cve/2011/CVE-2011-2905.md

CVE-2011-2905

Description

Untrusted search path vulnerability in the perf_config function in tools/perf/util/config.c in perf, as distributed in the Linux kernel before 3.1, allows local users to overwrite arbitrary files via a crafted config file in the current working directory.

POC

Reference

• http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.1

Github

No PoCs found on GitHub currently.