Security Advisory

CVE-2013-2851

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2013-06-07 10:00:00

Last updated 2024-08-06 15:52:20

Assigner Chrome

State PUBLISHED

Description

Format string vulnerability in the register_disk function in block/genhd.c in the Linux kernel through 3.9.4 allows local users to gain privileges by leveraging root access and writing format string specifiers to /sys/module/md_mod/parameters/new_array in order to create a crafted /dev/md device name.

← Browse all CVEs View on cve.org ↗