製品・ソフトウェアに関する情報

JVN脆弱性詳細

Linux Kernel の kernel/events/core.c における権限を取得される脆弱性

Title	Linux Kernel の kernel/events/core.c における権限を取得される脆弱性
Summary	Linux Kernel の kernel/events/core.c 内の perf_swevent_init 関数は、不適切な整数データ型を使用するため、権限を取得される脆弱性が存在します。
Possible impacts	ローカルユーザにより、巧妙に細工された perf_event_open システムコールを介して、権限を取得される可能性があります。
Solution	ベンダより正式な対策が公開されています。ベンダ情報を参照して適切な対策を実施してください。
Publication Date	April 25, 2013, midnight
Registration Date	May 15, 2013, 5:50 p.m.
Last Update	July 5, 2013, 11:44 a.m.

CVSS2.0 : 危険
Score	7.2
Vector	AV:L/AC:L/Au:N/C:C/I:C/A:C

Affected System

Linux

Linux Kernel 3.8.9 未満

CVE (情報セキュリティ共通脆弱性識別子)

No	Name	URL
Common Vulnerabilities and Exposures (CVE)
1	CVE-2013-2094	http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2094
National Vulnerability Database (NVD)
2	CVE-2013-2094	http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-2094
Ubuntu
3	CVE-2013-2094 in Ubuntu	http://people.canonical.com/~ubuntu-security/cve/2013/CVE-2013-2094.html

CWE (共通脆弱性タイプ一覧)

No	Name	URL
JVNDB
1	CWE-189	https://jvndb.jvn.jp/ja/cwe/CWE-189.html

ベンダー情報

No	Name	URL
CentOS-announce
1	CentOS-6 CVE-2013-2094 Kernel Issue	http://lists.centos.org/pipermail/centos-announce/2013-May/019729.html
2	CESA-2013:0830 Important CentOS 6 kernel Update	http://lists.centos.org/pipermail/centos-announce/2013-May/019733.html
ChangeLog
3	ChangeLog-3.8.9	https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.8.9
Debian Security Advisory
4	DSA-2669-1 linux -- privilege escalation/denial of service/information leak	http://www.debian.org/security/2013/dsa-2669
GitHub
5	perf: Treat attr.config as u64 in perf_swevent_init()	https://github.com/torvalds/linux/commit/8176cced706b5e5d15887584150764894e94e02f
Linux Kernel
6	Linux Kernel Archives	http://www.kernel.org
7	perf: Treat attr.config as u64 in perf_swevent_init()	http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=8176cced706b5e5d15887584150764894e94e02f
opensuse-security-announce
8	openSUSE-SU-2013:0847	http://lists.opensuse.org/opensuse-security-announce/2013-05/msg00018.html
9	openSUSE-SU-2013:0925	http://lists.opensuse.org/opensuse-security-announce/2013-06/msg00005.html
10	openSUSE-SU-2013:0951	http://lists.opensuse.org/opensuse-security-announce/2013-06/msg00009.html
11	SUSE-SU-2013:0819	http://lists.opensuse.org/opensuse-security-announce/2013-05/msg00008.html
Red Hat Bugzilla
12	Bug 962792	https://bugzilla.redhat.com/show_bug.cgi?id=962792
Red Hat Security Advisory
13	RHSA-2013:0830 Important: kernel security update	https://rhn.redhat.com/errata/RHSA-2013-0830.html
Ubuntu Security Notice
14	USN-1825-1	http://www.ubuntu.com/usn/USN-1825-1
15	USN-1826-1	http://www.ubuntu.com/usn/USN-1826-1
16	USN-1827-1	http://www.ubuntu.com/usn/USN-1827-1
17	USN-1828-1	http://www.ubuntu.com/usn/USN-1828-1
18	USN-1836-1	http://www.ubuntu.com/usn/USN-1836-1
19	USN-1838-1	http://www.ubuntu.com/usn/USN-1838-1

その他

No	Name	URL
JVN
1	JVNVU#98369979	http://jvn.jp/cert/JVNVU98369979/
US-CERT Vulnerability Note
2	VU#774103	http://www.kb.cert.org/vuls/id/774103

Change Log

No	Changed Details	Date of change
0	[2013年05月15日] 掲載 [2013年05月21日] ベンダ情報：CentOS Project (CESA-2013:0830 Important CentOS 6 kernel Update) を追加ベンダ情報：Debian (DSA-2669-1 linux -- privilege escalation/denial of service/information leak) を追加ベンダ情報：Ubuntu (CVE-2013-2094 in Ubuntu) を追加ベンダ情報：レッドハット (RHSA-2013:0830 Important: kernel security update) を追加 [2013年06月03日] ベンダ情報：CentOS Project (CentOS-6 CVE-2013-2094 Kernel Issue) を追加ベンダ情報：openSUSE (SUSE-SU-2013:0819) を追加ベンダ情報：Ubuntu (USN-1828-1) を追加ベンダ情報：Ubuntu (USN-1827-1) を追加ベンダ情報：Ubuntu (USN-1826-1) を追加ベンダ情報：Ubuntu (USN-1825-1) を追加 [2013年06月21日] ベンダ情報：openSUSE (openSUSE-SU-2013:0847) を追加 [2013年07月05日] ベンダ情報：Ubuntu (USN-1838-1) を追加ベンダ情報：Ubuntu (USN-1836-1) を追加ベンダ情報：openSUSE (openSUSE-SU-2013:0951) を追加ベンダ情報：openSUSE (openSUSE-SU-2013:0925) を追加	Feb. 17, 2018, 10:37 a.m.

NVD Vulnerability Information

CVE-2013-2094

Summary	The perf_swevent_init function in kernel/events/core.c in the Linux kernel before 3.8.9 uses an incorrect integer data type, which allows local users to gain privileges via a crafted perf_event_open system call.
Publication Date	May 15, 2013, 5:55 a.m.
Registration Date	Jan. 26, 2021, 3:37 p.m.
Last Update	Nov. 21, 2024, 10:51 a.m.

Affected software configurations

Configuration1	or higher	or less	more than	less than
cpe:2.3:o:linux:linux_kernel::::::::	3.1			3.2.45
cpe:2.3:o:linux:linux_kernel::::::::	3.3			3.4.42
cpe:2.3:o:linux:linux_kernel::::::::	3.5			3.8.9
cpe:2.3:o:linux:linux_kernel::::::::				3.0.75

Related information, measures and tools

No	URL	タグ
1	http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=8176cced706b5e5d15887584150764894e94e02f	Not Applicable
2	http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=8176cced706b5e5d15887584150764894e94e02f	Not Applicable
3	http://lists.centos.org/pipermail/centos-announce/2013-May/019729.html	Third Party Advisory VDB Entry
4	http://lists.centos.org/pipermail/centos-announce/2013-May/019729.html	Third Party Advisory VDB Entry
5	http://lists.centos.org/pipermail/centos-announce/2013-May/019733.html	Third Party Advisory VDB Entry
6	http://lists.centos.org/pipermail/centos-announce/2013-May/019733.html	Third Party Advisory VDB Entry
7	http://lists.opensuse.org/opensuse-security-announce/2013-05/msg00008.html	Third Party Advisory VDB Entry
8	http://lists.opensuse.org/opensuse-security-announce/2013-05/msg00008.html	Third Party Advisory VDB Entry
9	http://lists.opensuse.org/opensuse-security-announce/2013-05/msg00018.html	Third Party Advisory VDB Entry
10	http://lists.opensuse.org/opensuse-security-announce/2013-05/msg00018.html	Third Party Advisory VDB Entry
11	http://lists.opensuse.org/opensuse-security-announce/2013-06/msg00005.html	Third Party Advisory VDB Entry
12	http://lists.opensuse.org/opensuse-security-announce/2013-06/msg00005.html	Third Party Advisory VDB Entry
13	http://lists.opensuse.org/opensuse-security-announce/2013-06/msg00009.html	Third Party Advisory VDB Entry
14	http://lists.opensuse.org/opensuse-security-announce/2013-06/msg00009.html	Third Party Advisory VDB Entry
15	http://lists.opensuse.org/opensuse-security-announce/2013-06/msg00017.html	Third Party Advisory VDB Entry
16	http://lists.opensuse.org/opensuse-security-announce/2013-06/msg00017.html	Third Party Advisory VDB Entry
17	http://lkml.indiana.edu/hypermail/linux/kernel/1304.1/03652.html	Third Party Advisory VDB Entry
18	http://lkml.indiana.edu/hypermail/linux/kernel/1304.1/03652.html	Third Party Advisory VDB Entry
19	http://lkml.indiana.edu/hypermail/linux/kernel/1304.1/03976.html	Third Party Advisory VDB Entry
20	http://lkml.indiana.edu/hypermail/linux/kernel/1304.1/03976.html	Third Party Advisory VDB Entry
21	http://lkml.indiana.edu/hypermail/linux/kernel/1304.1/04302.html	Third Party Advisory
22	http://lkml.indiana.edu/hypermail/linux/kernel/1304.1/04302.html	Third Party Advisory
23	http://news.ycombinator.com/item?id=5703758	Third Party Advisory
24	http://news.ycombinator.com/item?id=5703758	Third Party Advisory
25	http://packetstormsecurity.com/files/121616/semtex.c	Exploit Third Party Advisory VDB Entry
26	http://packetstormsecurity.com/files/121616/semtex.c	Exploit Third Party Advisory VDB Entry
27	http://rhn.redhat.com/errata/RHSA-2013-0830.html	Third Party Advisory
28	http://rhn.redhat.com/errata/RHSA-2013-0830.html	Third Party Advisory
29	http://twitter.com/djrbliss/statuses/334301992648331267	Patch
30	http://twitter.com/djrbliss/statuses/334301992648331267	Patch
31	http://www.exploit-db.com/exploits/33589	Third Party Advisory VDB Entry
32	http://www.exploit-db.com/exploits/33589	Third Party Advisory VDB Entry
33	http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.8.9	Not Applicable
34	http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.8.9	Not Applicable
35	http://www.mandriva.com/security/advisories?name=MDVSA-2013:176	Mailing List Third Party Advisory
36	http://www.mandriva.com/security/advisories?name=MDVSA-2013:176	Mailing List Third Party Advisory
37	http://www.openwall.com/lists/oss-security/2013/05/14/6	Mailing List Third Party Advisory
38	http://www.openwall.com/lists/oss-security/2013/05/14/6	Mailing List Third Party Advisory
39	http://www.osvdb.org/93361	Broken Link
40	http://www.osvdb.org/93361	Broken Link
41	http://www.reddit.com/r/netsec/comments/1eb9iw	Third Party Advisory
42	http://www.reddit.com/r/netsec/comments/1eb9iw	Third Party Advisory
43	http://www.ubuntu.com/usn/USN-1825-1	Third Party Advisory
44	http://www.ubuntu.com/usn/USN-1825-1	Third Party Advisory
45	http://www.ubuntu.com/usn/USN-1826-1	Third Party Advisory
46	http://www.ubuntu.com/usn/USN-1826-1	Third Party Advisory
47	http://www.ubuntu.com/usn/USN-1827-1	Third Party Advisory
48	http://www.ubuntu.com/usn/USN-1827-1	Third Party Advisory
49	http://www.ubuntu.com/usn/USN-1828-1	Third Party Advisory
50	http://www.ubuntu.com/usn/USN-1828-1	Third Party Advisory
51	http://www.ubuntu.com/usn/USN-1836-1	Third Party Advisory
52	http://www.ubuntu.com/usn/USN-1836-1	Third Party Advisory
53	http://www.ubuntu.com/usn/USN-1838-1	Third Party Advisory
54	http://www.ubuntu.com/usn/USN-1838-1	Third Party Advisory
55	https://bugzilla.redhat.com/show_bug.cgi?id=962792	Issue Tracking
56	https://bugzilla.redhat.com/show_bug.cgi?id=962792	Issue Tracking
57	https://github.com/torvalds/linux/commit/8176cced706b5e5d15887584150764894e94e02f	Third Party Advisory
58	https://github.com/torvalds/linux/commit/8176cced706b5e5d15887584150764894e94e02f	Third Party Advisory

Common Vulnerabilities List

No	CWE	Name	URL
1	CWE-189	数値処理の問題	https://cwe.mitre.org/data/definitions/189.html