The perf_swevent_init function in kernel/events/core.c in the Linux kernel before 3.8.9 uses an incorrect integer data type, which allows local users to gain privileges via a crafted perf_event_open system call.
A vulnerability was discovered using fuzzing in linux kernels 2.6.37 till 3.8.9. The vulenrability requires the kernel to be compiled with PERF_EVENTS, but unfortunately that seems the case for quite some linux distributions. CentOS even backported the vulnerability to 2.6.32.
Impact : local privilege escalation, and exploit code is readily available.
Ref : https://isc.sans.edu/diary/CVE-2013-2094+Linux+privilege+escalation/15803
Ref : http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-2094
