Published: 12/01/2010 Updated: 16/11/2018

CVSS v2 Base Score: 7.8 | Impact Score: 6.9 | Exploitability Score: 10

VMScore: 694

Vector: AV:N/AC:L/Au:N/C:N/I:N/A:C

drivers/net/e1000/e1000_main.c in the e1000 driver in the Linux kernel 2.6.32.3 and previous versions handles Ethernet frames that exceed the MTU by processing certain trailing payload data as if it were a complete frame, which allows remote malicious users to bypass packet filters via a large packet with a crafted payload. NOTE: this vulnerability exists because of an incorrect fix for CVE-2009-1385.

Vulnerable Product	Search on Vulmon	Subscribe to Product
linux linux kernel
debian debian linux 4.0
debian debian linux 5.0

Amerigo Wang and Eric Sesterhenn discovered that the HFS and ext4 filesystems did not correctly check certain disk structures If a user were tricked into mounting a specially crafted filesystem, a remote attacker could crash the system or gain root privileges (CVE-2009-4020, CVE-2009-4308) ...

Synopsis Important: kernel security update Type/Severity Security Advisory: Important Topic Updated kernel packages that fix multiple security issues are now availablefor Red Hat Enterprise Linux 5This update has been rated as having important security impact by the RedHat Security Response Team ...

Synopsis Important: kernel security update Type/Severity Security Advisory: Important Topic Updated kernel packages that fix multiple security issues are now availablefor Red Hat Enterprise Linux 4This update has been rated as having important security impact by the RedHat Security Response Team ...

Synopsis Important: kernel security update Type/Severity Security Advisory: Important Topic Updated kernel packages that fix multiple security issues are now availablefor Red Hat Enterprise Linux 47 Extended Update SupportThis update has been rated as having important security impact by the RedHat Securit ...

Synopsis Important: kernel security and bug fix update Type/Severity Security Advisory: Important Topic Updated kernel packages that fix multiple security issues and two bugs arenow available for Red Hat Enterprise Linux 53 Extended Update SupportThis update has been rated as having important security imp ...

Synopsis Important: kernel security and bug fix update Type/Severity Security Advisory: Important Topic Updated kernel packages that fix multiple security issues and several bugsare now available for Red Hat Enterprise Linux 52 Extended Update SupportThis update has been rated as having important security ...

NOTE: This kernel update marks the final planned kernel security update for the 2618 kernel in the Debian release 'etch' Although security support for 'etch' officially ended on Feburary 15th, 2010, this update was already in preparation before that date A final update that includes fixes for these issues in the 2624 kernel is also in prepara ...

NOTE: This kernel update marks the final planned kernel security update for the 2624 kernel in the Debian release 'etch' Although security support for 'etch' officially ended on Feburary 15th, 2010, this update was already in preparation before that date Several vulnerabilities have been discovered in the Linux kernel that may lead to a denial ...

CWE-189 http://secunia.com/advisories/38031 https://bugzilla.redhat.com/show_bug.cgi?id=552126 http://blog.c22.cc/2009/12/27/26c3-cat-procsysnetipv4fuckups/http://secunia.com/advisories/35265 http://www.securityfocus.com/bid/37519 http://www.openwall.com/lists/oss-security/2009/12/29/2 http://www.redhat.com/support/errata/RHSA-2010-0020.html http://www.redhat.com/support/errata/RHSA-2010-0019.html http://securitytracker.com/id?1023420 http://marc.info/?t=126203102000001&r=1&w=2 http://events.ccc.de/congress/2009/Fahrplan/events/3596.en.html http://www.openwall.com/lists/oss-security/2009/12/31/1 http://www.openwall.com/lists/oss-security/2009/12/28/1 http://www.redhat.com/support/errata/RHSA-2010-0041.html https://rhn.redhat.com/errata/RHSA-2010-0095.html http://www.redhat.com/support/errata/RHSA-2010-0111.html http://lists.opensuse.org/opensuse-security-announce/2010-02/msg00007.html http://lists.opensuse.org/opensuse-security-announce/2010-02/msg00005.html http://lists.opensuse.org/opensuse-security-announce/2010-02/msg00002.html http://www.debian.org/security/2010/dsa-1996 http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035159.html http://secunia.com/advisories/38492 http://secunia.com/advisories/38276 http://lists.opensuse.org/opensuse-security-announce/2010-01/msg00005.html http://lists.opensuse.org/opensuse-security-announce/2010-01/msg00008.html http://secunia.com/advisories/38296 http://www.debian.org/security/2010/dsa-2005 http://www.redhat.com/support/errata/RHSA-2010-0053.html http://secunia.com/advisories/38610 http://lists.opensuse.org/opensuse-security-announce/2010-03/msg00000.html http://secunia.com/advisories/38779 http://www.redhat.com/support/errata/RHSA-2010-0882.html http://www.vmware.com/security/advisories/VMSA-2011-0009.html https://exchange.xforce.ibmcloud.com/vulnerabilities/55648 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7453 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13226 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12440 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10607 https://usn.ubuntu.com/894-1/https://nvd.nist.gov

CVE-2009-4536

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

References

Vulmon Search

About

Products

Connect