CVE - CVE-2009-3613

CVE-ID
CVE-2009-3613	Learn more at National Vulnerability Database (NVD) • CVSS Severity Rating • Fix Information • Vulnerable Software Versions • SCAP Mappings • CPE Information
Description
The swiotlb functionality in the r8169 driver in drivers/net/r8169.c in the Linux kernel before 2.6.27.22 allows remote attackers to cause a denial of service (IOMMU space exhaustion and system crash) by using jumbo frames for a large amount of network traffic, as demonstrated by a flood ping.
References
Note: References are provided for the convenience of the reader to help distinguish between vulnerabilities. The list is not intended to be complete.
MISC:36706 URL:http://www.securityfocus.com/bid/36706 MISC:37909 URL:http://secunia.com/advisories/37909 MISC:38794 URL:http://secunia.com/advisories/38794 MISC:38834 URL:http://secunia.com/advisories/38834 MISC:ADV-2010-0528 URL:~~http://www.vupen.com/english/advisories/2010/0528~~ (Obsolete source) MISC:RHSA-2009:1540 URL:https://rhn.redhat.com/errata/RHSA-2009-1540.html MISC:RHSA-2009:1548 URL:https://rhn.redhat.com/errata/RHSA-2009-1548.html MISC:RHSA-2009:1671 URL:http://www.redhat.com/support/errata/RHSA-2009-1671.html MISC:SUSE-SA:2009:064 URL:http://lists.opensuse.org/opensuse-security-announce/2009-12/msg00005.html MISC:USN-864-1 URL:http://www.ubuntu.com/usn/usn-864-1 MISC:[oss-security] 20091015 Re: CVE request kernel: flood ping cause URL:http://marc.info/?l=oss-security&m=125561712529352&w=2 MISC:[security-announce] 20100303 VMSA-2010-0004 ESX Service Console and vMA third party updates URL:http://lists.vmware.com/pipermail/security-announce/2010/000082.html MISC:http://bugzilla.kernel.org/show_bug.cgi?id=9468 URL:http://bugzilla.kernel.org/show_bug.cgi?id=9468 MISC:http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=97d477a914b146e7e6722ded21afa79886ae8ccd URL:http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=97d477a914b146e7e6722ded21afa79886ae8ccd MISC:http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=a866bbf6aacf95f849810079442a20be118ce905 URL:http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=a866bbf6aacf95f849810079442a20be118ce905 MISC:http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.27.22 URL:http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.27.22 MISC:https://bugzilla.redhat.com/show_bug.cgi?id=529137 URL:https://bugzilla.redhat.com/show_bug.cgi?id=529137 MISC:oval:org.mitre.oval:def:10209 URL:https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10209 MISC:oval:org.mitre.oval:def:7377 URL:https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7377
Assigning CNA
Red Hat, Inc.
Date Record Created
20091009	Disclaimer: The record creation date may reflect when the CVE ID was allocated or reserved, and does not necessarily indicate when this vulnerability was discovered, shared with the affected vendor, publicly disclosed, or updated in CVE.
Phase (Legacy)
Assigned (20091009)
Votes (Legacy)

Comments (Legacy)

Proposed (Legacy)
N/A
This is an record on the CVE List, which provides common identifiers for publicly known cybersecurity vulnerabilities.
Search CVE Using Keywords: You can also search by reference using the CVE Reference Maps.
For More Information: CVE Request Web Form (select "Other" from dropdown)

Use of the CVE® List and the associated references from this website are subject to the terms of use. CVE is sponsored by the U.S. Department of Homeland Security (DHS) Cybersecurity and Infrastructure Security Agency (CISA). Copyright © 1999–2024, The MITRE Corporation. CVE and the CVE logo are registered trademarks of The MITRE Corporation.