The udp_sendmsg function in the UDP implementation in (1) net/ipv4/udp.c and (2) net/ipv6/udp.c in the Linux kernel before 2.6.19 allows local users to gain privileges or cause a denial of service (NULL pointer dereference and system crash) via vectors involving the MSG_MORE flag and a UDP socket.
http://lists.opensuse.org/opensuse-security-announce/2009-08/msg00008.html
http://rhn.redhat.com/errata/RHSA-2009-1222.html
http://rhn.redhat.com/errata/RHSA-2009-1223.html
http://secunia.com/advisories/23073
http://secunia.com/advisories/36430
http://secunia.com/advisories/36510
http://secunia.com/advisories/37105
http://secunia.com/advisories/37298
http://secunia.com/advisories/37471
http://support.avaya.com/css/P8/documents/100067254
http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.19
http://www.mandriva.com/security/advisories?name=MDVSA-2011:051
http://www.openwall.com/lists/oss-security/2009/08/25/1
http://www.redhat.com/support/errata/RHSA-2009-1233.html
http://www.securityfocus.com/archive/1/507985/100/0/threaded
http://www.securityfocus.com/archive/1/512019/100/0/threaded
http://www.securityfocus.com/bid/36108
http://www.securitytracker.com/id?1022761
http://www.ubuntu.com/usn/USN-852-1
http://www.vmware.com/security/advisories/VMSA-2009-0016.html
http://www.vupen.com/english/advisories/2009/3316
https://bugzilla.redhat.com/show_bug.cgi?id=518034
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11514
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8557
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9142
OR
OR
cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:lts:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:lts:*:*:*
OR
cpe:2.3:o:suse:linux_enterprise_desktop:10:sp2:*:*:*:*:*:*
ID | Name | Product | Family | Severity |
---|---|---|---|---|
89117 | VMware ESX / ESXi Multiple Vulnerabilities (VMSA-2009-0016) (remote check) | Nessus | Misc. | critical |
79465 | OracleVM 2.1 : kernel (OVMSA-2009-0023) | Nessus | OracleVM Local Security Checks | high |
67917 | Oracle Linux 3 : kernel (ELSA-2009-1233) | Nessus | Oracle Linux Local Security Checks | high |
67915 | Oracle Linux 4 : kernel (ELSA-2009-1223) | Nessus | Oracle Linux Local Security Checks | high |
67914 | Oracle Linux 5 : kernel (ELSA-2009-1222) | Nessus | Oracle Linux Local Security Checks | high |
63899 | RHEL 4 : kernel (RHSA-2009:1469) | Nessus | Red Hat Local Security Checks | high |
63896 | RHEL 5 : kernel (RHSA-2009:1457) | Nessus | Red Hat Local Security Checks | high |
60648 | Scientific Linux Security Update : kernel on SL3.x i386/x86_64 | Nessus | Scientific Linux Local Security Checks | high |
60646 | Scientific Linux Security Update : kernel on SL5.x i386/x86_64 | Nessus | Scientific Linux Local Security Checks | high |
59139 | SuSE 10 Security Update : Linux kernel (ZYPP Patch Number 6460) | Nessus | SuSE Local Security Checks | high |
47150 | VMSA-2010-0010 : ESX 3.5 third-party update for Service Console kernel | Nessus | VMware ESX Local Security Checks | high |
44737 | Debian DSA-1872-1 : linux-2.6 - denial of service/privilege escalation/information leak | Nessus | Debian Local Security Checks | high |
43777 | CentOS 5 : kernel (CESA-2009:1222) | Nessus | CentOS Local Security Checks | high |
42870 | VMSA-2009-0016 : VMware vCenter and ESX update release and vMA patch release address multiple security issues in third party components. | Nessus | VMware ESX Local Security Checks | critical |
42209 | Ubuntu 6.06 LTS / 8.04 LTS / 8.10 / 9.04 : linux, linux-source-2.6.15 vulnerabilities (USN-852-1) | Nessus | Ubuntu Local Security Checks | high |
41541 | SuSE 10 Security Update : Linux kernel (ZYPP Patch Number 6453) | Nessus | SuSE Local Security Checks | high |
41322 | SuSE9 Security Update : Linux kernel (YOU Patch Number 12487) | Nessus | SuSE Local Security Checks | high |
40808 | CentOS 3 : kernel (CESA-2009:1233) | Nessus | CentOS Local Security Checks | high |
40795 | RHEL 3 : kernel (RHSA-2009:1233) | Nessus | Red Hat Local Security Checks | high |
40766 | RHEL 4 : kernel (RHSA-2009:1223) | Nessus | Red Hat Local Security Checks | high |
40765 | RHEL 5 : kernel (RHSA-2009:1222) | Nessus | Red Hat Local Security Checks | high |
40753 | CentOS 4 : kernel (CESA-2009:1223) | Nessus | CentOS Local Security Checks | high |
801474 | CentOS RHSA-2009-1233 Security Check | Log Correlation Engine | Generic | high |
801473 | CentOS RHSA-2009-1223 Security Check | Log Correlation Engine | Generic | high |