| Vigil@nce team describes computer vulnerabilities impacting your systems, and offers solutions to correct them. |
|
 |
|
|
|
vulnerability alert CVE-2009-1389
Linux kernel: denial of service via rtl8169
Synthesis of the vulnerability
| An attacker can send a long packet in order to stop systems with the rtl8169 driver. |
Severity: 2/4.
Creation date: 10/06/2009.
|
Description of the vulnerability
The rtl8169 driver implements the support of network adapters of the Realtek RTL81xx suite. These adapters can receive Ethernet frames with a size of 16383 bytes (jumbo frames).
However, the rtl8169 driver only supports 1500 bytes. Longer frames generate an overflow.
An attacker located on a network supporting jumbo frames can therefore send a long frame in order to generate a denial of service, and possibly to execute code. |
Complete Vigil@nce bulletin
Characteristics
Title: Linux kernel: denial of service via rtl8169.
Keywords: 1500 16383 Ethernet Linux RTL81xx Realtek denial kernel rtl8169 service.
Identifiers: BID-35281, CTX123192, CTX123453, CTX123673, CVE-2009-1389, DSA 1844-1, DSA 1865-1, FEDORA-2009-6768, FEDORA-2009-6846, FEDORA-2009-6883, MDVSA-2009:148, RHSA-2009:1157-01, RHSA-2009:1193-01, RHSA-2009:1211-01, RHSA-2009:1457-01, RHSA-2009:1469-01, SUSE-SA:2009:038, SUSE-SA:2009:045, SUSE-SA:2010:031, VIGILANCE-VUL-8786, VMSA-2009-0016, VMSA-2009-0016.1, VMSA-2009-0016.2, VMSA-2009-0016.3, VMSA-2009-0016.4, VMSA-2009-0016.5.
|
Information sources
Solutions for this vulnerability
Supplements
Computer vulnerabilities tracking service
The Vigil@nce computer vulnerability tracking service alerts your teams of vulnerabilities or threats impacting your information system.
The Vigil@nce vulnerability database contains several thousand vulnerabilities.
This bulletin is published by the Vigil@nce team, which tracks computer vulnerabilities impacting systems and applications.
Systems vulnerabilities
|
