The udp_sendmsg function in the UDP implementation in (1) net/ipv4/udp.c and (2) net/ipv6/udp.c in the Linux kernel before 2.6.19 allows local users to gain privileges or cause a denial of service (NULL pointer dereference and system crash) via vectors involving the MSG_MORE flag and a UDP socket.
References
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
|
Configuration 3 (hide)
|
Configuration 4 (hide)
|
Configuration 5 (hide)
|
Configuration 6 (hide)
|
History
21 Nov 2024, 01:05
Type | Values Removed | Values Added |
---|---|---|
References | () http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=1e0c14f49d6b393179f423abbac47f85618d3d46 - Broken Link | |
References | () http://lists.opensuse.org/opensuse-security-announce/2009-08/msg00008.html - Mailing List, Third Party Advisory | |
References | () http://rhn.redhat.com/errata/RHSA-2009-1222.html - Third Party Advisory | |
References | () http://rhn.redhat.com/errata/RHSA-2009-1223.html - Third Party Advisory | |
References | () http://secunia.com/advisories/23073 - Broken Link, Vendor Advisory | |
References | () http://secunia.com/advisories/36430 - Broken Link, Vendor Advisory | |
References | () http://secunia.com/advisories/36510 - Broken Link, Vendor Advisory | |
References | () http://secunia.com/advisories/37105 - Broken Link, Vendor Advisory | |
References | () http://secunia.com/advisories/37298 - Broken Link, Vendor Advisory | |
References | () http://secunia.com/advisories/37471 - Broken Link, Vendor Advisory | |
References | () http://support.avaya.com/css/P8/documents/100067254 - Third Party Advisory | |
References | () http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.19 - Broken Link, Vendor Advisory | |
References | () http://www.mandriva.com/security/advisories?name=MDVSA-2011:051 - Broken Link, Third Party Advisory | |
References | () http://www.openwall.com/lists/oss-security/2009/08/25/1 - Mailing List | |
References | () http://www.redhat.com/support/errata/RHSA-2009-1233.html - Broken Link, Third Party Advisory | |
References | () http://www.securityfocus.com/archive/1/507985/100/0/threaded - Broken Link, Third Party Advisory, VDB Entry | |
References | () http://www.securityfocus.com/archive/1/512019/100/0/threaded - Broken Link, Third Party Advisory, VDB Entry | |
References | () http://www.securityfocus.com/bid/36108 - Broken Link, Exploit, Patch, Third Party Advisory, VDB Entry | |
References | () http://www.securitytracker.com/id?1022761 - Broken Link, Third Party Advisory, VDB Entry | |
References | () http://www.ubuntu.com/usn/USN-852-1 - Third Party Advisory | |
References | () http://www.vmware.com/security/advisories/VMSA-2009-0016.html - Third Party Advisory | |
References | () http://www.vupen.com/english/advisories/2009/3316 - Permissions Required | |
References | () https://bugzilla.redhat.com/show_bug.cgi?id=518034 - Issue Tracking, Third Party Advisory | |
References | () https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11514 - Broken Link, Third Party Advisory | |
References | () https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8557 - Broken Link, Third Party Advisory | |
References | () https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9142 - Broken Link, Third Party Advisory |
28 Dec 2023, 15:22
Type | Values Removed | Values Added |
---|---|---|
First Time |
Redhat
Vmware vcenter Server Redhat enterprise Linux Eus Redhat enterprise Linux Server Aus Redhat enterprise Linux Server Vmware Redhat enterprise Linux Desktop Fedoraproject Vmware esxi Fedoraproject fedora Redhat enterprise Linux Workstation |
|
References | (REDHAT) http://rhn.redhat.com/errata/RHSA-2009-1222.html - Third Party Advisory | |
References | (SECUNIA) http://secunia.com/advisories/36510 - Broken Link, Vendor Advisory | |
References | (SECUNIA) http://secunia.com/advisories/37471 - Broken Link, Vendor Advisory | |
References | (OVAL) https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8557 - Broken Link, Third Party Advisory | |
References | (BUGTRAQ) http://www.securityfocus.com/archive/1/507985/100/0/threaded - Broken Link, Third Party Advisory, VDB Entry | |
References | (SECUNIA) http://secunia.com/advisories/37105 - Broken Link, Vendor Advisory | |
References | (CONFIRM) http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.19 - Broken Link, Vendor Advisory | |
References | (SECTRACK) http://www.securitytracker.com/id?1022761 - Broken Link, Third Party Advisory, VDB Entry | |
References | (SECUNIA) http://secunia.com/advisories/37298 - Broken Link, Vendor Advisory | |
References | (REDHAT) http://www.redhat.com/support/errata/RHSA-2009-1233.html - Broken Link, Third Party Advisory | |
References | (OVAL) https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9142 - Broken Link, Third Party Advisory | |
References | (OVAL) https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11514 - Broken Link, Third Party Advisory | |
References | (BID) http://www.securityfocus.com/bid/36108 - Broken Link, Exploit, Patch, Third Party Advisory, VDB Entry | |
References | (BUGTRAQ) http://www.securityfocus.com/archive/1/512019/100/0/threaded - Broken Link, Third Party Advisory, VDB Entry | |
References | (MANDRIVA) http://www.mandriva.com/security/advisories?name=MDVSA-2011:051 - Broken Link, Third Party Advisory | |
References | (SECUNIA) http://secunia.com/advisories/36430 - Broken Link, Vendor Advisory | |
References | (SECUNIA) http://secunia.com/advisories/23073 - Broken Link, Vendor Advisory | |
References | () http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=1e0c14f49d6b393179f423abbac47f85618d3d46 - Broken Link | |
References | (REDHAT) http://rhn.redhat.com/errata/RHSA-2009-1223.html - Third Party Advisory | |
CPE | cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_eus:5.3:*:*:*:*:*:*:* cpe:2.3:o:fedoraproject:fedora:10:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_desktop:4.0:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_eus:4.8:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_server:4.0:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_workstation:4.0:*:*:*:*:*:*:* cpe:2.3:o:vmware:esxi:4.0:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_server_aus:5.3:*:*:*:*:*:*:* cpe:2.3:a:vmware:vcenter_server:4.0:-:*:*:*:*:*:* |
|
CVSS |
v2 : v3 : |
v2 : 7.2
v3 : 7.8 |
07 Nov 2023, 02:04
Type | Values Removed | Values Added |
---|---|---|
References |
|
|
Information
Published : 2009-08-27 17:30
Updated : 2025-04-09 00:30
NVD link : CVE-2009-2698
Mitre link : CVE-2009-2698
CVE.ORG link : CVE-2009-2698
JSON object : View
Products Affected
redhat
- enterprise_linux_eus
- enterprise_linux_workstation
- enterprise_linux_server_aus
- enterprise_linux_desktop
- enterprise_linux_server
vmware
- esxi
- vcenter_server
suse
- linux_enterprise_server
- linux_enterprise_desktop
canonical
- ubuntu_linux
linux
- linux_kernel
fedoraproject
- fedora
CWE
CWE-476
NULL Pointer Dereference