Vulnerability CVE-2009-4537 - CERT Civis.Net

Vulnerability Name:

CVE-2009-4537 (CCN-55647)

Assigned:

2009-12-28

Published:

2009-12-28

Updated:

2018-11-16

Summary:

drivers/net/r8169.c in the r8169 driver in the Linux kernel 2.6.32.3 and earlier does not properly check the size of an Ethernet frame that exceeds the MTU, which allows remote attackers to (1) cause a denial of service (temporary network outage) via a packet with a crafted size, in conjunction with certain packets containing A characters and certain packets containing E characters; or (2) cause a denial of service (system crash) via a packet with a crafted size, in conjunction with certain packets containing '\0' characters, related to the value of the status register and erroneous behavior associated with the RxMaxSize register.
Note: this vulnerability exists because of an incorrect fix for CVE-2009-1389.

CVSS v3 Severity:

7.5 High (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): None Integrity (I): None Availibility (A): High

CVSS v2 Severity:

7.8 High (CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:C)
5.8 Medium (Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:C/E:U/RL:OF/RC:C)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Low Authentication (Au): None
Impact Metrics:	Confidentiality (C): None Integrity (I): None Availibility (A): Complete

7.8 High (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:C)
5.8 Medium (CCN Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:C/E:U/RL:OF/RC:C)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Low Athentication (Au): None
Impact Metrics:	Confidentiality (C): None Integrity (I): None Availibility (A): Complete

7.1 High (REDHAT CVSS v2 Vector: AV:N/AC:M/Au:N/C:N/I:N/A:C)
5.3 Medium (REDHAT Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:N/I:N/A:C/E:U/RL:OF/RC:C)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Medium Authentication (Au): None
Impact Metrics:	Confidentiality (C): None Integrity (I): None Availibility (A): Complete

Vulnerability Type:

CWE-20
CWE-682
CWE-119
CWE-119

Vulnerability Consequences:

Denial of Service

References:

Source: MISC
Type: Third Party Advisory
http://blog.c22.cc/2009/12/27/26c3-cat-procsysnetipv4fuckups/

Source: MITRE
Type: CNA
CVE-2009-4537

Source: MISC
Type: Third Party Advisory
http://events.ccc.de/congress/2009/Fahrplan/events/3596.en.html

Source: FEDORA
Type: Mailing List, Third Party Advisory
FEDORA-2010-1787

Source: SUSE
Type: Mailing List, Third Party Advisory
SUSE-SA:2010:031

Source: MLIST
Type: Mailing List, Third Party Advisory
[linux-netdev] 20091228 [PATCH RFC] r8169: straighten out overlength frame detection

Source: CONFIRM
Type: Mailing List, Third Party Advisory
http://marc.info/?t=126202986900002&r=1&w=2

Source: CCN
Type: RHSA-2010-0019
Important: kernel security update

Source: CCN
Type: RHSA-2010-0020
Important: kernel security update

Source: CCN
Type: RHSA-2010-0041
Important: kernel-rt security and bug fix update

Source: CCN
Type: RHSA-2010-0053
Important: kernel security and bug fix update

Source: CCN
Type: RHSA-2010-0079
Important: kernel security and bug fix update

Source: CCN
Type: RHSA-2010-0095
Important: rhev-hypervisor security and bug fix update

Source: CCN
Type: RHSA-2010-0111
Important: kernel security update

Source: SECUNIA
Type: Third Party Advisory
38031

Source: SECUNIA
Type: Third Party Advisory
38610

Source: SECUNIA
Type: Third Party Advisory
39742

Source: SECUNIA
Type: Third Party Advisory
39830

Source: SECUNIA
Type: Third Party Advisory
40645

Source: CCN
Type: SECTRACK ID: 1023419
Linux Kernel Input Validation Flaw in Realtek r8169 Ethernet Driver Lets Remote Users Deny Service

Source: SECTRACK
Type: Third Party Advisory, VDB Entry
1023419

Source: MISC
Type: Third Party Advisory
http://twitter.com/dakami/statuses/7104238406

Source: DEBIAN
Type: Third Party Advisory
DSA-2053

Source: DEBIAN
Type: DSA-2053
linux-2.6 -- privilege escalation/denial of service/information leak

Source: CCN
Type: The Linux Kernel Archives Web site
The Linux Kernel

Source: SUSE
Type: Third Party Advisory
SUSE-SA:2010:023

Source: MLIST
Type: Mailing List, Third Party Advisory
[oss-security] 20091228 CVE requests - kernel security regressions for CVE-2009-1385/and -1389

Source: MLIST
Type: Mailing List, Third Party Advisory
[oss-security] 20091229 Re: CVE requests - kernel security regressions for CVE-2009-1385/and -1389

Source: MLIST
Type: Mailing List, Third Party Advisory
[oss-security] 20091231 Re: CVE requests - kernel security regressions for CVE-2009-1385/and -1389

Source: REDHAT
Type: Third Party Advisory
RHSA-2010:0019

Source: REDHAT
Type: Third Party Advisory
RHSA-2010:0020

Source: REDHAT
Type: Third Party Advisory
RHSA-2010:0041

Source: REDHAT
Type: Third Party Advisory
RHSA-2010:0053

Source: REDHAT
Type: Third Party Advisory
RHSA-2010:0111

Source: BID
Type: Third Party Advisory, VDB Entry
37521

Source: CCN
Type: BID-37521
Linux Kernel RTL8169 NIC 'RxMaxSize' Frame Size Remote Denial of Service Vulnerability

Source: VUPEN
Type: Third Party Advisory
ADV-2010-1857

Source: CONFIRM
Type: Issue Tracking, Third Party Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=550907

Source: CCN
Type: Red Hat Bugzilla Bug 551214
kernel: e1000e frame fragment issue

Source: XF
Type: Third Party Advisory, VDB Entry
kernel-r8169-dos(55647)

Source: XF
Type: UNKNOWN
kernel-r8169-dos(55647)

Source: OVAL
Type: Third Party Advisory
oval:org.mitre.oval:def:7443

Source: OVAL
Type: Third Party Advisory
oval:org.mitre.oval:def:9439

Source: REDHAT
Type: Third Party Advisory
RHSA-2010:0095

Source: SUSE
Type: SUSE-SA:2010:005
Linux kernel security problems

Source: SUSE
Type: SUSE-SA:2010:023
Linux kernel security update

Source: SUSE
Type: SUSE-SA:2010:031
Linux kernel security update

Source: SUSE
Type: SUSE-SA:2010:036
Linux kernel security update

Source: SUSE
Type: SUSE-SA:2010:046
openSUSE 11.2 kernel security update

Vulnerable Configuration:

Configuration 1:

cpe:/o:linux:linux_kernel:*:*:*:*:*:*:*:* (Version <= 2.6.32.3)

Configuration 2:

cpe:/o:debian:debian_linux:5.0:*:*:*:*:*:*:*

Configuration RedHat 1:

cpe:/o:redhat:enterprise_linux:5:*:*:*:*:*:*:*

Configuration RedHat 2:

cpe:/o:redhat:enterprise_linux:5::client:*:*:*:*:*

Configuration RedHat 3:

cpe:/o:redhat:enterprise_linux:5::server:*:*:*:*:*

Configuration RedHat 4:

cpe:/o:redhat:enterprise_linux:4:*:*:*:*:*:*:*

Configuration RedHat 5:

cpe:/o:redhat:enterprise_linux:4::as:*:*:*:*:*

Configuration RedHat 6:

cpe:/o:redhat:enterprise_linux:4::desktop:*:*:*:*:*

Configuration RedHat 7:

cpe:/o:redhat:enterprise_linux:4::es:*:*:*:*:*

Configuration RedHat 8:

cpe:/o:redhat:enterprise_linux:4::ws:*:*:*:*:*

Configuration CCN 1:

cpe:/o:linux:linux_kernel:2.6.23:-:*:*:*:*:*:*

OR cpe:/o:linux:linux_kernel:2.6.18:-:*:*:*:*:*:*

OR cpe:/o:linux:linux_kernel:2.6.22:-:*:*:*:*:*:*

OR cpe:/o:linux:linux_kernel:2.6.18:rc5:*:*:*:*:*:*

OR cpe:/o:linux:linux_kernel:2.6.18:rc2:*:*:*:*:*:*

OR cpe:/o:linux:linux_kernel:2.6.18:rc1:*:*:*:*:*:*

OR cpe:/o:linux:linux_kernel:2.6.22.1:*:*:*:*:*:*:*

OR cpe:/o:linux:linux_kernel:2.6.18:rc3:*:*:*:*:*:*

OR cpe:/o:linux:linux_kernel:2.6.18:rc4:*:*:*:*:*:*

OR cpe:/o:linux:linux_kernel:2.6.18:rc6:*:*:*:*:*:*

OR cpe:/o:linux:linux_kernel:2.6.18:rc7:*:*:*:*:*:*

OR cpe:/o:linux:linux_kernel:2.6.19.4:*:*:*:*:*:*:*

OR cpe:/o:linux:linux_kernel:2.6.23.9:*:*:*:*:*:*:*

OR cpe:/o:linux:linux_kernel:2.6.22.2:*:*:*:*:*:*:*

OR cpe:/o:linux:linux_kernel:2.6.22.8:*:*:*:*:*:*:*

OR cpe:/o:linux:linux_kernel:2.6.22.9:*:*:*:*:*:*:*

OR cpe:/o:linux:linux_kernel:2.6.22.10:*:*:*:*:*:*:*

OR cpe:/o:linux:linux_kernel:2.6.22.11:*:*:*:*:*:*:*

OR cpe:/o:linux:linux_kernel:2.6.22.12:*:*:*:*:*:*:*

OR cpe:/o:linux:linux_kernel:2.6.22.13:*:*:*:*:*:*:*

OR cpe:/o:linux:linux_kernel:2.6.22.14:*:*:*:*:*:*:*

OR cpe:/o:linux:linux_kernel:2.6.22.15:*:*:*:*:*:*:*

OR cpe:/o:linux:linux_kernel:2.6.22.17:*:*:*:*:*:*:*

OR cpe:/o:linux:linux_kernel:2.6.22.18:*:*:*:*:*:*:*

OR cpe:/o:linux:linux_kernel:2.6.22.19:*:*:*:*:*:*:*

OR cpe:/o:linux:linux_kernel:2.6.22.20:*:*:*:*:*:*:*

OR cpe:/o:linux:linux_kernel:2.6.22.21:*:*:*:*:*:*:*

OR cpe:/o:linux:linux_kernel:2.6.25.2:*:*:*:*:*:*:*

OR cpe:/o:linux:linux_kernel:2.4.36:*:*:*:*:*:*:*

OR cpe:/o:linux:linux_kernel:2.4.36.1:*:*:*:*:*:*:*

OR cpe:/o:linux:linux_kernel:2.4.36.2:*:*:*:*:*:*:*

OR cpe:/o:linux:linux_kernel:2.4.36.3:*:*:*:*:*:*:*

OR cpe:/o:linux:linux_kernel:2.4.36.4:*:*:*:*:*:*:*

OR cpe:/o:linux:linux_kernel:2.4.36.5:*:*:*:*:*:*:*

OR cpe:/o:linux:linux_kernel:2.6.21.6:*:*:*:*:*:*:*

OR cpe:/o:linux:linux_kernel:2.6.21.7:*:*:*:*:*:*:*

OR cpe:/o:linux:linux_kernel:2.6.24.1:*:*:*:*:*:*:*

OR cpe:/o:linux:linux_kernel:2.6.24.2:*:*:*:*:*:*:*

OR cpe:/o:linux:linux_kernel:2.6.25:-:*:*:*:*:*:*

OR cpe:/o:linux:linux_kernel:2.6.25.1:*:*:*:*:*:*:*

OR cpe:/o:linux:linux_kernel:2.6.23.10:*:*:*:*:*:*:*

OR cpe:/o:linux:linux_kernel:2.6.24.6:*:*:*:*:*:*:*

OR cpe:/o:linux:linux_kernel:2.6.25.3:*:*:*:*:*:*:*

OR cpe:/o:linux:linux_kernel:2.6.25.4:*:*:*:*:*:*:*

OR cpe:/o:linux:linux_kernel:2.6.24:-:*:*:*:*:*:*

OR cpe:/o:linux:linux_kernel:2.6.24.3:*:*:*:*:*:*:*

OR cpe:/o:linux:linux_kernel:2.6.24.4:*:*:*:*:*:*:*

OR cpe:/o:linux:linux_kernel:2.6.24.5:*:*:*:*:*:*:*

OR cpe:/o:linux:linux_kernel:2.6.23.11:*:*:*:*:*:*:*

OR cpe:/o:linux:linux_kernel:2.6.23.12:*:*:*:*:*:*:*

OR cpe:/o:linux:linux_kernel:2.6.23.13:*:*:*:*:*:*:*

OR cpe:/o:linux:linux_kernel:2.6.23.8:*:*:*:*:*:*:*

OR cpe:/o:linux:linux_kernel:2.6.21.5:*:*:*:*:*:*:*

OR cpe:/o:linux:linux_kernel:2.6.26:-:*:*:*:*:*:*

OR cpe:/o:linux:linux_kernel:2.6.25.5:*:*:*:*:*:*:*

OR cpe:/o:linux:linux_kernel:2.6.25.6:*:*:*:*:*:*:*

OR cpe:/o:linux:linux_kernel:2.6.25.7:*:*:*:*:*:*:*

OR cpe:/o:linux:linux_kernel:2.6.25.8:*:*:*:*:*:*:*

OR cpe:/o:linux:linux_kernel:2.6.25.9:*:*:*:*:*:*:*

OR cpe:/o:linux:linux_kernel:2.6.25.10:*:*:*:*:*:*:*

OR cpe:/o:linux:linux_kernel:2.6.26.2:*:*:*:*:*:*:*

OR cpe:/o:linux:linux_kernel:2.6.19.5:*:*:*:*:*:*:*

OR cpe:/o:linux:linux_kernel:2.6.19.6:*:*:*:*:*:*:*

OR cpe:/o:linux:linux_kernel:2.6.19.7:*:*:*:*:*:*:*

OR cpe:/o:linux:linux_kernel:2.6.20.16:*:*:*:*:*:*:*

OR cpe:/o:linux:linux_kernel:2.6.20.17:*:*:*:*:*:*:*

OR cpe:/o:linux:linux_kernel:2.6.20.18:*:*:*:*:*:*:*

OR cpe:/o:linux:linux_kernel:2.6.20.19:*:*:*:*:*:*:*

OR cpe:/o:linux:linux_kernel:2.6.20.20:*:*:*:*:*:*:*

OR cpe:/o:linux:linux_kernel:2.6.20.21:*:*:*:*:*:*:*

OR cpe:/o:linux:linux_kernel:2.6.23.15:*:*:*:*:*:*:*

OR cpe:/o:linux:linux_kernel:2.6.23.16:*:*:*:*:*:*:*

OR cpe:/o:linux:linux_kernel:2.6.23.17:*:*:*:*:*:*:*

OR cpe:/o:linux:kernel:2.6.24.7:*:*:*:*:*:*:*

OR cpe:/o:linux:linux_kernel:2.6.25.11:*:*:*:*:*:*:*

OR cpe:/o:linux:linux_kernel:2.6.25.12:*:*:*:*:*:*:*

OR cpe:/o:linux:linux_kernel:2.6.25.13:*:*:*:*:*:*:*

OR cpe:/o:linux:linux_kernel:2.6.25.14:*:*:*:*:*:*:*

OR cpe:/o:linux:kernel:2.6.25.15:*:*:*:*:*:*:*

OR cpe:/o:linux:linux_kernel:2.6.26.1:*:*:*:*:*:*:*

OR cpe:/o:linux:linux_kernel:2.6.26.3:*:*:*:*:*:*:*

OR cpe:/o:linux:linux_kernel:2.6.22.22:*:*:*:*:*:*:*

OR cpe:/o:linux:linux_kernel:2.6.26.5:*:*:*:*:*:*:*

OR cpe:/o:linux:linux_kernel:2.6.27:-:*:*:*:*:*:*

OR cpe:/o:linux:linux_kernel:2.6.25.16:*:*:*:*:*:*:*

OR cpe:/o:linux:linux_kernel:2.6.25.17:*:*:*:*:*:*:*

OR cpe:/o:linux:linux_kernel:2.4.36.6:*:*:*:*:*:*:*

OR cpe:/o:linux:linux_kernel:2.2.27:*:*:*:*:*:*:*

OR cpe:/o:linux:linux_kernel:2.6.25.12::x86_64:*:*:*:*:*

OR cpe:/o:linux:linux_kernel:2.6.25.11::x86_64:*:*:*:*:*

OR cpe:/o:linux:linux_kernel:2.6.25.8::x86_64:*:*:*:*:*

OR cpe:/o:linux:linux_kernel:2.6.25.7::x86_64:*:*:*:*:*

OR cpe:/o:linux:linux_kernel:2.6.25.6::x86_64:*:*:*:*:*

OR cpe:/o:linux:linux_kernel:2.6.25.5::x86_64:*:*:*:*:*

OR cpe:/o:linux:linux_kernel:2.6.25.4::x86_64:*:*:*:*:*

OR cpe:/o:linux:linux_kernel:2.6.25.3::x86_64:*:*:*:*:*

OR cpe:/o:linux:linux_kernel:2.6.25.2::x86_64:*:*:*:*:*

OR cpe:/o:linux:linux_kernel:2.6.25.10::x86_64:*:*:*:*:*

OR cpe:/o:linux:linux_kernel:2.6.25.1::x86_64:*:*:*:*:*

OR cpe:/o:linux:linux_kernel:2.6.25.9::x86_64:*:*:*:*:*

OR cpe:/o:linux:linux_kernel:2.6.25::x86_64:*:*:*:*:*

OR cpe:/o:linux:linux_kernel:2.6.26.4:*:*:*:*:*:*:*

OR cpe:/o:linux:linux_kernel:2.6.28:-:*:*:*:*:*:*

OR cpe:/o:linux:linux_kernel:2.6.29:rc2:*:*:*:*:*:*

OR cpe:/o:linux:linux_kernel:2.6.29:rc1:*:*:*:*:*:*

OR cpe:/o:linux:linux_kernel:2.6.29:git1:*:*:*:*:*:*

OR cpe:/o:linux:linux_kernel:2.6.29:-:*:*:*:*:*:*

OR cpe:/o:linux:linux_kernel:2.6.23:rc1:*:*:*:*:*:*

OR cpe:/o:linux:linux_kernel:2.6.24:rc4:*:*:*:*:*:*

OR cpe:/o:linux:linux_kernel:2.6.24:rc5:*:*:*:*:*:*

OR cpe:/o:linux:linux_kernel:2.6.22:rc7:*:*:*:*:*:*

OR cpe:/o:linux:linux_kernel:2.6.22:rc1:*:*:*:*:*:*

OR cpe:/o:linux:linux_kernel:2.6.24:rc1:*:*:*:*:*:*

OR cpe:/o:linux:linux_kernel:2.6.30:rc1:*:*:*:*:*:*

OR cpe:/o:linux:linux_kernel:2.6.30:rc2:*:*:*:*:*:*

OR cpe:/o:linux:linux_kernel:2.6.30:rc3:*:*:*:*:*:*

OR cpe:/o:linux:linux_kernel:2.6.29.3:*:*:*:*:*:*:*

OR cpe:/o:linux:linux_kernel:2.6.29:rc8-kk:*:*:*:*:*:*

OR cpe:/o:linux:linux_kernel:2.6.29:rc2_git7:*:*:*:*:*:*

OR cpe:/o:linux:linux_kernel:2.6.32:rc4:*:*:*:*:*:*

OR cpe:/o:linux:linux_kernel:2.6.32:rc1:*:*:*:*:*:*

OR cpe:/o:linux:linux_kernel:2.6.32:rc3:*:*:*:*:*:*

OR cpe:/o:linux:linux_kernel:2.6.29.rc1:*:*:*:*:*:*:*

OR cpe:/o:linux:linux_kernel:2.6.30:rc7-git6:*:*:*:*:*:*

OR cpe:/o:linux:linux_kernel:2.6.32:rc6:*:*:*:*:*:*

OR cpe:/o:linux:linux_kernel:2.6.32:rc5:*:*:*:*:*:*

OR cpe:/o:linux:linux_kernel:2.6.32:-:*:*:*:*:*:*

OR cpe:/o:linux:linux_kernel:2.6.32:rc7:*:*:*:*:*:*

OR cpe:/o:linux:linux_kernel:2.6.32:rc8:*:*:*:*:*:*

OR cpe:/o:linux:linux_kernel:2.6.32:git-6:*:*:*:*:*:*

OR cpe:/a:intel:e1000:7.4.27:*:*:*:*:*:*:*

OR cpe:/a:intel:e1000:7.4.35:*:*:*:*:*:*:*

OR cpe:/a:intel:e1000:7.3.20:*:*:*:*:*:*:*

OR cpe:/a:intel:e1000:7.3.15:*:*:*:*:*:*:*

OR cpe:/a:intel:e1000:7.2.9:*:*:*:*:*:*:*

OR cpe:/a:intel:e1000:7.2.7:*:*:*:*:*:*:*

OR cpe:/a:intel:e1000:7.1.9:*:*:*:*:*:*:*

OR cpe:/a:intel:e1000:7.0.41:*:*:*:*:*:*:*

OR cpe:/a:intel:e1000:7.0.33:*:*:*:*:*:*:*

OR cpe:/a:intel:e1000:6.3.9:*:*:*:*:*:*:*

OR cpe:/a:intel:e1000:6.2.15:*:*:*:*:*:*:*

OR cpe:/a:intel:e1000:6.1.16:*:*:*:*:*:*:*

OR cpe:/a:intel:e1000:6.0.60:*:*:*:*:*:*:*

OR cpe:/a:intel:e1000:6.0.54:*:*:*:*:*:*:*

OR cpe:/a:intel:e1000:5.7.6:*:*:*:*:*:*:*

OR cpe:/a:intel:e1000:5.6.10:*:*:*:*:*:*:*

OR cpe:/a:intel:e1000:5.6.10.1:*:*:*:*:*:*:*

OR cpe:/a:intel:e1000:5.5.4:*:*:*:*:*:*:*

OR cpe:/a:intel:e1000:5.4.11:*:*:*:*:*:*:*

OR cpe:/a:intel:e1000:5.3.19:*:*:*:*:*:*:*

OR cpe:/a:intel:e1000:5.2.52:*:*:*:*:*:*:*

OR cpe:/a:intel:e1000:5.2.30.1:*:*:*:*:*:*:*

OR cpe:/a:intel:e1000:5.2.22:*:*:*:*:*:*:*

OR cpe:/o:linux:linux_kernel:2.6.32.1:*:*:*:*:*:*:*

OR cpe:/o:linux:linux_kernel:2.6.32.2:*:*:*:*:*:*:*

OR cpe:/o:linux:linux_kernel:2.6.32.3:*:*:*:*:*:*:*

OR cpe:/o:linux:linux_kernel:2.6.0:-:*:*:*:*:*:*

AND

cpe:/o:redhat:enterprise_linux:4::as:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:4::desktop:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:4::es:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:4::ws:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:5:*:*:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:5:*:client:*:*:*:*:*

OR cpe:/a:novell:open_enterprise_server:*:*:*:*:*:*:*:*

OR cpe:/o:novell:suse_linux_enterprise_server:10:sp2:itanium_ia64:*:*:*:*:*

OR cpe:/o:debian:debian_linux:5.0:*:*:*:*:*:*:*

OR cpe:/o:mandriva:linux:2010:*:*:*:x86_64:*:*:*

OR cpe:/o:mandriva:linux:2010:*:*:*:*:*:*:*

Denotes that component is vulnerable

Oval Definitions

Definition ID	Class	Title	Last Modified
oval:org.opensuse.security:def:20094537	V	CVE-2009-4537	2022-05-20
oval:org.opensuse.security:def:42338	P	Security update for wireshark (Moderate)	2022-02-14
oval:org.opensuse.security:def:31756	P	Security update for apache2 (Important)	2022-01-12
oval:org.opensuse.security:def:32240	P	Security update for the Linux Kernel (Live Patch 41 for SLE 12 SP3) (Important)	2021-12-14
oval:org.opensuse.security:def:31716	P	Security update for mozilla-nss (Important)	2021-12-06
oval:org.opensuse.security:def:26181	P	Security update for mozilla-nss (Important)	2021-12-06
oval:org.opensuse.security:def:31708	P	Security update for webkit2gtk3 (Important)	2021-11-23
oval:org.opensuse.security:def:31707	P	Security update for postgresql10 (Important)	2021-11-22
oval:org.opensuse.security:def:32218	P	Security update for the Linux Kernel (Live Patch 36 for SLE 12 SP3) (Important)	2021-11-19
oval:org.opensuse.security:def:26160	P	Security update for binutils (Moderate)	2021-11-09
oval:org.opensuse.security:def:42135	P	Security update for dnsmasq (Moderate)	2021-10-27
oval:org.opensuse.security:def:31282	P	Security update for webkit2gtk3 (Important)	2021-10-06
oval:org.opensuse.security:def:26139	P	Security update for libvirt (Moderate)	2021-10-04
oval:org.opensuse.security:def:32174	P	Security update for the Linux Kernel (Live Patch 39 for SLE 12 SP3) (Important)	2021-08-25
oval:org.opensuse.security:def:31259	P	Security update for the Linux Kernel (Live Patch 40 for SLE 12 SP3) (Important)	2021-08-25
oval:org.opensuse.security:def:32152	P	Security update for the Linux Kernel (Live Patch 38 for SLE 12 SP3) (Important)	2021-07-27
oval:org.opensuse.security:def:31650	P	Security update for arpwatch (Important)	2021-06-28
oval:org.opensuse.security:def:31651	P	Security update for libsolv (Important)	2021-06-28
oval:org.opensuse.security:def:31208	P	Security update for the Linux Kernel (Live Patch 36 for SLE 12 SP3) (Important)	2021-06-18
oval:org.opensuse.security:def:31642	P	Security update for webkit2gtk3 (Important)	2021-06-17
oval:org.opensuse.security:def:31197	P	Security update for ucode-intel (Important)	2021-06-10
oval:org.opensuse.security:def:36428	P	kernel-docs-3.0.101-63.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:42571	P	kernel-default-3.0.101-63.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:32113	P	Security update for qemu (Important)	2021-06-08
oval:org.opensuse.security:def:31196	P	Security update for spice (Important)	2021-06-08
oval:org.opensuse.security:def:36164	P	kernel-default-3.0.101-63.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:31631	P	Security update for gstreamer-plugins-bad (Important)	2021-06-07
oval:org.opensuse.security:def:31630	P	Security update for polkit (Important)	2021-06-03
oval:org.opensuse.security:def:26058	P	Security update for postgresql10 (Moderate)	2021-05-27
oval:org.opensuse.security:def:26055	P	Security update for hivex (Moderate)	2021-05-26
oval:org.opensuse.security:def:26053	P	Security update for libxml2 (Important)	2021-05-19
oval:org.opensuse.security:def:31616	P	Security update for bind (Important)	2021-05-04
oval:org.opensuse.security:def:32084	P	Security update for gdm (Important)	2021-04-28
oval:org.opensuse.security:def:32895	P	Security update for cifs-utils (Moderate)	2021-04-13
oval:org.opensuse.security:def:32064	P	Security update for the Linux Kernel (Live Patch 36 for SLE 12 SP3) (Important)	2021-04-07
oval:org.opensuse.security:def:26213	P	Security update for evolution-data-server (Moderate)	2021-03-19
oval:org.opensuse.security:def:31351	P	Security update for grub2 (Important)	2021-03-02
oval:org.opensuse.security:def:33088	P	Security update for MozillaFirefox (Important)	2021-03-01
oval:org.opensuse.security:def:26199	P	Security update for ImageMagick (Moderate)	2021-02-25
oval:org.opensuse.security:def:26111	P	Security update for cups (Moderate)	2021-02-02
oval:org.opensuse.security:def:32016	P	Security update for python (Important)	2020-12-11
oval:org.opensuse.security:def:25977	P	Security update for openssl-1_1 (Important)	2020-12-10
oval:org.opensuse.security:def:31563	P	Security update for mutt (Important)	2020-12-07
oval:org.opensuse.security:def:32008	P	Security update for the Linux Kernel (Live Patch 31 for SLE 12 SP3) (Important)	2020-12-07
oval:org.opensuse.security:def:35573	P	kernel-default-2.6.32.12-0.7.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:35728	P	kernel-default-3.0.13-0.27.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:41980	P	kernel-default-2.6.32.12-0.7.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:35931	P	kernel-default-3.0.76-0.11.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:25280	P	Security update for MozillaFirefox (Important)	2020-12-01
oval:org.opensuse.security:def:31414	P	Security update for php53 (Important)	2020-12-01
oval:org.opensuse.security:def:32538	P	kernel-default on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25713	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:26403	P	Security update for ffmpeg (Moderate)	2020-12-01
oval:org.opensuse.security:def:25842	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:32856	P	evolution-data-server on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25355	P	Security update for xen (Important)	2020-12-01
oval:org.opensuse.security:def:26538	P	e2fsprogs on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25725	P	Security update for MozillaFirefox (Important)	2020-12-01
oval:org.opensuse.security:def:31940	P	Recommended update for glibc (Moderate)	2020-12-01
oval:org.opensuse.security:def:26607	P	libvorbis on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:26257	P	Security update for icu (Moderate)	2020-12-01
oval:org.opensuse.security:def:31042	P	Security update for Linux kernel	2020-12-01
oval:org.opensuse.security:def:25564	P	Security update for tomcat (Important)	2020-12-01
oval:org.opensuse.security:def:31806	P	Security update for apache2 (Moderate)	2020-12-01
oval:org.opensuse.security:def:26445	P	Security update for chromium (Important)	2020-12-01
oval:org.opensuse.security:def:31398	P	Security update for perl (Moderate)	2020-12-01
oval:org.opensuse.security:def:25917	P	Security update for mariadb (Important)	2020-12-01
oval:org.opensuse.security:def:26695	P	fetchmail on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:26930	P	kernel-default on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25124	P	Security update for gd (Moderate)	2020-12-01
oval:org.opensuse.security:def:31127	P	Security update for kvm (Important)	2020-12-01
oval:org.opensuse.security:def:25705	P	Security update for python3 (Moderate)	2020-12-01
oval:org.opensuse.security:def:31911	P	Security update for gcc43 (Moderate)	2020-12-01
oval:org.opensuse.security:def:27391	P	e2fsprogs-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:31410	P	Security update for php53 (Important)	2020-12-01
oval:org.opensuse.security:def:32296	P	Security update for procmail (Moderate)	2020-12-01
oval:org.opensuse.security:def:25136	P	Security update for clamav (Important)	2020-12-01
oval:org.opensuse.security:def:25909	P	Security update for flash-player (Important)	2020-12-01
oval:org.opensuse.security:def:25482	P	Security update for man (Moderate)	2020-12-01
oval:org.opensuse.security:def:26290	P	Security update for ImageMagick (Moderate)	2020-12-01
oval:org.opensuse.security:def:32384	P	Security update for tiff (Low)	2020-12-01
oval:org.opensuse.security:def:32693	P	kernel-default on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25328	P	Security update for spice (Moderate)	2020-12-01
oval:org.opensuse.security:def:31495	P	Security update for Python	2020-12-01
oval:org.opensuse.security:def:25997	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:25557	P	Security update for transfig (Low)	2020-12-01
oval:org.opensuse.security:def:31765	P	Security update for MozillaFirefox (Important)	2020-12-01
oval:org.opensuse.security:def:26392	P	Security update for MozillaThunderbird (Important)	2020-12-01
oval:org.opensuse.security:def:26693	P	evolution-data-server on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25989	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:25466	P	Security update for libxml2 (Low)	2020-12-01
oval:org.opensuse.security:def:26489	P	Security update for php7-imagick (Moderate)	2020-12-01
oval:org.opensuse.security:def:25766	P	Security update for mariadb (Important)	2020-12-01
oval:org.opensuse.security:def:26709	P	gmime on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25701	P	Security update for libexif (Moderate)	2020-12-01
oval:org.opensuse.security:def:31795	P	Security update for MozillaFirefox, mozilla-nspr, mozilla-nss (Important)	2020-12-01
oval:org.opensuse.security:def:27162	P	kernel-default on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25279	P	Security update for xen (Important)	2020-12-01
oval:org.opensuse.security:def:25907	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:32499	P	curl on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:26319	P	Security update for kde-cli-tools5 (Moderate)	2020-12-01
oval:org.opensuse.security:def:25803	P	Security update for flash-player (Moderate)	2020-12-01
oval:org.opensuse.security:def:25291	P	Security update for MozillaFirefox (Moderate)	2020-12-01
oval:org.opensuse.security:def:31506	P	Security update for python27 (Important)	2020-12-01
oval:org.opensuse.security:def:32406	P	Security update for wavpack (Moderate)	2020-12-01
oval:org.opensuse.security:def:25714	P	Security update for libpng16 (Moderate)	2020-12-01
oval:org.opensuse.security:def:31848	P	Security update for clamav (Moderate)	2020-12-01
oval:org.opensuse.security:def:26554	P	ghostscript-fonts-other on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:26011	P	Security update for gwenhywfar (Moderate)	2020-12-01
oval:org.opensuse.security:def:31041	P	Security update for kdirstat	2020-12-01
oval:org.opensuse.security:def:25483	P	Security update for freeradius-server (Moderate)	2020-12-01
oval:org.opensuse.security:def:26573	P	kernel-default on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25789	P	Security update for flash-player (Critical)	2020-12-01
oval:org.opensuse.security:def:31997	P	Security update for java-1_7_1-ibm (Important)	2020-12-01
oval:org.opensuse.security:def:26656	P	zoo on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:26895	P	findutils on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:31053	P	Security update for the Linux Kernel (Moderate)	2020-12-01
oval:org.opensuse.security:def:25621	P	Security update for samba (Important)	2020-12-01
oval:org.opensuse.security:def:31862	P	Security update for curl (Moderate)	2020-12-01
oval:org.opensuse.security:def:26753	P	libmysqlclient15-32bit on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:31399	P	Security update for perl (Moderate)	2020-12-01
oval:org.opensuse.security:def:25998	P	Security update for libreoffice (Important)	2020-12-01
oval:org.opensuse.security:def:31817	P	Security update for atftp (Important)	2020-12-01
oval:org.opensuse.security:def:25125	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:25856	P	Security update for gd (Important)	2020-12-01
oval:org.opensuse.security:def:31950	P	Security update for grub2 (Moderate)	2020-12-01
oval:org.opensuse.security:def:27426	P	kernel-docs on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25481	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:31484	P	Security update for python (Important)	2020-12-01
oval:org.opensuse.security:def:32345	P	Security update for spice (Important)	2020-12-01
oval:org.opensuse.security:def:32654	P	ed on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25200	P	Security update for java-1_8_0-ibm (Important)	2020-12-01
oval:org.opensuse.security:def:31408	P	Security update for permissions (Moderate)	2020-12-01
oval:org.opensuse.security:def:25958	P	Security update for libwpd (Important)	2020-12-01
oval:org.opensuse.security:def:32450	P	Security update for xen (Important)	2020-12-01
oval:org.opensuse.security:def:25493	P	Security update for xen (Important)	2020-12-01
oval:org.opensuse.security:def:26343	P	Security update for MozillaThunderbird (Important)	2020-12-01
oval:org.opensuse.security:def:25900	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:25978	P	Security update for tcpdump, libpcap (Moderate)	2020-12-01
oval:org.opensuse.security:def:25409	P	Security update for apache-commons-httpclient (Important)	2020-12-01
oval:org.opensuse.security:def:33127	P	kernel-default on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25685	P	Security update for mariadb (Moderate)	2020-12-01
oval:org.opensuse.security:def:31852	P	Recommended udpate for SUSE Manager Client Tools (Low)	2020-12-01
oval:org.opensuse.security:def:26431	P	Security update for tor (Moderate)	2020-12-01
oval:org.opensuse.security:def:26728	P	kernel-default on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25550	P	Security update for squid (Important)	2020-12-01
oval:org.opensuse.security:def:27127	P	freetype2 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25823	P	Security update for flash-player (Important)	2020-12-01
oval:org.opensuse.security:def:31861	P	Security update for curl (Important)	2020-12-01
oval:org.opensuse.security:def:26262	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:25754	P	Security update for flash-player (Moderate)	2020-12-01
oval:org.opensuse.security:def:31972	P	Security update for jakarta-commons-fileupload (Important)	2020-12-01
oval:org.mitre.oval:def:12434	P	USN-947-1 -- linux, linux-source-2.6.15 vulnerabilities	2014-06-30
oval:org.mitre.oval:def:13167	P	USN-947-2 -- linux regression	2014-06-30
oval:org.mitre.oval:def:13587	P	DSA-2053-1 linux-2.6 -- privilege escalation/denial of service/information leak	2014-06-23
oval:org.mitre.oval:def:22036	P	ELSA-2010:0019: kernel security update (Important)	2014-05-26
oval:org.mitre.oval:def:22178	P	RHSA-2010:0019: kernel security update (Important)	2014-02-24
oval:org.mitre.oval:def:7443	V	Linux Kernel RTL8169 NIC 'RxMaxSize' Frame Size Remote Denial of Service Vulnerability	2014-01-20
oval:org.mitre.oval:def:9439	V	drivers/net/r8169.c in the r8169 driver in the Linux kernel 2.6.32.3 and earlier does not properly check the size of an Ethernet frame that exceeds the MTU, which allows remote attackers to (1) cause a denial of service (temporary network outage) via a packet with a crafted size, in conjunction with certain packets containing A characters and certain packets containing E characters; or (2) cause a denial of service (system crash) via a packet with a crafted size, in conjunction with certain packets containing '\0' characters, related to the value of the status register and erroneous behavior associated with the RxMaxSize register. NOTE: this vulnerability exists because of an incorrect fix for CVE-2009-1389.	2013-04-29
oval:org.debian:def:2053	V	privilege escalation/denial of service/information leak	2010-05-25
oval:com.redhat.rhsa:def:20100020	P	RHSA-2010:0020: kernel security update (Important)	2010-01-08
oval:com.redhat.rhsa:def:20100019	P	RHSA-2010:0019: kernel security update (Important)	2010-01-07