CVE-2009-3613

2009-10-1920:00:00

CWE-399

[email protected]

web.nvd.nist.gov

swiotlb

r8169 driver

denial of service

iommu

cve-2009-3613

linux kernel

5.5 Medium

AI Score

Confidence

High

7.8 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

0.073 Low

EPSS

Percentile

94.0%

JSON

The swiotlb functionality in the r8169 driver in drivers/net/r8169.c in the Linux kernel before 2.6.27.22 allows remote attackers to cause a denial of service (IOMMU space exhaustion and system crash) by using jumbo frames for a large amount of network traffic, as demonstrated by a flood ping.

CPENameOperatorVersion
linux:linux_kernellinux linux kerneleq2.6.27.12
linux:linux_kernellinux linux kerneleq2.6.20.6
linux:linux_kernellinux linux kerneleq2.6.20.9
linux:linux_kernellinux linux kerneleq2.6.26
linux:linux_kernellinux linux kerneleq2.6.18
linux:linux_kernellinux linux kerneleq2.6.11
linux:linux_kernellinux linux kerneleq2.6.23.4
linux:linux_kernellinux linux kerneleq2.6.22.15
linux:linux_kernellinux linux kerneleq2.6.16.16
linux:linux_kernellinux linux kerneleq2.6.18.7

CPE	Name	Operator	Version
linux:linux_kernel	linux linux kernel	eq	2.6.27.12
linux:linux_kernel	linux linux kernel	eq	2.6.20.6
linux:linux_kernel	linux linux kernel	eq	2.6.20.9
linux:linux_kernel	linux linux kernel	eq	2.6.26
linux:linux_kernel	linux linux kernel	eq	2.6.18
linux:linux_kernel	linux linux kernel	eq	2.6.11
linux:linux_kernel	linux linux kernel	eq	2.6.23.4
linux:linux_kernel	linux linux kernel	eq	2.6.22.15
linux:linux_kernel	linux linux kernel	eq	2.6.16.16
linux:linux_kernel	linux linux kernel	eq	2.6.18.7