Executive Summary
| Informations | |||
|---|---|---|---|
| Name | CVE-2009-3613 | First vendor Publication | 2009-10-19 |
| Vendor | Cve | Last vendor Modification | 2024-11-21 |
Security-Database Scoring CVSS v3
| Cvss vector : N/A | |||
|---|---|---|---|
| Overall CVSS Score | NA | ||
| Base Score | NA | Environmental Score | NA |
| impact SubScore | NA | Temporal Score | NA |
| Exploitabality Sub Score | NA | ||
| Calculate full CVSS 3.0 Vectors scores | |||
Security-Database Scoring CVSS v2
| Cvss vector : (AV:N/AC:L/Au:N/C:N/I:N/A:C) | |||
|---|---|---|---|
| Cvss Base Score | 7.8 | Attack Range | Network |
| Cvss Impact Score | 6.9 | Attack Complexity | Low |
| Cvss Expoit Score | 10 | Authentication | None Required |
| Calculate full CVSS 2.0 Vectors scores | |||
Detail
| The swiotlb functionality in the r8169 driver in drivers/net/r8169.c in the Linux kernel before 2.6.27.22 allows remote attackers to cause a denial of service (IOMMU space exhaustion and system crash) by using jumbo frames for a large amount of network traffic, as demonstrated by a flood ping. |
Original Source
| Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3613 |
CWE : Common Weakness Enumeration
| % | Id | Name |
|---|---|---|
| 100 % | CWE-399 | Resource Management Errors |
OVAL Definitions
| Definition Id: oval:org.mitre.oval:def:13588 | |||
| Oval ID: | oval:org.mitre.oval:def:13588 | ||
| Title: | DSA-1915-1 linux-2.6 -- privilege escalation/denial of service/sensitive memory leak | ||
| Description: | Notice: Debian 5.0.4, the next point release of Debian "lenny", will include a new default value for the mmap_min_addr tunable. This change will add an additional safeguard against a class of security vulnerabilities known as "NULL pointer dereference" vulnerabilities, but it will need to be overridden when using certain applications. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2009-2695 Eric Paris provided several fixes to increase the protection provided by the mmap_min_addr tunable against NULL pointer dereference vulnerabilities. CVE-2009-2903 Mark Smith discovered a memory leak in the appletalk implementation. When the appletalk and ipddp modules are loaded, but no ipddp"N" device is found, remote attackers can cause a denial of service by consuming large amounts of system memory. CVE-2009-2908 Loic Minier discovered an issue in the eCryptfs filesystem. A local user can cause a denial of service by causing a dentry value to go negative. CVE-2009-2909 Arjan van de Ven discovered an issue in the AX.25 protocol implementation. A specially crafted call to setsockopt can result in a denial of service. CVE-2009-2910 Jan Beulich discovered the existence of a sensitive kernel memory leak. Systems running the "amd64" kernel do not properly sanitise registers for 32-bit processes. CVE-2009-3001 Jiri Slaby fixed a sensitive memory leak issue in the ANSI/IEEE 802.2 LLC implementation. This is not exploitable in the Debian lenny kernel as root privileges are required to exploit this issue. CVE-2009-3002 Eric Dumazet fixed several sensitive memory leaks in the IrDA, X.25 PLP, NET/ROM, Acorn Econet/AUN, and Controller Area Network implementations. Local users can exploit these issues to gain access to kernel memory. CVE-2009-3286 Eric Paris discovered an issue with the NFSv4 server implementation. When an O_EXCL create fails, files may be left with corrupted permissions, possibly granting unintentional privileges to other local users. CVE-2009-3290 Jan Kiszka noticed that the kvm_emulate_hypercall function in KVM does not prevent access to MMU hypercalls from ring 0, which allows local guest OS users to cause a denial of service and read or write guest kernel memory. CVE-2009-3613 Alistair Strachan reported an issue in the r8169 driver. Remote users can cause a denial of service by transmitting a large amount of jumbo frames. For the stable distribution, this problem has been fixed in version 2.6.26-19lenny1. For the oldstable distribution, these problems, where applicable, will be fixed in updates to linux-2.6 and linux-2.6.24. We recommend that you upgrade your linux-2.6 and user-mode-linux packages. Note: Debian carefully tracks all known security issues across every linux kernel package in all releases under active security support. However, given the high frequency at which low-severity security issues are discovered in the kernel and the resource requirements of doing an update, updates for lower priority issues will normally not be released for all kernels at the same time. Rather, they will be released in a staggered or "leap-frog" fashion. The following matrix lists additional source packages that were rebuilt for compatibility with or to take advantage of this update: Debian 5.0 user-mode-linux 2.6.26-1um-2+19lenny1 | ||
| Family: | unix | Class: | patch |
| Reference(s): | DSA-1915-1 CVE-2009-2695 CVE-2009-2903 CVE-2009-2908 CVE-2009-2909 CVE-2009-2910 CVE-2009-3001 CVE-2009-3002 CVE-2009-3286 CVE-2009-3290 CVE-2009-3613 | Version: | 5 |
| Platform(s): | Debian GNU/Linux 5.0 | Product(s): | linux-2.6 |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:29269 | |||
| Oval ID: | oval:org.mitre.oval:def:29269 | ||
| Title: | RHSA-2009:1548 -- kernel security and bug fix update (Important) | ||
| Description: | Updated kernel packages that fix multiple security issues and several bugs are now available for Red Hat Enterprise Linux 5. This update has been rated as having important security impact by the Red Hat Security Response Team. The kernel packages contain the Linux kernel, the core of any Linux operating system. | ||
| Family: | unix | Class: | patch |
| Reference(s): | RHSA-2009:1548 CESA-2009:1548-CentOS 5 CVE-2009-2695 CVE-2009-2908 CVE-2009-3228 CVE-2009-3286 CVE-2009-3547 CVE-2009-3613 | Version: | 3 |
| Platform(s): | Red Hat Enterprise Linux 5 CentOS Linux 5 | Product(s): | kernel |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:7377 | |||
| Oval ID: | oval:org.mitre.oval:def:7377 | ||
| Title: | Linux Kernel '/drivers/net/r8169.c' Out-of-IOMMU Error Local Denial of Service Vulnerability | ||
| Description: | The swiotlb functionality in the r8169 driver in drivers/net/r8169.c in the Linux kernel before 2.6.27.22 allows remote attackers to cause a denial of service (IOMMU space exhaustion and system crash) by using jumbo frames for a large amount of network traffic, as demonstrated by a flood ping. | ||
| Family: | unix | Class: | vulnerability |
| Reference(s): | CVE-2009-3613 | Version: | 5 |
| Platform(s): | VMWare ESX Server 4.0 | Product(s): | |
| Definition Synopsis: | |||
CPE : Common Platform Enumeration
OpenVAS Exploits
| Date | Description |
|---|---|
| 2012-04-16 | Name : VMSA-2010-0009: ESXi utilities and ESX Service Console third party updates File : nvt/gb_VMSA-2010-0009.nasl |
| 2011-08-09 | Name : CentOS Update for kernel CESA-2009:1548 centos5 i386 File : nvt/gb_CESA-2009_1548_kernel_centos5_i386.nasl |
| 2011-08-09 | Name : CentOS Update for kernel CESA-2009:1671 centos4 i386 File : nvt/gb_CESA-2009_1671_kernel_centos4_i386.nasl |
| 2009-12-30 | Name : RedHat Security Advisory RHSA-2009:1671 File : nvt/RHSA_2009_1671.nasl |
| 2009-12-30 | Name : CentOS Security Advisory CESA-2009:1671 (kernel) File : nvt/ovcesa2009_1671.nasl |
| 2009-11-11 | Name : RedHat Security Advisory RHSA-2009:1540 File : nvt/RHSA_2009_1540.nasl |
| 2009-11-11 | Name : RedHat Security Advisory RHSA-2009:1548 File : nvt/RHSA_2009_1548.nasl |
| 2009-11-11 | Name : Debian Security Advisory DSA 1928-1 (linux-2.6.24) File : nvt/deb_1928_1.nasl |
| 2009-11-11 | Name : CentOS Security Advisory CESA-2009:1548 (kernel) File : nvt/ovcesa2009_1548.nasl |
| 2009-10-27 | Name : Debian Security Advisory DSA 1915-1 (linux-2.6) File : nvt/deb_1915_1.nasl |
Open Source Vulnerability Database (OSVDB)
| Id | Description |
|---|---|
| 59068 | Linux Kernel drivers/net/r8169.c r8169 Driver swiotlb Functionality Jumbo Fra... Linux Kernel Driver r8169 contains a flaw that may allow a remote denial of service. The issue is triggered when an error in the 'swiotlb' functionality in the r8169 driver in drivers/net/r8169.c in the Linux kernel occurs and will allow remote and local attackers to cause a denial or service attack that results in IOMMU space exhaustion and system crash by using jumbo frames for a large amount of network traffic, and will result in loss of availability for the platform. |
Nessus® Vulnerability Scanner
| Date | Description |
|---|---|
| 2016-03-08 | Name : The remote VMware ESX / ESXi host is missing a security-related patch. File : vmware_VMSA-2010-0009_remote.nasl - Type : ACT_GATHER_INFO |
| 2016-03-08 | Name : The remote VMware ESX host is missing a security-related patch. File : vmware_VMSA-2010-0004_remote.nasl - Type : ACT_GATHER_INFO |
| 2014-11-26 | Name : The remote OracleVM host is missing one or more security updates. File : oraclevm_OVMSA-2009-0033.nasl - Type : ACT_GATHER_INFO |
| 2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2009-1671.nasl - Type : ACT_GATHER_INFO |
| 2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2009-1550.nasl - Type : ACT_GATHER_INFO |
| 2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2009-1541.nasl - Type : ACT_GATHER_INFO |
| 2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2009-1548.nasl - Type : ACT_GATHER_INFO |
| 2013-06-29 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2009-1548.nasl - Type : ACT_GATHER_INFO |
| 2013-06-29 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2009-1541.nasl - Type : ACT_GATHER_INFO |
| 2013-06-29 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2009-1550.nasl - Type : ACT_GATHER_INFO |
| 2013-03-06 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20091103_kernel_on_SL5_x.nasl - Type : ACT_GATHER_INFO |
| 2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20091215_kernel_on_SL4_x.nasl - Type : ACT_GATHER_INFO |
| 2012-05-17 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_kernel-6730.nasl - Type : ACT_GATHER_INFO |
| 2010-06-01 | Name : The remote VMware ESXi / ESX host is missing one or more security-related pat... File : vmware_VMSA-2010-0009.nasl - Type : ACT_GATHER_INFO |
| 2010-03-05 | Name : The remote VMware ESX host is missing one or more security-related patches. File : vmware_VMSA-2010-0004.nasl - Type : ACT_GATHER_INFO |
| 2010-02-24 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-1915.nasl - Type : ACT_GATHER_INFO |
| 2010-02-24 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-1928.nasl - Type : ACT_GATHER_INFO |
| 2009-12-23 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_kernel-6726.nasl - Type : ACT_GATHER_INFO |
| 2009-12-21 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2009-1671.nasl - Type : ACT_GATHER_INFO |
| 2009-12-16 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2009-1671.nasl - Type : ACT_GATHER_INFO |
| 2009-12-10 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-869-1.nasl - Type : ACT_GATHER_INFO |
| 2009-12-07 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-864-1.nasl - Type : ACT_GATHER_INFO |
| 2009-11-04 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2009-1550.nasl - Type : ACT_GATHER_INFO |
| 2009-11-04 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2009-1548.nasl - Type : ACT_GATHER_INFO |
| 2009-11-04 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2009-1541.nasl - Type : ACT_GATHER_INFO |
Sources (Detail)
Alert History
| Date | Informations |
|---|---|
| 2024-11-28 23:10:11 |
|
| 2024-11-28 12:19:59 |
|
| 2024-08-02 12:12:16 |
|
| 2024-08-02 01:03:20 |
|
| 2024-02-02 01:11:45 |
|
| 2024-02-01 12:03:17 |
|
| 2023-09-05 12:11:00 |
|
| 2023-09-05 01:03:08 |
|
| 2023-09-02 12:11:06 |
|
| 2023-09-02 01:03:09 |
|
| 2023-08-12 12:13:03 |
|
| 2023-08-12 01:03:09 |
|
| 2023-08-11 12:11:08 |
|
| 2023-08-11 01:03:17 |
|
| 2023-08-06 12:10:43 |
|
| 2023-08-06 01:03:11 |
|
| 2023-08-04 12:10:48 |
|
| 2023-08-04 01:03:12 |
|
| 2023-07-14 12:10:45 |
|
| 2023-07-14 01:03:10 |
|
| 2023-03-29 01:12:19 |
|
| 2023-03-28 12:03:16 |
|
| 2023-02-13 09:29:17 |
|
| 2022-10-11 12:09:34 |
|
| 2022-10-11 01:02:59 |
|
| 2022-03-11 01:08:00 |
|
| 2021-05-04 12:10:18 |
|
| 2021-04-22 01:10:43 |
|
| 2020-08-08 01:04:36 |
|
| 2020-08-01 12:04:38 |
|
| 2020-07-30 01:04:46 |
|
| 2020-05-23 01:40:58 |
|
| 2020-05-23 00:24:26 |
|
| 2019-01-25 12:02:53 |
|
| 2018-10-30 12:03:05 |
|
| 2017-09-19 09:23:27 |
|
| 2016-08-05 12:02:14 |
|
| 2016-06-29 00:07:31 |
|
| 2016-06-28 17:51:41 |
|
| 2016-04-26 19:11:38 |
|
| 2016-03-09 13:25:54 |
|
| 2014-11-27 13:27:37 |
|
| 2014-02-17 10:51:57 |
|
| 2013-05-10 23:59:28 |
|
