Format string vulnerability in the register_disk function in block/genhd.c in the Linux kernel through 3.9.4 allows local users to gain privileges by leveraging root access and writing format string specifiers to /sys/module/md_mod/parameters/new_array in order to create a crafted /dev/md device name.
References
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: Chrome
Published: 2013-06-07T10:00:00
Updated: 2014-03-17T13:57:00
Reserved: 2013-04-11T00:00:00
Link: CVE-2013-2851
JSON object: View
NVD Information
Status : Modified
Published: 2013-06-07T14:03:20.003
Modified: 2023-11-07T02:15:14.300
Link: CVE-2013-2851
JSON object: View
Redhat Information
No data.
CWE