Main Vulnerability Database Exploits ID:4371 - Exploit for Format string error in Linux kernel - CVE-2013-2852

ID:4371 - Exploit for Format string error in Linux kernel - CVE-2013-2852

Published: August 11, 2020

Vulnerability identifier: #VU42792

Vulnerability risk: High

CVE-ID: CVE-2013-2852

CWE-ID: CWE-134

Exploitation vector: Remote access

Vulnerable software:
Linux kernel

Link to public exploit:

https://www.exploit-db.com/exploits/38559/

Vulnerability description

The vulnerability allows a remote non-authenticated attacker to execute arbitrary code.

Format string vulnerability in the b43_request_firmware function in drivers/net/wireless/b43/main.c in the Broadcom B43 wireless driver in the Linux kernel through 3.9.4 allows local users to gain privileges by leveraging root access and including format string specifiers in an fwpostfix modprobe parameter, leading to improper construction of an error message.

Remediation

Install update from vendor's website.

ID:4371 - Exploit for Format string error in Linux kernel - CVE-2013-2852

Link to public exploit:

Vulnerability description

Remediation

Please verify you're human