DEBIAN-CVE-2013-2851
Advisory lineage Upstream: 1 Downstream: 2
Upstream
Downstream
Published: 07 Jun 2013, 14:03
Last modified:28 Apr 2026, 20:12
Vulnerability Summary
Overall Risk (default)
minimal
0/100 CVSS Score
No data
EPSS Score
No data
KEV
Not listed
Ransomware
No reports
Public exploits
None found
Dark Web
Not detected
Timeline
07 Jun 2013, 14:03
Published
Vulnerability first disclosed
28 Apr 2026, 20:12
Last Modified
Vulnerability information updated
Description
Format string vulnerability in the register_disk function in block/genhd.c in the Linux kernel through 3.9.4 allows local users to gain privileges by leveraging root access and writing format string specifiers to /sys/module/md_mod/parameters/new_array in order to create a crafted /dev/md device name.
Affected Systems
- debian•linux
< 3.9.8-1 | < 3.9.8-1 | < 3.9.8-1 | < 3.9.8-1