Attacker Value
Unknown
(0 users assessed)
Exploitability
Unknown
(0 users assessed)
User Interaction
Unknown
Privileges Required
Unknown
Attack Vector
Unknown
0

CVE-2009-4537

Disclosure Date: January 12, 2010
CVE-2009-4537
Add MITRE ATT&CK tactics and techniques that apply to this CVE.

Description

drivers/net/r8169.c in the r8169 driver in the Linux kernel 2.6.32.3 and earlier does not properly check the size of an Ethernet frame that exceeds the MTU, which allows remote attackers to (1) cause a denial of service (temporary network outage) via a packet with a crafted size, in conjunction with certain packets containing A characters and certain packets containing E characters; or (2) cause a denial of service (system crash) via a packet with a crafted size, in conjunction with certain packets containing ‘\0’ characters, related to the value of the status register and erroneous behavior associated with the RxMaxSize register. NOTE: this vulnerability exists because of an incorrect fix for CVE-2009-1389.

Add Assessment

No one has assessed this topic. Be the first to add your voice to the community.

CVSS V3 Severity and Metrics
Base Score:
None
Impact Score:
Unknown
Exploitability Score:
Unknown
Vector:
Unknown
Attack Vector (AV):
Unknown
Attack Complexity (AC):
Unknown
Privileges Required (PR):
Unknown
User Interaction (UI):
Unknown
Scope (S):
Unknown
Confidentiality (C):
Unknown
Integrity (I):
Unknown
Availability (A):
Unknown

General Information

Offensive Application
Unknown
Utility Class
Unknown
Ports
Unknown
OS
Unknown
Vulnerable Versions
n/a
Prerequisites
Unknown
Discovered By
Unknown
PoC Author
Unknown
Metasploit Module
Unknown
Reporter
Unknown

Vendors

  • debian,
  • linux

Products

  • debian linux 5.0,
  • linux kernel

References

Canonical
CVE-2009-4537 (https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4537)
BID-37521 (http://www.securityfocus.com/bid/37521)
Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=550907
http://lists.opensuse.org/opensuse-security-announce/2010-07/msg00006.html
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9439
http://www.redhat.com/support/errata/RHSA-2010-0111.html
SECTRACK-1023419 (http://securitytracker.com/id?1023419)
http://www.redhat.com/support/errata/RHSA-2010-0053.html
[linux-netdev] 20091228 [PATCH RFC] r8169: straighten out overlength frame detection (http://marc.info?l=linux-netdev&m=126202972828626&w=2)
http://www.redhat.com/support/errata/RHSA-2010-0019.html
SECUNIA-40645 (http://secunia.com/advisories/40645)
XF-kernel-r8169-dos(55647) (https://exchange.xforce.ibmcloud.com/vulnerabilities/55647)
[oss-security] 20091228 CVE requests - kernel security regressions for CVE-2009-1385/and -1389 (http://www.openwall.com/lists/oss-security/2009/12/28/1)
FEDORA-2010-1787 (http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035159.html)
[oss-security] 20091229 Re: CVE requests - kernel security regressions for CVE-2009-1385/and -1389 (http://www.openwall.com/lists/oss-security/2009/12/29/2)
http://www.novell.com/linux/security/advisories/2010_23_kernel.html
https://rhn.redhat.com/errata/RHSA-2010-0095.html
SECUNIA-39742 (http://secunia.com/advisories/39742)
[oss-security] 20091231 Re: CVE requests - kernel security regressions for CVE-2009-1385/and -1389 (http://www.openwall.com/lists/oss-security/2009/12/31/1)
http://www.redhat.com/support/errata/RHSA-2010-0020.html
SECUNIA-38031 (http://secunia.com/advisories/38031)
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7443
SECUNIA-38610 (http://secunia.com/advisories/38610)
DSA-2053 (http://www.debian.org/security/2010/dsa-2053)
http://marc.info?t=126202986900002&r=1&w=2
SECUNIA-39830 (http://secunia.com/advisories/39830)
http://www.redhat.com/support/errata/RHSA-2010-0041.html
ADV-2010-1857 (http://www.vupen.com/english/advisories/2010/1857)
Miscellaneous
http://blog.c22.cc/2009/12/27/26c3-cat-procsysnetipv4fuckups
http://events.ccc.de/congress/2009/Fahrplan/events/3596.en.html
http://twitter.com/dakami/statuses/7104238406

Additional Info

Authenticated
Unknown
Exploitable
Unknown
Reliability
Unknown
Stability
Unknown
Available Mitigations
Unknown
Shelf Life
Unknown
Userbase/Installbase
Unknown
Patch Effectiveness
Unknown
Technical Analysis