CVE-2009-2903

Sažetak

Memory leak in the appletalk subsystem in the Linux kernel 2.4.x through 2.4.37.6 and 2.6.x through 2.6.31, when the appletalk and ipddp modules are loaded but the ipddp"N" device is not found, allows remote attackers to cause a denial of service (memory consumption) via IP-DDP datagrams.

Reference

http://www.securityfocus.com/bid/36379
http://secunia.com/advisories/36707
http://www.openwall.com/lists/oss-security/2009/09/14/1
http://www.openwall.com/lists/oss-security/2009/09/14/2
https://bugzilla.redhat.com/show_bug.cgi?id=522331
http://www.openwall.com/lists/oss-security/2009/09/17/11
http://lists.opensuse.org/opensuse-security-announce/2009-12/msg00002.html
http://www.mandriva.com/security/advisories?name=MDVSA-2009:329
http://secunia.com/advisories/37909
http://lists.opensuse.org/opensuse-security-announce/2009-12/msg00005.html
http://lists.opensuse.org/opensuse-security-announce/2010-02/msg00005.html
http://lists.opensuse.org/opensuse-security-announce/2010-02/msg00007.html
http://secunia.com/advisories/37105
http://www.ubuntu.com/usn/USN-852-1
http://git.kernel.org/?p=linux/kernel/git/davem/net-next-2.6.git%3Ba=commit%3Bh=ffcfb8db540ff879c2a85bf7e404954281443414

CVSS

Base:	7.1
Impact:	6.9
Exploitability:	8.6

Pristup

Vektor	Složenost	Autentikacija
NETWORK	MEDIUM	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
NONE	NONE	COMPLETE

CVSS vektor

AV:N/AC:M/Au:N/C:N/I:N/A:C

Zadnje važnije ažuriranje

13-02-2023 - 01:17

Objavljeno

15-09-2009 - 22:30