CVE-2009-4536

Priority
Medium
Description
drivers/net/e1000/e1000_main.c in the e1000 driver in the Linux kernel
2.6.32.3 and earlier handles Ethernet frames that exceed the MTU by
processing certain trailing payload data as if it were a complete frame,
which allows remote attackers to bypass packet filters via a large packet
with a crafted payload. NOTE: this vulnerability exists because of an
incorrect fix for CVE-2009-1385.
References
Bugs
Assigned-to
ogasawara
Package
Upstream:needs-triage
Ubuntu 8.04 LTS (Hardy Heron):DNE
Ubuntu 10.04 LTS (Lucid Lynx):DNE
Package
Source: linux (LP Ubuntu Debian)
Upstream:needs-triage
Ubuntu 8.04 LTS (Hardy Heron):released (2.6.24-27.65)
Ubuntu 10.04 LTS (Lucid Lynx):not-affected
More Information

Valid XHTML 1.0 Strict

Updated: 2012-06-01 15:20:28 UTC (commit 5347)