CVE-2009-4538

critical

Description

drivers/net/e1000e/netdev.c in the e1000e driver in the Linux kernel 2.6.32.3 and earlier does not properly check the size of an Ethernet frame that exceeds the MTU, which allows remote attackers to have an unspecified impact via crafted packets, a related issue to CVE-2009-4537.

References

https://rhn.redhat.com/errata/RHSA-2010-0095.html

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9702

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7016

https://exchange.xforce.ibmcloud.com/vulnerabilities/55645

https://bugzilla.redhat.com/show_bug.cgi?id=551214

http://www.securityfocus.com/bid/37523

http://www.redhat.com/support/errata/RHSA-2010-0111.html

http://www.redhat.com/support/errata/RHSA-2010-0053.html

http://www.redhat.com/support/errata/RHSA-2010-0041.html

http://www.redhat.com/support/errata/RHSA-2010-0020.html

http://www.redhat.com/support/errata/RHSA-2010-0019.html

http://www.openwall.com/lists/oss-security/2009/12/31/1

http://www.openwall.com/lists/oss-security/2009/12/29/2

http://www.openwall.com/lists/oss-security/2009/12/28/1

http://www.mandriva.com/security/advisories?name=MDVSA-2010:066

http://www.debian.org/security/2010/dsa-2005

http://www.debian.org/security/2010/dsa-1996

http://securitytracker.com/id?1023420

http://secunia.com/advisories/38779

http://secunia.com/advisories/38610

http://secunia.com/advisories/38492

http://secunia.com/advisories/38296

http://secunia.com/advisories/38276

http://secunia.com/advisories/38031

http://lists.opensuse.org/opensuse-security-announce/2010-03/msg00000.html

http://lists.opensuse.org/opensuse-security-announce/2010-02/msg00005.html

http://lists.opensuse.org/opensuse-security-announce/2010-02/msg00002.html

http://lists.opensuse.org/opensuse-security-announce/2010-01/msg00008.html

http://lists.opensuse.org/opensuse-security-announce/2010-01/msg00005.html

http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035159.html

Details

Source: Mitre, NVD

Published: 2010-01-12

Updated: 2018-11-16

Risk Information

CVSS v2

Base Score: 10

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

Severity: Critical

CVSS v3

Base Score: 9.1

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H

Severity: Critical