| Vigil@nce team describes computer vulnerabilities impacting your systems, and offers solutions to correct them. |
|
 |
|
|
|
vulnerability CVE-2009-2136
Solaris: denial of service via Gigabit Ethernet IPv4
Synthesis of the vulnerability
| A LAN attacker can send a Gigabit Ethernet frame in order to stop the system. |
Severity: 2/4.
Creation date: 19/06/2009.
|
Description of the vulnerability
The "ce" driver implements the support of Cassini Gigabit Ethernet network adapters. These adapters can receive jumbo Ethernet frames.
The IPv4 checksum is computed by the system or by the adapter.
An attacker can send a jumbo frame, where the data size is smaller than the frame size. The system then has to recompute the checksum because the "len" (length) field was updated in the packet. However, if the checksum was computed by the adapter, an error occurs in the ip_ocsum_long() assembler function when the system recomputes the checksum.
An attacker located on a network supporting jumbo frames can therefore send an invalid frame in order to generate a denial of service.
This vulnerability is similar to VIGILANCE-VUL-9004. |
Complete Vigil@nce bulletin
Characteristics
Title: Solaris: denial of service via Gigabit Ethernet IPv4.
Keywords: Cassini Ethernet Gigabit IPv4 LAN Solaris denial ip_ocsum_long service.
Identifiers: 257008, 6803523, BID-35439, CVE-2009-2136, VIGILANCE-VUL-8810.
Pointed by: VIGILANCE-VUL-9004.
|
Information sources
Solutions for this vulnerability
Computer vulnerabilities tracking service
The Vigil@nce computer vulnerability tracking service alerts your teams of vulnerabilities or threats impacting your information system.
The Vigil@nce vulnerability database contains several thousand vulnerabilities.
This bulletin is published by the Vigil@nce team, which tracks computer vulnerabilities impacting systems and applications.
Computer vulnerability bulletins
|
