Lucene search

K
ubuntucveUbuntu.comUB:CVE-2009-4538
HistoryJan 12, 2010 - 12:00 a.m.

CVE-2009-4538

2010-01-1200:00:00
ubuntu.com
ubuntu.com
27

CVSS2

10

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

EPSS

0.039

Percentile

92.2%

drivers/net/e1000e/netdev.c in the e1000e driver in the Linux kernel
2.6.32.3 and earlier does not properly check the size of an Ethernet frame
that exceeds the MTU, which allows remote attackers to have an unspecified
impact via crafted packets, a related issue to CVE-2009-4537.

Bugs

Notes

Author Note
mdeslaur same patch as CVE-2009-4536, but applied to e1000e
OSVersionArchitecturePackageVersionFilename
ubuntu8.04noarchlinux< 2.6.24-27.65UNKNOWN
ubuntu8.10noarchlinux< 2.6.27-17.45UNKNOWN
ubuntu9.04noarchlinux< 2.6.28-18.59UNKNOWN
ubuntu9.10noarchlinux< 2.6.31-19.56UNKNOWN

CVSS2

10

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

EPSS

0.039

Percentile

92.2%