Blog

0day Vulnerability in Linux from 2.6.37 to 3.8.10

A newly discovered 0day vulnerability in Linux (versions 2.6.37 to 3.8.10) allows privilege escalation for regular users, affecting many distributions.

May 15, 2013

Dmytro

0day vulnerability Linux security privilege escalation patching sysctl

0day Vulnerability in Linux from Versions 2.6.37 to 3.8.10

A newly discovered 0day vulnerability in Linux (versions 2.6.37 to 3.8.10) allows privilege escalation for regular users, affecting many distributions such as CentOS 6.x and Debian 6.x. This can enable a regular user to execute certain code to gain superuser rights.

Mitigation Steps

Currently, not all operating systems have available patches. However, as a temporary measure, you can execute the following commands from your server’s command line:

echo kernel.perf_event_paranoid=2 >> /etc/sysctl.conf
echo kernel.perf_event_max_sample_rate=-1 >> /etc/sysctl.conf
sysctl -p

These changes take effect immediately without the need to restart the server.

Additional Resources

For reference and more information, you can check:

Need Help?

Our support team is available 24/7 to assist you with any questions or issues.

Contact Support