Last updated: 
2 months 2 weeks ago
Blog Manager
We are the Computer Security and Incident Response Team (CSIRT) for the Janet network. Part of Jisc's Security Operations Centre, our mission is to safeguard the current and future network security of Janet (steering the security policies for all Janet connections) and of our customers, creating a secure environment to conduct your online activities. Our primary function is monitor and resolve any security incidents that occur on the Janet network, with specialists tracking a range of platforms, including Unix, Linux and Windows.

Critical Linux Kernel vulnerability allows local users to escalate privileges (CVE-2013-2094)

Thursday, May 16, 2013 - 10:35

CVE-2013-2094

Please note that a high-severity exploit was made publicly available on Tuesday.

This Critical Linux Kernel vulnerability allows local users to gain privileges via a crafted perf_event_open system call. Details of this exploit, its severity and impact are available here:

http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-2094

Technical details: https://bugzilla.redhat.com/show_bug.cgi?id=962792

This exploit is confirmed to work on many major Linux distributions, and systems administrators are urged to update to patched kernels as soon as they are released.