Oval Definition:	oval:com.ubuntu.precise:def:20132930000
Revision Date: 2013-12-09 Version: 1 Title: CVE-2013-2930 on Ubuntu 12.04 LTS (precise) - medium. Description: The perf_trace_event_perm function in kernel/trace/trace_event_perf.c in the Linux kernel before 3.12.2 does not properly restrict access to the perf subsystem, which allows local users to enable function tracing via a crafted application. Dave Jones and Vince Weaver reported a flaw in the Linux kernel's per event subsystem that allows normal users to enable function tracing. An unprivileged local user could exploit this flaw to obtain potentially sensitive information from the kernel. Family: unix Class: vulnerability Status: Reference(s): CVE-2013-2930 Platform(s): Ubuntu 12.04 LTS Product(s): Definition Synopsis Ubuntu 12.04 LTS (precise) is installed. AND Package Information NOT While related to the CVE in some way, the 'linux' package in precise is not affected. OR NOT While related to the CVE in some way, the 'linux-armadaxp' package in precise is not affected. OR While related to the CVE in some way, a decision has been made to ignore it (note: 'abandoned'). OR While related to the CVE in some way, a decision has been made to ignore it (note: 'abandoned'). OR While related to the CVE in some way, a decision has been made to ignore it (note: 'abandoned'). OR The 'linux-lts-quantal' package in precise was vulnerable but has been fixed (note: '3.5.0-45.68~precise1'). OR The 'linux-lts-raring' package in precise was vulnerable but has been fixed (note: '3.8.0-36.52~precise1'). OR The 'linux-lts-saucy' package in precise was vulnerable but has been fixed (note: '3.11.0-15.23~precise1'). OR NOT While related to the CVE in some way, the 'linux-lts-trusty' package in precise is not affected (note: '3.13.0-24.46~precise1'). OR While related to the CVE in some way, a decision has been made to ignore it (note: 'abandoned'). OR NOT While related to the CVE in some way, the 'linux-ti-omap4' package in precise is not affected.
BACK