Lucene search

K

[email protected]NVD:CVE-2009-4538

HistoryJan 12, 2010 - 5:30 p.m.

CVE-2009-4538

2010-01-1217:30:00

[email protected]

web.nvd.nist.gov

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

6.9 Medium

AI Score

Confidence

High

0.055 Low

EPSS

Percentile

93.2%

drivers/net/e1000e/netdev.c in the e1000e driver in the Linux kernel 2.6.32.3 and earlier does not properly check the size of an Ethernet frame that exceeds the MTU, which allows remote attackers to have an unspecified impact via crafted packets, a related issue to CVE-2009-4537.

Affected configurations

NVD

Node

linuxlinux_kernelRange≤2.6.32.3

Node

debiandebian_linuxMatch4.0

OR

debiandebian_linuxMatch5.0

References

lists.fedoraproject.org/pipermail/package-announce/2010-February/035159.html

lists.opensuse.org/opensuse-security-announce/2010-01/msg00005.html

lists.opensuse.org/opensuse-security-announce/2010-01/msg00008.html

lists.opensuse.org/opensuse-security-announce/2010-02/msg00002.html

lists.opensuse.org/opensuse-security-announce/2010-02/msg00005.html

lists.opensuse.org/opensuse-security-announce/2010-03/msg00000.html

secunia.com/advisories/38031

secunia.com/advisories/38276

secunia.com/advisories/38296

secunia.com/advisories/38492

secunia.com/advisories/38610

secunia.com/advisories/38779

securitytracker.com/id?1023420

www.debian.org/security/2010/dsa-1996

www.debian.org/security/2010/dsa-2005

www.mandriva.com/security/advisories?name=MDVSA-2010:066

www.openwall.com/lists/oss-security/2009/12/28/1

www.openwall.com/lists/oss-security/2009/12/29/2

www.openwall.com/lists/oss-security/2009/12/31/1

www.redhat.com/support/errata/RHSA-2010-0019.html

www.redhat.com/support/errata/RHSA-2010-0020.html

www.redhat.com/support/errata/RHSA-2010-0041.html

www.redhat.com/support/errata/RHSA-2010-0053.html

www.redhat.com/support/errata/RHSA-2010-0111.html

www.securityfocus.com/bid/37523

bugzilla.redhat.com/show_bug.cgi?id=551214

exchange.xforce.ibmcloud.com/vulnerabilities/55645

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7016

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9702

rhn.redhat.com/errata/RHSA-2010-0095.html

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

6.9 Medium

AI Score

Confidence

High

0.055 Low

EPSS

Percentile

93.2%

Related for NVD:CVE-2009-4538

cvelist2 prion2 cve2 nessus55 openvas67 redhat12 ubuntucve2 oraclelinux3 centos4 securityvulns5 f52 veracode2 seebug2 nvd1 fedora11 suse10 ubuntu3 osv3 debian3 vmware2