": ["Patch"], "source": "secalert@redhat.com"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-20"}]}], "descriptions": [{"lang": "en", "value": "The validate_event function in arch/arm/kernel/perf_event.c in the Linux kernel before 3.10.8 on the ARM platform allows local users to gain privileges or cause a denial of service (NULL pointer dereference and system crash) by adding a hardware event to an event group led by a software event."}, {"lang": "es", "value": "La funci\u00f3n validate_event en arch/arm/kernel/perf_event.c en Linux kernel anterior a v3.10.8 en plataformas ARM permite a usuarios locales conseguir privilegios o causar una denegaci\u00f3n de servicio (referencia a un puntero NULL y ca\u00edda del sistema) a\u00f1adiendo un evento de hardware para un grupo de eventos encabezada por un evento de software."}], "lastModified": "2023-02-13T04:45:10.773", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:arm64:*", "vulnerable": true, "matchCriteriaId": "FEDB8FE7-327F-45FB-8C4B-9D17B22CC444", "versionEndIncluding": "3.10.7"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:3.10.0:*:*:*:*:*:arm64:*", "vulnerable": true, "matchCriteriaId": "C8409226-20A1-4549-9E11-6D0C3C38DCCE"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:3.10.1:*:*:*:*:*:arm64:*", "vulnerable": true, "matchCriteriaId": "77482843-364E-471F-A909-F373376FAEF5"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:3.10.2:*:*:*:*:*:arm64:*", "vulnerable": true, "matchCriteriaId": "7E0221EF-13B8-42A2-8CEB-B95BDA2A2F5F"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:3.10.3:*:*:*:*:*:arm64:*", "vulnerable": true, "matchCriteriaId": "4F8A1100-F68D-4352-AB8D-B40AD97AE0EC"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:3.10.4:*:*:*:*:*:arm64:*", "vulnerable": true, "matchCriteriaId": "991EF15A-B6DD-4D7F-87B5-144ED86642DF"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:3.10.5:*:*:*:*:*:arm64:*", "vulnerable": true, "matchCriteriaId": "DDA334EC-14D7-4220-ABBE-6D091A4EE374"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:3.10.6:*:*:*:*:*:arm64:*", "vulnerable": true, "matchCriteriaId": "A76A48F9-591E-4884-B758-A8E438ECC9C1"}], "operator": "OR"}]}], "sourceIdentifier": "secalert@redhat.com"}