AZL-34322

See a problem?

Import Source

https://github.com/microsoft/AzureLinuxVulnerabilityData/blob/main/osv/AZL-34322.json

JSON Data

https://api.test.osv.dev/v1/vulns/AZL-34322

Upstream

CVE-2013-2094

Published

2013-05-14T20:55:01Z

Modified

2026-04-01T05:11:25.373566Z

Summary

CVE-2013-2094 affecting package kernel for versions less than 5.15.153.1-1

Details

The perfsweventinit function in kernel/events/core.c in the Linux kernel before 3.8.9 uses an incorrect integer data type, which allows local users to gain privileges via a crafted perfeventopen system call.

References

https://nvd.nist.gov/vuln/detail/CVE-2013-2094

Affected packages

Azure Linux:2 / kernel

Package

Name: kernel
Purl: pkg:rpm/azure-linux/kernel

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

5.15.153.1-1

Database specific

source

"https://github.com/microsoft/AzureLinuxVulnerabilityData/blob/main/osv/AZL-34322.json"