CVE-2009-4537 (GCVE-0-2009-4537)
Vulnerability from cvelistv5 – Published: 2010-01-12 17:00 – Updated: 2024-08-07 07:08
VLAI?
Summary
drivers/net/r8169.c in the r8169 driver in the Linux kernel 2.6.32.3 and earlier does not properly check the size of an Ethernet frame that exceeds the MTU, which allows remote attackers to (1) cause a denial of service (temporary network outage) via a packet with a crafted size, in conjunction with certain packets containing A characters and certain packets containing E characters; or (2) cause a denial of service (system crash) via a packet with a crafted size, in conjunction with certain packets containing '\0' characters, related to the value of the status register and erroneous behavior associated with the RxMaxSize register. NOTE: this vulnerability exists because of an incorrect fix for CVE-2009-1389.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T07:08:38.104Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=550907"
},
{
"name": "37521",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/37521"
},
{
"name": "SUSE-SA:2010:031",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-07/msg00006.html"
},
{
"name": "oval:org.mitre.oval:def:9439",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9439"
},
{
"name": "RHSA-2010:0111",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2010-0111.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://blog.c22.cc/2009/12/27/26c3-cat-procsysnetipv4fuckups/"
},
{
"name": "1023419",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1023419"
},
{
"name": "RHSA-2010:0053",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2010-0053.html"
},
{
"name": "[linux-netdev] 20091228 [PATCH RFC] r8169: straighten out overlength frame detection",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://marc.info/?l=linux-netdev\u0026m=126202972828626\u0026w=2"
},
{
"name": "RHSA-2010:0019",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2010-0019.html"
},
{
"name": "40645",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/40645"
},
{
"name": "kernel-r8169-dos(55647)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/55647"
},
{
"name": "[oss-security] 20091228 CVE requests - kernel security regressions for CVE-2009-1385/and -1389",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2009/12/28/1"
},
{
"name": "FEDORA-2010-1787",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035159.html"
},
{
"name": "[oss-security] 20091229 Re: CVE requests - kernel security regressions for CVE-2009-1385/and -1389",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2009/12/29/2"
},
{
"name": "SUSE-SA:2010:023",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://www.novell.com/linux/security/advisories/2010_23_kernel.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://events.ccc.de/congress/2009/Fahrplan/events/3596.en.html"
},
{
"name": "RHSA-2010:0095",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://rhn.redhat.com/errata/RHSA-2010-0095.html"
},
{
"name": "39742",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/39742"
},
{
"name": "[oss-security] 20091231 Re: CVE requests - kernel security regressions for CVE-2009-1385/and -1389",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2009/12/31/1"
},
{
"name": "RHSA-2010:0020",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2010-0020.html"
},
{
"name": "38031",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/38031"
},
{
"name": "oval:org.mitre.oval:def:7443",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7443"
},
{
"name": "38610",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/38610"
},
{
"name": "DSA-2053",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2010/dsa-2053"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://twitter.com/dakami/statuses/7104238406"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://marc.info/?t=126202986900002\u0026r=1\u0026w=2"
},
{
"name": "39830",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/39830"
},
{
"name": "RHSA-2010:0041",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2010-0041.html"
},
{
"name": "ADV-2010-1857",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2010/1857"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2009-12-28T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "drivers/net/r8169.c in the r8169 driver in the Linux kernel 2.6.32.3 and earlier does not properly check the size of an Ethernet frame that exceeds the MTU, which allows remote attackers to (1) cause a denial of service (temporary network outage) via a packet with a crafted size, in conjunction with certain packets containing A characters and certain packets containing E characters; or (2) cause a denial of service (system crash) via a packet with a crafted size, in conjunction with certain packets containing \u0027\\0\u0027 characters, related to the value of the status register and erroneous behavior associated with the RxMaxSize register. NOTE: this vulnerability exists because of an incorrect fix for CVE-2009-1389."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-09-18T12:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=550907"
},
{
"name": "37521",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/37521"
},
{
"name": "SUSE-SA:2010:031",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-07/msg00006.html"
},
{
"name": "oval:org.mitre.oval:def:9439",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9439"
},
{
"name": "RHSA-2010:0111",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2010-0111.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://blog.c22.cc/2009/12/27/26c3-cat-procsysnetipv4fuckups/"
},
{
"name": "1023419",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1023419"
},
{
"name": "RHSA-2010:0053",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2010-0053.html"
},
{
"name": "[linux-netdev] 20091228 [PATCH RFC] r8169: straighten out overlength frame detection",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://marc.info/?l=linux-netdev\u0026m=126202972828626\u0026w=2"
},
{
"name": "RHSA-2010:0019",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2010-0019.html"
},
{
"name": "40645",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/40645"
},
{
"name": "kernel-r8169-dos(55647)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/55647"
},
{
"name": "[oss-security] 20091228 CVE requests - kernel security regressions for CVE-2009-1385/and -1389",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2009/12/28/1"
},
{
"name": "FEDORA-2010-1787",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035159.html"
},
{
"name": "[oss-security] 20091229 Re: CVE requests - kernel security regressions for CVE-2009-1385/and -1389",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2009/12/29/2"
},
{
"name": "SUSE-SA:2010:023",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://www.novell.com/linux/security/advisories/2010_23_kernel.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://events.ccc.de/congress/2009/Fahrplan/events/3596.en.html"
},
{
"name": "RHSA-2010:0095",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://rhn.redhat.com/errata/RHSA-2010-0095.html"
},
{
"name": "39742",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/39742"
},
{
"name": "[oss-security] 20091231 Re: CVE requests - kernel security regressions for CVE-2009-1385/and -1389",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2009/12/31/1"
},
{
"name": "RHSA-2010:0020",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2010-0020.html"
},
{
"name": "38031",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/38031"
},
{
"name": "oval:org.mitre.oval:def:7443",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7443"
},
{
"name": "38610",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/38610"
},
{
"name": "DSA-2053",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2010/dsa-2053"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://twitter.com/dakami/statuses/7104238406"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://marc.info/?t=126202986900002\u0026r=1\u0026w=2"
},
{
"name": "39830",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/39830"
},
{
"name": "RHSA-2010:0041",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2010-0041.html"
},
{
"name": "ADV-2010-1857",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2010/1857"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-4537",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "drivers/net/r8169.c in the r8169 driver in the Linux kernel 2.6.32.3 and earlier does not properly check the size of an Ethernet frame that exceeds the MTU, which allows remote attackers to (1) cause a denial of service (temporary network outage) via a packet with a crafted size, in conjunction with certain packets containing A characters and certain packets containing E characters; or (2) cause a denial of service (system crash) via a packet with a crafted size, in conjunction with certain packets containing \u0027\\0\u0027 characters, related to the value of the status register and erroneous behavior associated with the RxMaxSize register. NOTE: this vulnerability exists because of an incorrect fix for CVE-2009-1389."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=550907",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=550907"
},
{
"name": "37521",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/37521"
},
{
"name": "SUSE-SA:2010:031",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-07/msg00006.html"
},
{
"name": "oval:org.mitre.oval:def:9439",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9439"
},
{
"name": "RHSA-2010:0111",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2010-0111.html"
},
{
"name": "http://blog.c22.cc/2009/12/27/26c3-cat-procsysnetipv4fuckups/",
"refsource": "MISC",
"url": "http://blog.c22.cc/2009/12/27/26c3-cat-procsysnetipv4fuckups/"
},
{
"name": "1023419",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1023419"
},
{
"name": "RHSA-2010:0053",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2010-0053.html"
},
{
"name": "[linux-netdev] 20091228 [PATCH RFC] r8169: straighten out overlength frame detection",
"refsource": "MLIST",
"url": "http://marc.info/?l=linux-netdev\u0026m=126202972828626\u0026w=2"
},
{
"name": "RHSA-2010:0019",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2010-0019.html"
},
{
"name": "40645",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/40645"
},
{
"name": "kernel-r8169-dos(55647)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/55647"
},
{
"name": "[oss-security] 20091228 CVE requests - kernel security regressions for CVE-2009-1385/and -1389",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2009/12/28/1"
},
{
"name": "FEDORA-2010-1787",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035159.html"
},
{
"name": "[oss-security] 20091229 Re: CVE requests - kernel security regressions for CVE-2009-1385/and -1389",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2009/12/29/2"
},
{
"name": "SUSE-SA:2010:023",
"refsource": "SUSE",
"url": "http://www.novell.com/linux/security/advisories/2010_23_kernel.html"
},
{
"name": "http://events.ccc.de/congress/2009/Fahrplan/events/3596.en.html",
"refsource": "MISC",
"url": "http://events.ccc.de/congress/2009/Fahrplan/events/3596.en.html"
},
{
"name": "RHSA-2010:0095",
"refsource": "REDHAT",
"url": "https://rhn.redhat.com/errata/RHSA-2010-0095.html"
},
{
"name": "39742",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/39742"
},
{
"name": "[oss-security] 20091231 Re: CVE requests - kernel security regressions for CVE-2009-1385/and -1389",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2009/12/31/1"
},
{
"name": "RHSA-2010:0020",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2010-0020.html"
},
{
"name": "38031",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/38031"
},
{
"name": "oval:org.mitre.oval:def:7443",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7443"
},
{
"name": "38610",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/38610"
},
{
"name": "DSA-2053",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2010/dsa-2053"
},
{
"name": "http://twitter.com/dakami/statuses/7104238406",
"refsource": "MISC",
"url": "http://twitter.com/dakami/statuses/7104238406"
},
{
"name": "http://marc.info/?t=126202986900002\u0026r=1\u0026w=2",
"refsource": "CONFIRM",
"url": "http://marc.info/?t=126202986900002\u0026r=1\u0026w=2"
},
{
"name": "39830",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/39830"
},
{
"name": "RHSA-2010:0041",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2010-0041.html"
},
{
"name": "ADV-2010-1857",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/1857"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2009-4537",
"datePublished": "2010-01-12T17:00:00.000Z",
"dateReserved": "2009-12-31T00:00:00.000Z",
"dateUpdated": "2024-08-07T07:08:38.104Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…