CVE-2009-4138

Description

drivers/firewire/ohci.c in the Linux kernel before 2.6.32-git9, when packet-per-buffer mode is used, allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unknown other impact via an unspecified ioctl associated with receiving an ISO packet that contains zero in the payload-length field.

References

http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=8c0c0cc2d9f4c523fde04bdfe41e4380dec8ee54

http://lists.opensuse.org/opensuse-security-announce/2010-01/msg00000.html

http://lists.opensuse.org/opensuse-security-announce/2010-01/msg00005.html

http://lists.opensuse.org/opensuse-security-announce/2010-02/msg00005.html

http://patchwork.kernel.org/patch/66747/

https://bugzilla.redhat.com/show_bug.cgi?id=547236

http://secunia.com/advisories/38017

http://secunia.com/advisories/38276

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7376

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9527

https://rhn.redhat.com/errata/RHSA-2010-0046.html

https://rhn.redhat.com/errata/RHSA-2010-0095.html

http://support.avaya.com/css/P8/documents/100073666

http://www.debian.org/security/2010/dsa-2005

http://www.kernel.org/pub/linux/kernel/v2.6/snapshots/patch-2.6.32-git9.log

http://www.openwall.com/lists/oss-security/2009/12/15/1

Details

Risk Information

CVSS v2