CVE-2013-2852

MEDIUM

Description

Format string vulnerability in the b43_request_firmware function in drivers/net/wireless/b43/main.c in the Broadcom B43 wireless driver in the Linux kernel through 3.9.4 allows local users to gain privileges by leveraging root access and including format string specifiers in an fwpostfix modprobe parameter, leading to improper construction of an error message.

References

http://git.kernel.org/cgit/linux/kernel/git/linville/wireless.git/commit/?id=9538cbaab6e8b8046039b4b2eb6c9d614dc782bd

http://lists.opensuse.org/opensuse-security-announce/2013-09/msg00003.html

http://lists.opensuse.org/opensuse-updates/2013-12/msg00129.html

http://rhn.redhat.com/errata/RHSA-2013-1051.html

http://rhn.redhat.com/errata/RHSA-2013-1450.html

http://www.debian.org/security/2013/dsa-2766

http://www.openwall.com/lists/oss-security/2013/06/06/13

http://www.ubuntu.com/usn/USN-1899-1

http://www.ubuntu.com/usn/USN-1900-1

http://www.ubuntu.com/usn/USN-1914-1

http://www.ubuntu.com/usn/USN-1915-1

http://www.ubuntu.com/usn/USN-1916-1

http://www.ubuntu.com/usn/USN-1917-1

http://www.ubuntu.com/usn/USN-1918-1

http://www.ubuntu.com/usn/USN-1919-1

http://www.ubuntu.com/usn/USN-1920-1

http://www.ubuntu.com/usn/USN-1930-1

https://bugzilla.redhat.com/show_bug.cgi?id=969518

Details

Source: MITRE

Published: 2013-06-07

Updated: 2017-11-18

Type: CWE-134

Risk Information

CVSS v2.0

Base Score: 6.9

Vector: (AV:L/AC:M/Au:N/C:C/I:C/A:C)

Impact Score: 10

Exploitability Score: 3.4

Severity: MEDIUM

Vulnerable Software

Configuration 1

cpe:2.3:o:linux:linux_kernel:3.9:rc1:*:*:*:*:*:*

cpe:2.3:o:linux:linux_kernel:3.9:rc2:*:*:*:*:*:*

cpe:2.3:o:linux:linux_kernel:3.9:rc3:*:*:*:*:*:*

cpe:2.3:o:linux:linux_kernel:3.9:rc4:*:*:*:*:*:*

cpe:2.3:o:linux:linux_kernel:3.9:rc5:*:*:*:*:*:*

cpe:2.3:o:linux:linux_kernel:3.9:rc6:*:*:*:*:*:*

cpe:2.3:o:linux:linux_kernel:3.9:rc7:*:*:*:*:*:*

cpe:2.3:o:linux:linux_kernel:3.9.0:*:*:*:*:*:*:*

cpe:2.3:o:linux:linux_kernel:3.9.1:*:*:*:*:*:*:*

cpe:2.3:o:linux:linux_kernel:3.9.2:*:*:*:*:*:*:*

cpe:2.3:o:linux:linux_kernel:3.9.3:*:*:*:*:*:*:*

cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* versions up to 3.9.4 (inclusive)

Tenable Plugins

View all (28 total)

ID	Name	Product	Family	Severity
99163	OracleVM 3.3 : Unbreakable / etc (OVMSA-2017-0057) (Dirty COW)	Nessus	OracleVM Local Security Checks	critical
83611	SUSE SLES11 Security Update : kernel (SUSE-SU-2014:0287-1)	Nessus	SuSE Local Security Checks	high
78974	RHEL 6 : kernel (RHSA-2013:1450)	Nessus	Red Hat Local Security Checks	medium
76665	RHEL 6 : MRG (RHSA-2013:1264)	Nessus	Red Hat Local Security Checks	high
74878	openSUSE Security Update : kernel (openSUSE-SU-2013:1971-1)	Nessus	SuSE Local Security Checks	high
70222	Amazon Linux AMI : kernel (ALAS-2013-218)	Nessus	Amazon Linux Local Security Checks	high
70200	Debian DSA-2766-1 : linux-2.6 - privilege escalation/denial of service/information leak	Nessus	Debian Local Security Checks	medium
70040	SuSE 11.3 Security Update : Linux kernel (SAT Patch Numbers 8269 / 8270 / 8283)	Nessus	SuSE Local Security Checks	high
69942	Oracle Linux 5 / 6 : Unbreakable Enterprise Kernel (ELSA-2013-2546)	Nessus	Oracle Linux Local Security Checks	high
69505	Debian DSA-2745-1 : linux - privilege escalation/denial of service/information leak	Nessus	Debian Local Security Checks	high
69419	Ubuntu 12.04 LTS : linux-lts-raring vulnerabilities (USN-1936-1)	Nessus	Ubuntu Local Security Checks	high
69127	Ubuntu 13.04 : linux vulnerability (USN-1919-1)	Nessus	Ubuntu Local Security Checks	medium
69126	Ubuntu 12.10 : linux vulnerability (USN-1917-1)	Nessus	Ubuntu Local Security Checks	medium
69125	Ubuntu 12.04 LTS : linux-lts-raring vulnerability (USN-1916-1)	Nessus	Ubuntu Local Security Checks	medium
69124	Ubuntu 12.04 LTS : linux-lts-quantal vulnerability (USN-1915-1)	Nessus	Ubuntu Local Security Checks	medium
69123	Ubuntu 12.04 LTS : linux vulnerability (USN-1914-1)	Nessus	Ubuntu Local Security Checks	medium
68978	Oracle Linux 5 / 6 : Unbreakable Enterprise kernel (ELSA-2013-2538)	Nessus	Oracle Linux Local Security Checks	high
68977	Oracle Linux 5 / 6 : Unbreakable Enterprise kernel (ELSA-2013-2537)	Nessus	Oracle Linux Local Security Checks	medium
68945	Scientific Linux Security Update : kernel on SL6.x i386/x86_64	Nessus	Scientific Linux Local Security Checks	high
68940	CentOS 6 : kernel (CESA-2013:1051)	Nessus	CentOS Local Security Checks	high
68921	RHEL 6 : kernel (RHSA-2013:1051)	Nessus	Red Hat Local Security Checks	high
68920	Oracle Linux 6 : kernel (ELSA-2013-1051)	Nessus	Oracle Linux Local Security Checks	high
67351	Fedora 17 : kernel-3.9.8-100.fc17 (2013-9123)	Nessus	Fedora Local Security Checks	high
67285	Fedora 18 : kernel-3.9.5-201.fc18 (2013-10695)	Nessus	Fedora Local Security Checks	high
67284	Fedora 19 : kernel-3.9.5-301.fc19 (2013-10689)	Nessus	Fedora Local Security Checks	medium
67254	Mandriva Linux Security Advisory : kernel (MDVSA-2013:194)	Nessus	Mandriva Local Security Checks	high
67191	Ubuntu 10.04 LTS : linux-ec2 vulnerabilities (USN-1900-1)	Nessus	Ubuntu Local Security Checks	medium
67190	Ubuntu 10.04 LTS : linux vulnerabilities (USN-1899-1)	Nessus	Ubuntu Local Security Checks	medium