CVE-2013-2852

MEDIUM

Description

Format string vulnerability in the b43_request_firmware function in drivers/net/wireless/b43/main.c in the Broadcom B43 wireless driver in the Linux kernel through 3.9.4 allows local users to gain privileges by leveraging root access and including format string specifiers in an fwpostfix modprobe parameter, leading to improper construction of an error message.

References

http://git.kernel.org/cgit/linux/kernel/git/linville/wireless.git/commit/?id=9538cbaab6e8b8046039b4b2eb6c9d614dc782bd

http://lists.opensuse.org/opensuse-security-announce/2013-09/msg00003.html

http://lists.opensuse.org/opensuse-updates/2013-12/msg00129.html

http://rhn.redhat.com/errata/RHSA-2013-1051.html

http://rhn.redhat.com/errata/RHSA-2013-1450.html

http://www.debian.org/security/2013/dsa-2766

http://www.openwall.com/lists/oss-security/2013/06/06/13

http://www.ubuntu.com/usn/USN-1899-1

http://www.ubuntu.com/usn/USN-1900-1

http://www.ubuntu.com/usn/USN-1914-1

http://www.ubuntu.com/usn/USN-1915-1

http://www.ubuntu.com/usn/USN-1916-1

http://www.ubuntu.com/usn/USN-1917-1

http://www.ubuntu.com/usn/USN-1918-1

http://www.ubuntu.com/usn/USN-1919-1

http://www.ubuntu.com/usn/USN-1920-1

http://www.ubuntu.com/usn/USN-1930-1

https://bugzilla.redhat.com/show_bug.cgi?id=969518

Details

Source: MITRE

Published: 2013-06-07

Updated: 2017-11-18

Type: CWE-134

Risk Information

CVSS v2.0

Base Score: 6.9

Vector: AV:L/AC:M/Au:N/C:C/I:C/A:C

Impact Score: 10

Exploitability Score: 3.4

Severity: MEDIUM

Vulnerable Software

Configuration 1

OR

cpe:2.3:o:linux:linux_kernel:3.9:rc1:*:*:*:*:*:*

cpe:2.3:o:linux:linux_kernel:3.9:rc2:*:*:*:*:*:*

cpe:2.3:o:linux:linux_kernel:3.9:rc3:*:*:*:*:*:*

cpe:2.3:o:linux:linux_kernel:3.9:rc4:*:*:*:*:*:*

cpe:2.3:o:linux:linux_kernel:3.9:rc5:*:*:*:*:*:*

cpe:2.3:o:linux:linux_kernel:3.9:rc6:*:*:*:*:*:*

cpe:2.3:o:linux:linux_kernel:3.9:rc7:*:*:*:*:*:*

cpe:2.3:o:linux:linux_kernel:3.9.0:*:*:*:*:*:*:*

cpe:2.3:o:linux:linux_kernel:3.9.1:*:*:*:*:*:*:*

cpe:2.3:o:linux:linux_kernel:3.9.2:*:*:*:*:*:*:*

cpe:2.3:o:linux:linux_kernel:3.9.3:*:*:*:*:*:*:*

cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* versions up to 3.9.4 (inclusive)

Tenable Plugins

View all (28 total)

IDNameProductFamilySeverity
99163OracleVM 3.3 : Unbreakable / etc (OVMSA-2017-0057) (Dirty COW)NessusOracleVM Local Security Checks
critical
83611SUSE SLES11 Security Update : kernel (SUSE-SU-2014:0287-1)NessusSuSE Local Security Checks
high
78974RHEL 6 : kernel (RHSA-2013:1450)NessusRed Hat Local Security Checks
medium
76665RHEL 6 : MRG (RHSA-2013:1264)NessusRed Hat Local Security Checks
high
74878openSUSE Security Update : kernel (openSUSE-SU-2013:1971-1)NessusSuSE Local Security Checks
high
70222Amazon Linux AMI : kernel (ALAS-2013-218)NessusAmazon Linux Local Security Checks
high
70200Debian DSA-2766-1 : linux-2.6 - privilege escalation/denial of service/information leakNessusDebian Local Security Checks
medium
70040SuSE 11.3 Security Update : Linux kernel (SAT Patch Numbers 8269 / 8270 / 8283)NessusSuSE Local Security Checks
high
69942Oracle Linux 5 / 6 : Unbreakable Enterprise Kernel (ELSA-2013-2546)NessusOracle Linux Local Security Checks
high
69505Debian DSA-2745-1 : linux - privilege escalation/denial of service/information leakNessusDebian Local Security Checks
high
69419Ubuntu 12.04 LTS : linux-lts-raring vulnerabilities (USN-1936-1)NessusUbuntu Local Security Checks
high
69127Ubuntu 13.04 : linux vulnerability (USN-1919-1)NessusUbuntu Local Security Checks
medium
69126Ubuntu 12.10 : linux vulnerability (USN-1917-1)NessusUbuntu Local Security Checks
medium
69125Ubuntu 12.04 LTS : linux-lts-raring vulnerability (USN-1916-1)NessusUbuntu Local Security Checks
medium
69124Ubuntu 12.04 LTS : linux-lts-quantal vulnerability (USN-1915-1)NessusUbuntu Local Security Checks
medium
69123Ubuntu 12.04 LTS : linux vulnerability (USN-1914-1)NessusUbuntu Local Security Checks
medium
68978Oracle Linux 5 / 6 : Unbreakable Enterprise kernel (ELSA-2013-2538)NessusOracle Linux Local Security Checks
high
68977Oracle Linux 5 / 6 : Unbreakable Enterprise kernel (ELSA-2013-2537)NessusOracle Linux Local Security Checks
medium
68945Scientific Linux Security Update : kernel on SL6.x i386/x86_64 (20130716)NessusScientific Linux Local Security Checks
high
68940CentOS 6 : kernel (CESA-2013:1051)NessusCentOS Local Security Checks
high
68921RHEL 6 : kernel (RHSA-2013:1051)NessusRed Hat Local Security Checks
high
68920Oracle Linux 6 : kernel (ELSA-2013-1051)NessusOracle Linux Local Security Checks
high
67351Fedora 17 : kernel-3.9.8-100.fc17 (2013-9123)NessusFedora Local Security Checks
high
67285Fedora 18 : kernel-3.9.5-201.fc18 (2013-10695)NessusFedora Local Security Checks
high
67284Fedora 19 : kernel-3.9.5-301.fc19 (2013-10689)NessusFedora Local Security Checks
medium
67254Mandriva Linux Security Advisory : kernel (MDVSA-2013:194)NessusMandriva Local Security Checks
high
67191Ubuntu 10.04 LTS : linux-ec2 vulnerabilities (USN-1900-1)NessusUbuntu Local Security Checks
medium
67190Ubuntu 10.04 LTS : linux vulnerabilities (USN-1899-1)NessusUbuntu Local Security Checks
medium