Published: 17/09/2009 Updated: 19/03/2012

CVSS v2 Base Score: 4.9 | Impact Score: 6.9 | Exploitability Score: 3.9

VMScore: 495

Vector: AV:L/AC:L/Au:N/C:N/I:N/A:C

Buffer overflow in the perf_copy_attr function in kernel/perf_counter.c in the Linux kernel 2.6.31-rc1 allows local users to cause a denial of service (crash) and execute arbitrary code via a "big size data" to the perf_counter_open system call.

Vulnerable Product	Search on Vulmon	Subscribe to Product
linux linux kernel 2.6.31

source: wwwsecurityfocuscom/bid/36423/info The Linux kernel is prone to a local buffer-overflow vulnerability because it fails to perform adequate boundary checks on user-supplied data Local attackers may be able to exploit this issue to run arbitrary code with elevated privileges Failed exploit attempts may crash the affected kernel, ...

A Guide to Kernel Exploitation: Attacking the Core 翻译

A Guide to Kernel Exploitation: Attacking the Core 翻译 ! 20193 开始更新 ! 我没有版权，我没有版权，我没有版权！翻译目的纯粹是为了和大家分享和交流目录序言前言感谢关于作者关于技术编辑第一部分内核的一次旅程第一章从用户地址到内核地址的攻击介绍介绍内核和内核漏洞的世界 �

CWE-119 http://article.gmane.org/gmane.linux.kernel/890654 http://www.securityfocus.com/bid/36423 http://www.openwall.com/lists/oss-security/2009/09/16/1 http://www.openwall.com/lists/oss-security/2009/09/17/13 https://nvd.nist.gov https://github.com/alvas/A-Guide-to-Kernel-Exploitation-Attacking-the-Core https://www.exploit-db.com/exploits/33228/

CVE-2009-3234

Vulnerability Summary

Exploits

Github Repositories

References

Vulmon Search

About

Products

Connect