CVE-2009-4536

HIGH

Description

drivers/net/e1000/e1000_main.c in the e1000 driver in the Linux kernel 2.6.32.3 and earlier handles Ethernet frames that exceed the MTU by processing certain trailing payload data as if it were a complete frame, which allows remote attackers to bypass packet filters via a large packet with a crafted payload. NOTE: this vulnerability exists because of an incorrect fix for CVE-2009-1385.

References

http://blog.c22.cc/2009/12/27/26c3-cat-procsysnetipv4fuckups/

http://events.ccc.de/congress/2009/Fahrplan/events/3596.en.html

http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035159.html

http://lists.opensuse.org/opensuse-security-announce/2010-01/msg00005.html

http://lists.opensuse.org/opensuse-security-announce/2010-01/msg00008.html

http://lists.opensuse.org/opensuse-security-announce/2010-02/msg00002.html

http://lists.opensuse.org/opensuse-security-announce/2010-02/msg00005.html

http://lists.opensuse.org/opensuse-security-announce/2010-02/msg00007.html

http://lists.opensuse.org/opensuse-security-announce/2010-03/msg00000.html

http://marc.info/?t=126203102000001&r=1&w=2

http://secunia.com/advisories/35265

http://secunia.com/advisories/38031

http://secunia.com/advisories/38276

http://secunia.com/advisories/38296

http://secunia.com/advisories/38492

http://secunia.com/advisories/38610

http://secunia.com/advisories/38779

http://securitytracker.com/id?1023420

http://www.debian.org/security/2010/dsa-1996

http://www.debian.org/security/2010/dsa-2005

http://www.openwall.com/lists/oss-security/2009/12/28/1

http://www.openwall.com/lists/oss-security/2009/12/29/2

http://www.openwall.com/lists/oss-security/2009/12/31/1

http://www.redhat.com/support/errata/RHSA-2010-0019.html

http://www.redhat.com/support/errata/RHSA-2010-0020.html

http://www.redhat.com/support/errata/RHSA-2010-0041.html

http://www.redhat.com/support/errata/RHSA-2010-0053.html

http://www.redhat.com/support/errata/RHSA-2010-0111.html

http://www.redhat.com/support/errata/RHSA-2010-0882.html

http://www.securityfocus.com/bid/37519

http://www.vmware.com/security/advisories/VMSA-2011-0009.html

https://bugzilla.redhat.com/show_bug.cgi?id=552126

https://exchange.xforce.ibmcloud.com/vulnerabilities/55648

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10607

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12440

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13226

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7453

https://rhn.redhat.com/errata/RHSA-2010-0095.html

Details

Source: MITRE

Published: 2010-01-12

Updated: 2018-11-16

Type: CWE-189

Risk Information

CVSS v2.0

Base Score: 7.8

Vector: AV:N/AC:L/Au:N/C:N/I:N/A:C

Impact Score: 6.9

Exploitability Score: 10

Severity: HIGH

Tenable Plugins

View all (37 total)

IDNameProductFamilySeverity
89740VMware ESX / ESXi Third-Party Libraries and Components (VMSA-2010-0009) (remote check)NessusVMware ESX Local Security Checks
critical
89678VMware ESX / ESXi Multiple Vulnerabilities (VMSA-2011-0009) (remote check)NessusMisc.
high
79507OracleVM 2.2 : kernel (OVMSA-2013-0039)NessusOracleVM Local Security Checks
critical
70880ESXi 5.0 < Build 515841 Multiple Vulnerabilities (remote check)NessusMisc.
high
67983Oracle Linux 4 : kernel (ELSA-2010-0020)NessusOracle Linux Local Security Checks
critical
67982Oracle Linux 5 : kernel (ELSA-2010-0019)NessusOracle Linux Local Security Checks
critical
63919RHEL 4 : kernel (RHSA-2010:0111)NessusRed Hat Local Security Checks
critical
63915RHEL 5 : kernel (RHSA-2010:0079)NessusRed Hat Local Security Checks
critical
63913RHEL 5 : kernel (RHSA-2010:0053)NessusRed Hat Local Security Checks
critical
60717Scientific Linux Security Update : kernel on SL5.x i386/x86_64NessusScientific Linux Local Security Checks
critical
60716Scientific Linux Security Update : kernel on SL4.x i386/x86_64NessusScientific Linux Local Security Checks
critical
59145SuSE 10 Security Update : Linux kernel (ZYPP Patch Number 6810)NessusSuSE Local Security Checks
critical
59144SuSE 10 Security Update : the debug kernel (ZYPP Patch Number 6778)NessusSuSE Local Security Checks
critical
55468SuSE 10 Security Update : Linux kernel (ZYPP Patch Number 7568)NessusSuSE Local Security Checks
high
54968VMSA-2011-0009 : VMware hosted product updates, ESX patches and VI Client update resolve multiple security issuesNessusVMware ESX Local Security Checks
high
52685SuSE 11 Security Update : Linux kernel (SAT Patch Number 1753)NessusSuSE Local Security Checks
critical
49869SuSE 10 Security Update : the Linux kernel (ZYPP Patch Number 6779)NessusSuSE Local Security Checks
critical
47270Fedora 12 : kernel-2.6.31.12-174.2.19.fc12 (2010-1787)NessusFedora Local Security Checks
critical
47258Fedora 11 : kernel-2.6.30.10-105.2.13.fc11 (2010-1500)NessusFedora Local Security Checks
critical
46765VMSA-2010-0009 : ESXi ntp and ESX Service Console third-party updatesNessusVMware ESX Local Security Checks
critical
44966SuSE 11 Security Update : Linux kernel (SAT Patch Numbers 2040 / 2043 / 2044)NessusSuSE Local Security Checks
critical
44964openSUSE Security Update : kernel (kernel-2050)NessusSuSE Local Security Checks
critical
44951Debian DSA-2005-1 : linux-2.6.24 - privilege escalation/denial of service/sensitive memory leakNessusDebian Local Security Checks
critical
44867Debian DSA-2003-1 : linux-2.6 - privilege escalation/denial of serviceNessusDebian Local Security Checks
high
44860Debian DSA-1996-1 : linux-2.6 - privilege escalation/denial of service/sensitive memory leakNessusDebian Local Security Checks
critical
44654SuSE9 Security Update : the Linux kernel (YOU Patch Number 12578)NessusSuSE Local Security Checks
high
44621openSUSE Security Update : kernel (kernel-1908)NessusSuSE Local Security Checks
critical
44411SuSE 11.2 Security Update: kernel (2010-01-28)NessusSuSE Local Security Checks
critical
44399Ubuntu 6.06 LTS / 8.04 LTS / 8.10 / 9.04 / 9.10 : linux, linux-source-2.6.15 vulnerabilities (USN-894-1)NessusUbuntu Local Security Checks
critical
44398SuSE 10 Security Update : Linux kernel (ZYPP Patch Number 6806)NessusSuSE Local Security Checks
critical
44037SuSE 11 Security Update : Linux kernel (SAT Patch Numbers 1754 / 1760)NessusSuSE Local Security Checks
critical
44034openSUSE Security Update : kernel (kernel-1749)NessusSuSE Local Security Checks
critical
44026CentOS 4 : kernel (CESA-2010:0020)NessusCentOS Local Security Checks
critical
43832CentOS 5 : kernel (CESA-2010:0019)NessusCentOS Local Security Checks
critical
43821RHEL 4 : kernel (RHSA-2010:0020)NessusRed Hat Local Security Checks
critical
43820RHEL 5 : kernel (RHSA-2010:0019)NessusRed Hat Local Security Checks
critical
801481CentOS RHSA-2010-0019 Security CheckLog Correlation EngineGeneric
high