Detections
Analytics
CVE-2009-4138
medium
Description
drivers/firewire/ohci.c in the Linux kernel before 2.6.32-git9, when packet-per-buffer mode is used, allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unknown other impact via an unspecified ioctl associated with receiving an ISO packet that contains zero in the payload-length field.
References
https://rhn.redhat.com/errata/RHSA-2010-0095.html
https://rhn.redhat.com/errata/RHSA-2010-0046.html
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9527
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7376
https://bugzilla.redhat.com/show_bug.cgi?id=547236
http://www.securityfocus.com/bid/37339
http://www.openwall.com/lists/oss-security/2009/12/15/1
http://www.kernel.org/pub/linux/kernel/v2.6/snapshots/patch-2.6.32-git9.log
http://www.debian.org/security/2010/dsa-2005
http://support.avaya.com/css/P8/documents/100073666
http://secunia.com/advisories/38276
http://secunia.com/advisories/38017
http://patchwork.kernel.org/patch/66747/
http://lists.opensuse.org/opensuse-security-announce/2010-02/msg00005.html
http://lists.opensuse.org/opensuse-security-announce/2010-01/msg00005.html
http://lists.opensuse.org/opensuse-security-announce/2010-01/msg00000.html