Summary: | Kernel: appletalk IP-over-DDP DoS (CVE-2009-2903) | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Alex Legler (RETIRED) <a3li> |
Component: | Kernel | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | normal | CC: | hardened-kernel+disabled, kernel |
Priority: | High | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | http://git.kernel.org/?p=linux/kernel/git/davem/net-next-2.6.git;a=commit;h=ffcfb8db540ff879c2a85bf7e404954281443414 | ||
Whiteboard: | [linux <2.6.31] | ||
Package list: | Runtime testing required: | --- |
Description
Alex Legler (RETIRED)
2009-09-14 10:42:16 UTC
CVE-2009-2903 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2903): Memory leak in the appletalk subsystem in the Linux kernel 2.4.x through 2.4.37.6 and 2.6.x through 2.6.31, when the appletalk and ipddp modules are loaded but the ipddp"N" device is not found, allows remote attackers to cause a denial of service (memory consumption) via IP-DDP datagrams. |