Описание
The perf_trace_event_perm function in kernel/trace/trace_event_perf.c in the Linux kernel before 3.12.2 does not properly restrict access to the perf subsystem, which allows local users to enable function tracing via a crafted application.
Отчет
This issue does not affect the version of the kernel package as shipped with Red Hat Enterprise Linux 5 and 6.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 5 | kernel | Not affected | ||
| Red Hat Enterprise Linux 6 | kernel | Not affected | ||
| Red Hat Enterprise Linux 7 | kernel | Not affected | ||
| Red Hat Enterprise MRG 2 | kernel-rt | Fixed | RHSA-2014:0100 | 28.01.2014 |
Показывать по
Дополнительная информация
Статус:
EPSS
4.7 Medium
CVSS2
Связанные уязвимости
The perf_trace_event_perm function in kernel/trace/trace_event_perf.c in the Linux kernel before 3.12.2 does not properly restrict access to the perf subsystem, which allows local users to enable function tracing via a crafted application.
The perf_trace_event_perm function in kernel/trace/trace_event_perf.c in the Linux kernel before 3.12.2 does not properly restrict access to the perf subsystem, which allows local users to enable function tracing via a crafted application.
The perf_trace_event_perm function in kernel/trace/trace_event_perf.c ...
The perf_trace_event_perm function in kernel/trace/trace_event_perf.c in the Linux kernel before 3.12.2 does not properly restrict access to the perf subsystem, which allows local users to enable function tracing via a crafted application.
ELSA-2014-3070: Unbreakable Enterprise kernel security and bug fix update (IMPORTANT)
EPSS
4.7 Medium
CVSS2