QwikSec

Security Database

CVE

CWE

Training

CVE-2009-4537

Published: Jan 12, 2010

Modified: Aug 7, 2024

PUBLISHED

Description

drivers/net/r8169.c in the r8169 driver in the Linux kernel 2.6.32.3 and earlier does not properly check the size of an Ethernet frame that exceeds the MTU, which allows remote attackers to (1) cause a denial of service (temporary network outage) via a packet with a crafted size, in conjunction with certain packets containing A characters and certain packets containing E characters; or (2) cause a denial of service (system crash) via a packet with a crafted size, in conjunction with certain packets containing '\0' characters, related to the value of the status register and erroneous behavior associated with the RxMaxSize register. NOTE: this vulnerability exists because of an incorrect fix for CVE-2009-1389.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

https://bugzilla.redhat.com/show_bug.cgi?id=550907

x_refsource_CONFIRM

vdb-entry

x_refsource_BID

SUSE-SA:2010:031

vendor-advisory

x_refsource_SUSE

oval:org.mitre.oval:def:9439

vdb-entry

signature

x_refsource_OVAL

vendor-advisory

x_refsource_REDHAT

http://blog.c22.cc/2009/12/27/26c3-cat-procsysnetipv4fuckups/

x_refsource_MISC

vdb-entry

x_refsource_SECTRACK

vendor-advisory

x_refsource_REDHAT

[linux-netdev] 20091228 [PATCH RFC] r8169: straighten out overlength frame detection

mailing-list

x_refsource_MLIST

vendor-advisory

x_refsource_REDHAT

third-party-advisory

x_refsource_SECUNIA

kernel-r8169-dos(55647)

vdb-entry

x_refsource_XF

[oss-security] 20091228 CVE requests - kernel security regressions for CVE-2009-1385/and -1389

mailing-list

x_refsource_MLIST

FEDORA-2010-1787

vendor-advisory

x_refsource_FEDORA

[oss-security] 20091229 Re: CVE requests - kernel security regressions for CVE-2009-1385/and -1389

mailing-list

x_refsource_MLIST

SUSE-SA:2010:023

vendor-advisory

x_refsource_SUSE

http://events.ccc.de/congress/2009/Fahrplan/events/3596.en.html

x_refsource_MISC

vendor-advisory

x_refsource_REDHAT

third-party-advisory

x_refsource_SECUNIA

[oss-security] 20091231 Re: CVE requests - kernel security regressions for CVE-2009-1385/and -1389

mailing-list

x_refsource_MLIST

vendor-advisory

x_refsource_REDHAT

third-party-advisory

x_refsource_SECUNIA

oval:org.mitre.oval:def:7443

vdb-entry

signature

x_refsource_OVAL

third-party-advisory

x_refsource_SECUNIA

vendor-advisory

x_refsource_DEBIAN

http://twitter.com/dakami/statuses/7104238406

x_refsource_MISC

http://marc.info/?t=126202986900002&r=1&w=2

x_refsource_CONFIRM

third-party-advisory

x_refsource_SECUNIA

vendor-advisory

x_refsource_REDHAT

vdb-entry

x_refsource_VUPEN

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.