CVE-2013-2852
Last modified
CVE-2013-2852 is a vulnerability of currently unknown severity. Format string vulnerability in the b43_request_firmware function in drivers/net/wireless/b43/main.c in the Broadcom B43 wireless driver in the Linux kernel through 3.9.4 allows local users to gain privileges by leveraging root access and including format string specifiers in an fwpostfix modprobe parameter, leading to improper construction of an error message.. EPSS estimates a 1.02% chance of exploitation in the next 30 days.
Description
Format string vulnerability in the b43_request_firmware function in drivers/net/wireless/b43/main.c in the Broadcom B43 wireless driver in the Linux kernel through 3.9.4 allows local users to gain privileges by leveraging root access and including format string specifiers in an fwpostfix modprobe parameter, leading to improper construction of an error message.
Metrics
Weakness Enumeration
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Linux | Linux Kernel | >= 2.6.12, < 3.0.83 |
| Linux | Linux Kernel | >= 3.1, < 3.2.47 |
| Linux | Linux Kernel | >= 3.3, < 3.4.50 |
| Linux | Linux Kernel | >= 3.5, < 3.9.7 |
| Debian | Debian Linux | 6.0 |
| Canonical | Ubuntu Linux | 10.04 |
| Canonical | Ubuntu Linux | 12.04 |
| Canonical | Ubuntu Linux | 12.10 |
| Canonical | Ubuntu Linux | 13.04 |
References
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2013-2852?
How severe is CVE-2013-2852?
How do I fix CVE-2013-2852?
Are you affected by CVE-2013-2852?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST