Oval Definition:oval:org.mitre.oval:def:9439
Revision Date:2013-04-29Version:12
Title:drivers/net/r8169.c in the r8169 driver in the Linux kernel 2.6.32.3 and earlier does not properly check the size of an Ethernet frame that exceeds the MTU, which allows remote attackers to (1) cause a denial of service (temporary network outage) via a packet with a crafted size, in conjunction with certain packets containing A characters and certain packets containing E characters; or (2) cause a denial of service (system crash) via a packet with a crafted size, in conjunction with certain packets containing '\0' characters, related to the value of the status register and erroneous behavior associated with the RxMaxSize register. NOTE: this vulnerability exists because of an incorrect fix for CVE-2009-1389.
Description:drivers/net/r8169.c in the r8169 driver in the Linux kernel 2.6.32.3 and earlier does not properly check the size of an Ethernet frame that exceeds the MTU, which allows remote attackers to (1) cause a denial of service (temporary network outage) via a packet with a crafted size, in conjunction with certain packets containing A characters and certain packets containing E characters; or (2) cause a denial of service (system crash) via a packet with a crafted size, in conjunction with certain packets containing '\0' characters, related to the value of the status register and erroneous behavior associated with the RxMaxSize register. NOTE: this vulnerability exists because of an incorrect fix for CVE-2009-1389.
Family:unixClass:vulnerability
Status:ACCEPTEDReference(s):CVE-2009-4537
Platform(s):CentOS Linux 4
CentOS Linux 5
Oracle Linux 4
Oracle Linux 5
Red Hat Enterprise Linux 4
Red Hat Enterprise Linux 5
Product(s):
Definition Synopsis
  • OS Section: RHEL4, CentOS4, Oracle Linux 4
  • RHEL4, CentOS4 or Oracle Linux 4
  • The operating system installed on the system is Red Hat Enterprise Linux 4
  • OR CentOS Linux 4.x
  • OR Oracle Linux 4.x
  • AND Configuration section
  • kernel-xenU is earlier than 0:2.6.9-89.0.19.EL
  • OR kernel-hugemem is earlier than 0:2.6.9-89.0.19.EL
  • OR kernel-hugemem-devel is earlier than 0:2.6.9-89.0.19.EL
  • OR kernel-xenU-devel is earlier than 0:2.6.9-89.0.19.EL
  • OR kernel-smp-devel is earlier than 0:2.6.9-89.0.19.EL
  • OR kernel-largesmp-devel is earlier than 0:2.6.9-89.0.19.EL
  • OR kernel is earlier than 0:2.6.9-89.0.19.EL
  • OR kernel-devel is earlier than 0:2.6.9-89.0.19.EL
  • OR kernel-doc is earlier than 0:2.6.9-89.0.19.EL
  • OR kernel-largesmp is earlier than 0:2.6.9-89.0.19.EL
  • OR kernel-smp is earlier than 0:2.6.9-89.0.19.EL
  • OR OS Section: RHEL5, CentOS5, Oracle Linux 5
  • RHEL5, CentOS5 or Oracle Linux 5
  • The operating system installed on the system is Red Hat Enterprise Linux 5
  • OR The operating system installed on the system is CentOS Linux 5.x
  • OR Oracle Linux 5.x
  • AND Configuration section
  • kernel-kdump is earlier than 0:2.6.18-164.10.1.el5
  • OR kernel-debug is earlier than 0:2.6.18-164.10.1.el5
  • OR kernel-xen is earlier than 0:2.6.18-164.10.1.el5
  • OR kernel-headers is earlier than 0:2.6.18-164.10.1.el5
  • OR kernel-kdump-devel is earlier than 0:2.6.18-164.10.1.el5
  • OR kernel-xen-devel is earlier than 0:2.6.18-164.10.1.el5
  • OR kernel is earlier than 0:2.6.18-164.10.1.el5
  • OR kernel-PAE-devel is earlier than 0:2.6.18-164.10.1.el5
  • OR kernel-devel is earlier than 0:2.6.18-164.10.1.el5
  • OR kernel-PAE is earlier than 0:2.6.18-164.10.1.el5
  • OR kernel-debug-devel is earlier than 0:2.6.18-164.10.1.el5
  • OR kernel-doc is earlier than 0:2.6.18-164.10.1.el5
    • BACK