Home > Vulnerability Database > CVE-2009-4538

Mend.io Vulnerability Database

CVE-2009-4538

Date: January 12, 2010

drivers/net/e1000e/netdev.c in the e1000e driver in the Linux kernel 2.6.32.3 and earlier does not properly check the size of an Ethernet frame that exceeds the MTU, which allows remote attackers to have an unspecified impact via crafted packets, a related issue to CVE-2009-4537.

Severity Score

9.8

Related Resources (34)

Url: http://secunia.com/advisories/38779

Url: http://lists.opensuse.org/opensuse-security-announce/2010-02/msg00005.html

Url: http://secunia.com/advisories/38276

Url: http://lists.opensuse.org/opensuse-security-announce/2010-02/msg00002.html

Url: http://www.openwall.com/lists/oss-security/2009/12/31/1

Url: http://secunia.com/advisories/38610

Url: http://www.redhat.com/support/errata/RHSA-2010-0020.html

Url: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7016

Url: https://people.canonical.com/~ubuntu-security/cve/CVE-2009-4538

Url: http://www.openwall.com/lists/oss-security/2009/12/28/1

Url: http://securitytracker.com/id?1023420

Url: https://exchange.xforce.ibmcloud.com/vulnerabilities/55645

Url: http://www.redhat.com/support/errata/RHSA-2010-0111.html

Url: http://www.openwall.com/lists/oss-security/2009/12/29/2

Url: http://www.debian.org/security/2010/dsa-2005

Url: http://www.redhat.com/support/errata/RHSA-2010-0053.html

Url: http://lists.opensuse.org/opensuse-security-announce/2010-03/msg00000.html

Url: http://www.debian.org/security/2010/dsa-1996

Url: http://www.redhat.com/support/errata/RHSA-2010-0041.html

Url: http://www.redhat.com/support/errata/RHSA-2010-0019.html

Url: http://www.mandriva.com/security/advisories?name=MDVSA-2010:066

Url: http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035159.html

Url: https://nvd.nist.gov/vuln/detail/CVE-2009-4538

Url: http://lists.opensuse.org/opensuse-security-announce/2010-01/msg00005.html

Url: http://secunia.com/advisories/38296

Url: https://access.redhat.com/security/cve/CVE-2009-4538

Url: https://rhn.redhat.com/errata/RHSA-2010-0095.html

Url: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9702

Url: http://www.securityfocus.com/bid/37523

Url: http://secunia.com/advisories/38492

Url: http://lists.opensuse.org/opensuse-security-announce/2010-01/msg00008.html

Url: http://secunia.com/advisories/38031

Url: https://bugzilla.redhat.com/show_bug.cgi?id=551214

Url: https://www.mend.io/vulnerability-database/CVE-2009-4538

Severity Score

9.8

Weakness Type (CWE)

Insufficient Information

NVD-CWE-noinfo

CVSS v3.1

Base Score:	9.8
Attack Vector (AV):	NETWORK
Attack Complexity (AC):	LOW
Privileges Required (PR):	NONE
User Interaction (UI):	NONE
Scope (S):	UNCHANGED
Confidentiality (C):	HIGH
Integrity (I):	HIGH
Availability (A):	HIGH

CVSS v2

Base Score:	10.0
Access Vector (AV):	NETWORK
Access Complexity (AC):	LOW
Authentication (AU):	NONE
Confidentiality (C):	COMPLETE
Integrity (I):	COMPLETE
Availability (A):	COMPLETE
Additional information:

Mend.io Vulnerability Database

We found results for “”

CVE-2009-4538

Date: January 12, 2010

Severity Score

Related Resources (34)

Severity Score

Weakness Type (CWE)

CVSS v3.1

CVSS v2

Do you need more information?