Published: 07/06/2013 Updated: 07/11/2023

CVSS v2 Base Score: 6 | Impact Score: 10 | Exploitability Score: 1.5

VMScore: 535

Vector: AV:L/AC:H/Au:S/C:C/I:C/A:C

Format string vulnerability in the register_disk function in block/genhd.c in the Linux kernel up to and including 3.9.4 allows local users to gain privileges by leveraging root access and writing format string specifiers to /sys/module/md_mod/parameters/new_array in order to create a crafted /dev/md device name.

Vulnerable Product	Search on Vulmon	Subscribe to Product
linux linux kernel 3.9.0
linux linux kernel 3.9.2
linux linux kernel 3.9
linux linux kernel 3.9.3
linux linux kernel
linux linux kernel 3.9.1

Several vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service, information leak or privilege escalation The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2013-1059 Chanam Park reported an issue in the Ceph distributed storage system Remote users can cause a den ...

Synopsis Important: kernel-rt security and bug fix update Type/Severity Security Advisory: Important Topic Updated kernel-rt packages that fix several security issues and multiplebugs are now available for Red Hat Enterprise MRG 23The Red Hat Security Response Team has rated this update as havingimportant ...

Synopsis Important: kernel security and bug fix update Type/Severity Security Advisory: Important Topic Updated kernel packages that fix three security issues and several bugs arenow available for Red Hat Enterprise Linux 63 Extended Update SupportThe Red Hat Security Response Team has rated this update a ...

Synopsis Important: Red Hat Enterprise Linux 6 kernel update Type/Severity Security Advisory: Important Topic Updated kernel packages that fix multiple security issues, address severalhundred bugs, and add numerous enhancements are now available as part ofthe ongoing support and maintenance of Red Hat Enter ...

Several security issues were fixed in the kernel ...

CWE-134 http://rhn.redhat.com/errata/RHSA-2013-1783.html http://marc.info/?l=linux-kernel&m=137055204522556&w=2 http://www.ubuntu.com/usn/USN-1913-1 http://lists.opensuse.org/opensuse-security-announce/2013-09/msg00003.html http://rhn.redhat.com/errata/RHSA-2013-1645.html http://www.debian.org/security/2013/dsa-2766 https://bugzilla.redhat.com/show_bug.cgi?id=969515 http://lists.opensuse.org/opensuse-updates/2013-12/msg00129.html http://lists.opensuse.org/opensuse-security-announce/2013-09/msg00004.html http://rhn.redhat.com/errata/RHSA-2014-0284.html http://www.ubuntu.com/usn/USN-1941-1 http://www.openwall.com/lists/oss-security/2013/06/06/13 http://www.ubuntu.com/usn/USN-1942-1 http://www.ubuntu.com/usn/USN-1912-1 https://nvd.nist.gov https://www.debian.org/security/./dsa-2745 https://usn.ubuntu.com/1936-1/

Get Started

CVE-2013-2851

Vulnerability Summary

Vendor Advisories

References

Vulmon Search

About

Products

Connect