SB2013060702 - Format string error in Linux kernel
Published: June 7, 2013 Updated: August 11, 2020
Security Bulletin ID
SB2013060702
Severity
High
Patch available
YES
Number of vulnerabilities
1
Exploitation vector
Remote access
Highest impact
Code execution
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 1 security vulnerability.
1) Format string error (CVE-ID: CVE-2013-2852)
The vulnerability allows a remote non-authenticated attacker to execute arbitrary code.
Format string vulnerability in the b43_request_firmware function in drivers/net/wireless/b43/main.c in the Broadcom B43 wireless driver in the Linux kernel through 3.9.4 allows local users to gain privileges by leveraging root access and including format string specifiers in an fwpostfix modprobe parameter, leading to improper construction of an error message.
Remediation
Install update from vendor's website.
References
- http://git.kernel.org/cgit/linux/kernel/git/linville/wireless.git/commit/?id=9538cbaab6e8b8046039b4b2eb6c9d614dc782bd
- http://lists.opensuse.org/opensuse-security-announce/2013-09/msg00003.html
- http://lists.opensuse.org/opensuse-updates/2013-12/msg00129.html
- http://rhn.redhat.com/errata/RHSA-2013-1051.html
- http://rhn.redhat.com/errata/RHSA-2013-1450.html
- http://www.debian.org/security/2013/dsa-2766
- http://www.openwall.com/lists/oss-security/2013/06/06/13
- http://www.ubuntu.com/usn/USN-1899-1
- http://www.ubuntu.com/usn/USN-1900-1
- http://www.ubuntu.com/usn/USN-1914-1
- http://www.ubuntu.com/usn/USN-1915-1
- http://www.ubuntu.com/usn/USN-1916-1
- http://www.ubuntu.com/usn/USN-1917-1
- http://www.ubuntu.com/usn/USN-1918-1
- http://www.ubuntu.com/usn/USN-1919-1
- http://www.ubuntu.com/usn/USN-1920-1
- http://www.ubuntu.com/usn/USN-1930-1
- https://bugzilla.redhat.com/show_bug.cgi?id=969518