CVE-2013-2852

2013-06-0700:00:00

ubuntu.com

6.9 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:M/Au:N/C:C/I:C/A:C

0.001 Low

EPSS

Percentile

24.3%

JSON

Format string vulnerability in the b43_request_firmware function in
drivers/net/wireless/b43/main.c in the Broadcom B43 wireless driver in the
Linux kernel through 3.9.4 allows local users to gain privileges by
leveraging root access and including format string specifiers in an
fwpostfix modprobe parameter, leading to improper construction of an error
message.

Bugs

<https://launchpad.net/bugs/1189833>

OSVersionArchitecturePackageVersionFilename
ubuntu10.04noarchlinux< 2.6.32-49.111UNKNOWN
ubuntu12.04noarchlinux< 3.2.0-51.77UNKNOWN
ubuntu12.10noarchlinux< 3.5.0-37.58UNKNOWN
ubuntu13.04noarchlinux< 3.8.0-27.40UNKNOWN
ubuntu12.04noarchlinux-armadaxp< 3.2.0-1623.34UNKNOWN
ubuntu12.10noarchlinux-armadaxp< 3.5.0-1618.26UNKNOWN
ubuntu10.04noarchlinux-ec2< 2.6.32-354.67UNKNOWN
ubuntu12.04noarchlinux-lts-quantal< 3.5.0-37.58~precise1UNKNOWN
ubuntu12.04noarchlinux-lts-raring< 3.8.0-29.42~precise1UNKNOWN
ubuntu12.04noarchlinux-ti-omap4< 3.2.0-1436.55UNKNOWN

OS	Version	Architecture	Package	Version	Filename
ubuntu	10.04	noarch	linux	< 2.6.32-49.111	UNKNOWN
ubuntu	12.04	noarch	linux	< 3.2.0-51.77	UNKNOWN
ubuntu	12.10	noarch	linux	< 3.5.0-37.58	UNKNOWN
ubuntu	13.04	noarch	linux	< 3.8.0-27.40	UNKNOWN
ubuntu	12.04	noarch	linux-armadaxp	< 3.2.0-1623.34	UNKNOWN
ubuntu	12.10	noarch	linux-armadaxp	< 3.5.0-1618.26	UNKNOWN
ubuntu	10.04	noarch	linux-ec2	< 2.6.32-354.67	UNKNOWN
ubuntu	12.04	noarch	linux-lts-quantal	< 3.5.0-37.58~precise1	UNKNOWN
ubuntu	12.04	noarch	linux-lts-raring	< 3.8.0-29.42~precise1	UNKNOWN
ubuntu	12.04	noarch	linux-ti-omap4	< 3.2.0-1436.55	UNKNOWN