Format string vulnerability in the register_disk function in block/genhd.c in the Linux kernel up to and including 3.9.4 allows local users to gain privileges by leveraging root access and writing format string specifiers to /sys/module/md_mod/parameters/new_array in order to create a crafted /dev/md device name.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
linux linux kernel 3.9.0 |
||
linux linux kernel 3.9.2 |
||
linux linux kernel 3.9 |
||
linux linux kernel 3.9.3 |
||
linux linux kernel |
||
linux linux kernel 3.9.1 |