Published: 04/06/2009 Updated: 13/02/2023

CVSS v2 Base Score: 7.8 | Impact Score: 6.9 | Exploitability Score: 10

VMScore: 695

Vector: AV:N/AC:L/Au:N/C:N/I:N/A:C

Integer underflow in the e1000_clean_rx_irq function in drivers/net/e1000/e1000_main.c in the e1000 driver in the Linux kernel prior to 2.6.30-rc8, the e1000e driver in the Linux kernel, and Intel Wired Ethernet (aka e1000) prior to 7.5.5 allows remote malicious users to cause a denial of service (panic) via a crafted frame size.

Vulnerable Product	Search on Vulmon	Subscribe to Product
linux linux kernel 2.6.25.4
linux linux kernel 2.6.25.11
linux linux kernel 2.6.18
linux linux kernel 2.6.29
linux linux kernel 2.6.25.9
linux linux kernel 2.6.22.15
linux linux kernel 2.6.29.3
intel e1000 5.5.4
linux linux kernel 2.6.23.13
linux linux kernel 2.6.24.2
linux linux kernel 2.4.36.6
linux linux kernel 2.6.26.5
linux linux kernel
linux linux kernel 2.6.22.21
linux linux kernel 2.6.25.12
linux linux kernel 2.6.30
linux linux kernel 2.6.25.5
intel e1000 5.4.11
linux linux kernel 2.6.23.8
linux linux kernel 2.6.25
linux linux kernel 2.6.22.12
intel e1000 7.3.15
linux linux kernel 2.6.25.8
intel e1000 7.0.41
linux linux kernel 2.6.21.6
linux linux kernel 2.4.36.2
linux linux kernel 2.6.22.1
linux linux kernel 2.6.23.16
linux linux kernel 2.6.24.1
linux linux kernel 2.6.25.6
linux linux kernel 2.6.22
linux linux kernel 2.6.26
intel e1000 7.4.27
linux linux kernel 2.6.26.3
linux linux kernel 2.6.20.16
linux linux kernel 2.6.27
linux linux kernel 2.6.19.4
linux linux kernel 2.6.25.13
intel e1000 5.6.10
linux linux kernel 2.6.20.21
linux linux kernel 2.6.25.7
linux linux kernel 2.4.36.1
intel e1000 6.3.9
linux linux kernel 2.6.25.3
linux linux kernel 2.6.24
linux linux kernel 2.6.26.2
linux linux kernel 2.6.20.17
intel e1000 5.6.10.1
linux linux kernel 2.6.21.5
linux linux kernel 2.6.24_rc4
linux linux kernel 2.6.23.15
linux linux kernel 2.6.23.10
linux linux kernel 2.4.36.4
linux linux kernel 2.6.26.1
linux linux kernel 2.6.20.20
intel e1000 7.0.33
linux linux kernel 2.6.22.18
linux linux kernel 2.4.36.3
linux linux kernel 2.6.22.20
linux linux kernel 2.6.20.18
linux linux kernel 2.6.23.9
linux linux kernel 2.6.25.2
linux linux kernel 2.6.25.1
intel e1000 7.3.20
linux linux kernel 2.6.24.4
intel e1000 5.2.30.1
linux linux kernel 2.6.25.16
linux linux kernel 2.6.22.9
intel e1000
linux linux kernel 2.6.25.17
intel e1000 5.7.6
linux linux kernel 2.6.22.13
linux linux kernel 2.6.19.7
intel e1000 5.3.19
linux linux kernel 2.6.24.5
linux linux kernel 2.6.24_rc1
linux linux kernel 2.6.20.19
linux linux kernel 2.6.22.17
intel e1000 7.2.9
linux linux kernel 2.6.25.10
linux linux kernel 2.6.22.11
linux kernel 2.6.24.7
linux linux kernel 2.6.23
intel e1000 6.0.54
intel e1000 6.1.16
linux linux kernel 2.6.22.10
intel e1000 6.2.15
linux linux kernel 2.6.23.17
linux linux kernel 2.6.21.7
linux linux kernel 2.6.23_rc1
linux linux kernel 2.6.22.22
linux linux kernel 2.6.29.rc1
linux linux kernel 2.6.24.6
linux linux kernel 2.6.22_rc7
linux linux kernel 2.4.36
linux linux kernel 2.6.23.12
linux linux kernel 2.6.24_rc5
linux linux kernel 2.6.19.6
linux kernel 2.6.25.15
linux linux kernel 2.6.22.8
intel e1000 5.2.52
linux linux kernel 2.6.19.5
linux linux kernel 2.4.36.5
intel e1000 5.2.22
intel e1000 7.1.9
linux linux kernel 2.6.22.2
linux linux kernel 2.6.29.rc2
linux linux kernel 2.2.27
linux linux kernel 2.6.22.19
linux linux kernel 2.6.24.3
linux linux kernel 2.6.22_rc1
linux linux kernel 2.6.29.rc2-git1
linux linux kernel 2.6.25.14
linux linux kernel 2.6.26.4
intel e1000 7.2.7
intel e1000 6.0.60
linux linux kernel 2.6.23.11
linux linux kernel 2.6.22.14
linux linux kernel 2.6

Igor Zhbanov discovered that NFS clients were able to create device nodes even when root_squash was enabled An authenticated remote attacker could create device nodes with open permissions, leading to a loss of privacy or escalation of privileges Only Ubuntu 810 and 904 were affected (CVE-2009-1072) ...

Several vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service or privilege escalation The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2009-1385 Neil Horman discovered a missing fix from the e1000 network driver A remote user may cause a denial of service by w ...

Synopsis Important: kernel security and bug fix update Type/Severity Security Advisory: Important Topic Updated kernel packages that fix several security issues and several bugsare now available for Red Hat Enterprise Linux 5This update has been rated as having important security impact by the RedHat Secur ...

Synopsis Important: kernel security and bug fix update Type/Severity Security Advisory: Important Topic Updated kernel packages that fix several security issues and various bugsare now available for Red Hat Enterprise Linux 4This update has been rated as having important security impact by the RedHat Secur ...

Synopsis Important: kernel security and bug fix update Type/Severity Security Advisory: Important Topic Updated kernel packages that fix multiple security issues and several bugsare now available for Red Hat Enterprise Linux 52 Extended Update SupportThis update has been rated as having important security ...

CWE-189 http://sourceforge.net/project/shownotes.php?release_id=504022&group_id=42302 http://secunia.com/advisories/35265 https://bugzilla.redhat.com/show_bug.cgi?id=502981 http://www.securityfocus.com/bid/35185 http://www.kernel.org/pub/linux/kernel/v2.6/testing/ChangeLog-2.6.30-rc8 http://www.openwall.com/lists/oss-security/2009/06/03/2 http://osvdb.org/54892 http://www.mandriva.com/security/advisories?name=MDVSA-2009:135 https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01048.html https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01094.html https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01193.html http://www.intel.com/support/network/sb/CS-030543.htm http://secunia.com/advisories/35566 http://secunia.com/advisories/35623 http://www.redhat.com/support/errata/RHSA-2009-1157.html http://www.mandriva.com/security/advisories?name=MDVSA-2009:148 http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00004.html http://www.debian.org/security/2009/dsa-1844 http://secunia.com/advisories/36051 http://wiki.rpath.com/Advisories:rPSA-2009-0111 http://secunia.com/advisories/36131 http://secunia.com/advisories/35847 http://www.redhat.com/support/errata/RHSA-2009-1193.html http://secunia.com/advisories/36327 http://www.debian.org/security/2009/dsa-1865 https://rhn.redhat.com/errata/RHSA-2009-1550.html http://www.vupen.com/english/advisories/2009/3316 http://www.vmware.com/security/advisories/VMSA-2009-0016.html http://secunia.com/advisories/37471 http://www.ubuntu.com/usn/usn-793-1 http://secunia.com/advisories/35656 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8340 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11681 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11598 http://www.securityfocus.com/archive/1/512019/100/0/threaded http://www.securityfocus.com/archive/1/507985/100/0/threaded http://www.securityfocus.com/archive/1/505254/100/0/threaded http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=ea30e11970a96cfe5e32c03a29332554573b4a10 https://usn.ubuntu.com/793-1/https://nvd.nist.gov

Get Started

CVE-2009-1385

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

References

Vulmon Search

About

Products

Connect