Back to search
CVE-2009-2909
Published: Oct 20, 2009
Modified: Aug 7, 2024
PUBLISHED
Description
Integer signedness error in the ax25_setsockopt function in net/ax25/af_ax25.c in the ax25 subsystem in the Linux kernel before 2.6.31.2 allows local users to cause a denial of service (OOPS) via a crafted optlen value in an SO_BINDTODEVICE operation.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
https://bugzilla.redhat.com/show_bug.cgi?id=528887
x_refsource_CONFIRM
USN-864-1
vendor-advisory
x_refsource_UBUNTU
37351
third-party-advisory
x_refsource_SECUNIA
37075
third-party-advisory
x_refsource_SECUNIA
[oss-security] 20091007 More kernel CVE info (CVE-2009-2909)
mailing-list
x_refsource_MLIST
SUSE-SA:2009:056
vendor-advisory
x_refsource_SUSE
[linux-kernel] 20091002 [071/136] net ax25: Fix signed comparison in the sockopt handler
mailing-list
x_refsource_MLIST
36635
vdb-entry
x_refsource_BID
FEDORA-2009-10525
vendor-advisory
x_refsource_FEDORA
http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.31.2
x_refsource_CONFIRM
SUSE-SA:2009:054
vendor-advisory
x_refsource_SUSE
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now