CVE-2009-2698 - Secunia Advisories - Vulnerability Information

CVE Reference: CVE-2009-2698
NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE.

Original Page at CVE MITRE: CVE-2009-2698

Description: The udp_sendmsg function in the UDP implementation in (1) net/ipv4/udp.c and (2) net/ipv6/udp.c in the Linux kernel before 2.6.19 allows local users to gain privileges or cause a denial of service (NULL pointer dereference and system crash) via vectors involving the MSG_MORE flag and a UDP socket.

CVE Status: Candidate

References: SUSE http://lists.opensuse.org/opensuse-security-announce/2009-08/msg00008.html ST 1022761 SAID Secunia Advisory: SA23073 Secunia Advisory: SA36430 Secunia Advisory: SA36510 Secunia Advisory: SA37298 Secunia Advisory: SA37471 REDHAT http://rhn.redhat.com/errata/RHSA-2009-1222.html http://rhn.redhat.com/errata/RHSA-2009-1223.html http://www.redhat.com/support/errata/RHSA-2009-1233.html MLIST http://www.openwall.com/lists/oss-security/2009/08/25/1 CONFIRM http://www.vmware.com/security/advisories/VMSA-2009-0016.html http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.19 http://support.avaya.com/css/P8/documents/100067254 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=1e0c14f49d6b393179f423abbac47f85618d3d46 BUGTRAQ http://www.securityfocus.com/archive/1/archive/1/507985/100/0/threaded BID 36108

Return to the previous page.