PRIOn knowledge basePRION:CVE-2009-4138Null pointer dereference
6.6 Medium
AI Score
Confidence
High
4.7 Medium
CVSS2
Access Vector
LOCAL
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:L/AC:M/Au:N/C:N/I:N/A:C
0.0004 Low
EPSS
Percentile
8.3%
drivers/firewire/ohci.c in the Linux kernel before 2.6.32-git9, when packet-per-buffer mode is used, allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unknown other impact via an unspecified ioctl associated with receiving an ISO packet that contains zero in the payload-length field.
References
git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=8c0c0cc2d9f4c523fde04bdfe41e4380dec8ee54
lists.opensuse.org/opensuse-security-announce/2010-01/msg00000.html
lists.opensuse.org/opensuse-security-announce/2010-01/msg00005.html
lists.opensuse.org/opensuse-security-announce/2010-02/msg00005.html
patchwork.kernel.org/patch/66747/
secunia.com/advisories/38017
secunia.com/advisories/38276
support.avaya.com/css/P8/documents/100073666
www.debian.org/security/2010/dsa-2005
www.kernel.org/pub/linux/kernel/v2.6/snapshots/patch-2.6.32-git9.log
www.openwall.com/lists/oss-security/2009/12/15/1
www.securityfocus.com/bid/37339
bugzilla.redhat.com/show_bug.cgi?id=547236
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7376
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9527
rhn.redhat.com/errata/RHSA-2010-0046.html
rhn.redhat.com/errata/RHSA-2010-0095.html
Related
6.6 Medium
AI Score
Confidence
High
4.7 Medium
CVSS2
Access Vector
LOCAL
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:L/AC:M/Au:N/C:N/I:N/A:C
0.0004 Low
EPSS
Percentile
8.3%