CVE-2009-4536
The MITRE CVE dictionary describes this issue as:
drivers/net/e1000/e1000_main.c in the e1000 driver in the Linux kernel 2.6.32.3 and earlier handles Ethernet frames that exceed the MTU by processing certain trailing payload data as if it were a complete frame, which allows remote attackers to bypass packet filters via a large packet with a crafted payload. NOTE: this vulnerability exists because of an incorrect fix for CVE-2009-1385.
Find out more about CVE-2009-4536 from the MITRE CVE dictionary dictionary and NIST NVD.
CVSS v2 metrics
| Base Score | 6.8 |
|---|---|
| Base Metrics | AV:A/AC:L/Au:N/C:N/I:P/A:C |
| Access Vector | Adjacent Network |
| Access Complexity | Low |
| Authentication | None |
| Confidentiality Impact | None |
| Integrity Impact | Partial |
| Availability Impact | Complete |
Find out more about Red Hat support for the Common Vulnerability Scoring System (CVSS).
Red Hat Security Errata
| Platform | Errata | Release Date |
|---|---|---|
| Red Hat Enterprise Linux 4 (kernel) | RHSA-2010:0020 | 2010-01-08 |
| MRG Grid for RHEL 5 Server (kernel-rt) | RHSA-2010:0041 | 2010-01-21 |
| Red Hat Enterprise Linux 5 (kernel) | RHSA-2010:0019 | 2010-01-07 |
| Red Hat Enterprise Virtualization Hypervisor 5 (rhev-hypervisor) | RHSA-2010:0095 | 2010-02-09 |
| Red Hat Enterprise Linux Extended Update Support 4.7 (kernel) | RHSA-2010:0111 | 2010-02-16 |
| Red Hat Enterprise Linux Extended Lifecycle Support 3 (kernel) | RHSA-2010:0882 | 2010-11-12 |
| Red Hat Enterprise Linux EUS (v. 5.3 server) (kernel) | RHSA-2010:0053 | 2010-01-20 |
| Red Hat Enterprise Linux EUS (v. 5.2 server) (kernel) | RHSA-2010:0079 | 2010-02-02 |
CVE description copyright © 2017, The MITRE Corporation