Format string vulnerability in the b43_request_firmware function in drivers/net/wireless/b43/main.c in the Broadcom B43 wireless driver in the Linux kernel through 3.9.4 allows local users to gain privileges by leveraging root access and including format string specifiers in an fwpostfix modprobe parameter, leading to improper construction of an error message.
http://lists.opensuse.org/opensuse-security-announce/2013-09/msg00003.html
http://lists.opensuse.org/opensuse-updates/2013-12/msg00129.html
http://rhn.redhat.com/errata/RHSA-2013-1051.html
http://rhn.redhat.com/errata/RHSA-2013-1450.html
http://www.debian.org/security/2013/dsa-2766
http://www.openwall.com/lists/oss-security/2013/06/06/13
http://www.ubuntu.com/usn/USN-1899-1
http://www.ubuntu.com/usn/USN-1900-1
http://www.ubuntu.com/usn/USN-1914-1
http://www.ubuntu.com/usn/USN-1915-1
http://www.ubuntu.com/usn/USN-1916-1
http://www.ubuntu.com/usn/USN-1917-1
http://www.ubuntu.com/usn/USN-1918-1
http://www.ubuntu.com/usn/USN-1919-1
http://www.ubuntu.com/usn/USN-1920-1
OR
cpe:2.3:o:linux:linux_kernel:3.9:rc1:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.9:rc2:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.9:rc3:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.9:rc4:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.9:rc5:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.9:rc6:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.9:rc7:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.9.0:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.9.1:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.9.2:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:3.9.3:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* versions up to 3.9.4 (inclusive)
ID | Name | Product | Family | Severity |
---|---|---|---|---|
99163 | OracleVM 3.3 : Unbreakable / etc (OVMSA-2017-0057) (Dirty COW) | Nessus | OracleVM Local Security Checks | critical |
83611 | SUSE SLES11 Security Update : kernel (SUSE-SU-2014:0287-1) | Nessus | SuSE Local Security Checks | high |
78974 | RHEL 6 : kernel (RHSA-2013:1450) | Nessus | Red Hat Local Security Checks | medium |
76665 | RHEL 6 : MRG (RHSA-2013:1264) | Nessus | Red Hat Local Security Checks | high |
74878 | openSUSE Security Update : kernel (openSUSE-SU-2013:1971-1) | Nessus | SuSE Local Security Checks | high |
70222 | Amazon Linux AMI : kernel (ALAS-2013-218) | Nessus | Amazon Linux Local Security Checks | high |
70200 | Debian DSA-2766-1 : linux-2.6 - privilege escalation/denial of service/information leak | Nessus | Debian Local Security Checks | medium |
70040 | SuSE 11.3 Security Update : Linux kernel (SAT Patch Numbers 8269 / 8270 / 8283) | Nessus | SuSE Local Security Checks | high |
69942 | Oracle Linux 5 / 6 : Unbreakable Enterprise Kernel (ELSA-2013-2546) | Nessus | Oracle Linux Local Security Checks | high |
69505 | Debian DSA-2745-1 : linux - privilege escalation/denial of service/information leak | Nessus | Debian Local Security Checks | high |
69419 | Ubuntu 12.04 LTS : linux-lts-raring vulnerabilities (USN-1936-1) | Nessus | Ubuntu Local Security Checks | high |
69127 | Ubuntu 13.04 : linux vulnerability (USN-1919-1) | Nessus | Ubuntu Local Security Checks | medium |
69126 | Ubuntu 12.10 : linux vulnerability (USN-1917-1) | Nessus | Ubuntu Local Security Checks | medium |
69125 | Ubuntu 12.04 LTS : linux-lts-raring vulnerability (USN-1916-1) | Nessus | Ubuntu Local Security Checks | medium |
69124 | Ubuntu 12.04 LTS : linux-lts-quantal vulnerability (USN-1915-1) | Nessus | Ubuntu Local Security Checks | medium |
69123 | Ubuntu 12.04 LTS : linux vulnerability (USN-1914-1) | Nessus | Ubuntu Local Security Checks | medium |
68978 | Oracle Linux 5 / 6 : Unbreakable Enterprise kernel (ELSA-2013-2538) | Nessus | Oracle Linux Local Security Checks | high |
68977 | Oracle Linux 5 / 6 : Unbreakable Enterprise kernel (ELSA-2013-2537) | Nessus | Oracle Linux Local Security Checks | medium |
68945 | Scientific Linux Security Update : kernel on SL6.x i386/x86_64 (20130716) | Nessus | Scientific Linux Local Security Checks | high |
68940 | CentOS 6 : kernel (CESA-2013:1051) | Nessus | CentOS Local Security Checks | high |
68921 | RHEL 6 : kernel (RHSA-2013:1051) | Nessus | Red Hat Local Security Checks | high |
68920 | Oracle Linux 6 : kernel (ELSA-2013-1051) | Nessus | Oracle Linux Local Security Checks | high |
67351 | Fedora 17 : kernel-3.9.8-100.fc17 (2013-9123) | Nessus | Fedora Local Security Checks | high |
67285 | Fedora 18 : kernel-3.9.5-201.fc18 (2013-10695) | Nessus | Fedora Local Security Checks | high |
67284 | Fedora 19 : kernel-3.9.5-301.fc19 (2013-10689) | Nessus | Fedora Local Security Checks | medium |
67254 | Mandriva Linux Security Advisory : kernel (MDVSA-2013:194) | Nessus | Mandriva Local Security Checks | high |
67191 | Ubuntu 10.04 LTS : linux-ec2 vulnerabilities (USN-1900-1) | Nessus | Ubuntu Local Security Checks | medium |
67190 | Ubuntu 10.04 LTS : linux vulnerabilities (USN-1899-1) | Nessus | Ubuntu Local Security Checks | medium |