Red Hat Bugzilla – Bug 998878
CVE-2013-4254 Kernel: ARM: perf: NULL pointer dereference in validate_event
Last modified: 2016-03-04 07:48:01 EST
Linux kernel built for the ARM(CONFIG_ARM/CONFIG_ARM64) platforms along with the
hardware performance counter support(CONFIG_HW_PERF_EVENTS) is vulnerable to a
NULL pointer dereference flaw. This could lead to the kernel crash resulting in
DoS or potential privilege escalation to gain root privileges by a non-root user.
An unprivileged user/program could use this flaw to crash the kernel resulting
in DoS or potential privilege escalation to gain root access to a machine.
This issue does not affect the versions of the kernel package as shipped with Red Hat Enterprise Linux 5, 6 and Red Hat Enterprise MRG 2.
Created kernel tracking bugs for this issue:
Affects: fedora-all [bug 998881]
A better pointer to the fix is probably this:
kernel-3.10.9-100.fc18 has been pushed to the Fedora 18 stable repository. If problems still persist, please make note of it in this bug report.
kernel-3.10.9-200.fc19 has been pushed to the Fedora 19 stable repository. If problems still persist, please make note of it in this bug report.