CVE-2009-4538high
Description
drivers/net/e1000e/netdev.c in the e1000e driver in the Linux kernel 2.6.32.3 and earlier does not properly check the size of an Ethernet frame that exceeds the MTU, which allows remote attackers to have an unspecified impact via crafted packets, a related issue to CVE-2009-4537.
References
http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035159.html
http://lists.opensuse.org/opensuse-security-announce/2010-01/msg00005.html
http://lists.opensuse.org/opensuse-security-announce/2010-01/msg00008.html
http://lists.opensuse.org/opensuse-security-announce/2010-02/msg00002.html
http://lists.opensuse.org/opensuse-security-announce/2010-02/msg00005.html
http://lists.opensuse.org/opensuse-security-announce/2010-03/msg00000.html
http://secunia.com/advisories/38031
http://secunia.com/advisories/38276
http://secunia.com/advisories/38296
http://secunia.com/advisories/38492
http://secunia.com/advisories/38610
http://secunia.com/advisories/38779
http://securitytracker.com/id?1023420
http://www.debian.org/security/2010/dsa-1996
http://www.debian.org/security/2010/dsa-2005
http://www.mandriva.com/security/advisories?name=MDVSA-2010:066
http://www.openwall.com/lists/oss-security/2009/12/28/1
http://www.openwall.com/lists/oss-security/2009/12/29/2
http://www.openwall.com/lists/oss-security/2009/12/31/1
http://www.redhat.com/support/errata/RHSA-2010-0019.html
http://www.redhat.com/support/errata/RHSA-2010-0020.html
http://www.redhat.com/support/errata/RHSA-2010-0041.html
http://www.redhat.com/support/errata/RHSA-2010-0053.html
http://www.redhat.com/support/errata/RHSA-2010-0111.html
http://www.securityfocus.com/bid/37523
https://bugzilla.redhat.com/show_bug.cgi?id=551214
https://exchange.xforce.ibmcloud.com/vulnerabilities/55645
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7016
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9702
Details
Source: MITRE
Published: 2010-01-12
Updated: 2018-11-16
Type: NVD-CWE-noinfo
Risk Information
CVSS v2
Base Score: 10
Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C
Impact Score: 10
Exploitability Score: 10
Severity: HIGH