oss-sec mailing list archives
CVE-2009-1385 kernel: e1000_clean_rx_irq() denial of service
From: Eugene Teo <eugene () redhat com>
Date: Wed, 03 Jun 2009 10:06:54 +0800
e1000 has an issue in which a partial frame can leak through validation check on reception. This can lead to an underflow in the length computation of the frame which will panic the system in question. This bug was discovered and fixed in e1000-7.5.5 since April 2007, but was somehow not merged in the upstream kernel... http://sourceforge.net/project/shownotes.php?release_id=504022&group_id=42302 Notes: * fix panic on changing MTU under stress [...] References: http://sourceforge.net/projects/e1000 http://git.kernel.org/linus/ea30e11970a96cfe5e32c03a29332554573b4a10 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2009-1385 Thanks, Eugene
Current thread:
- CVE-2009-1385 kernel: e1000_clean_rx_irq() denial of service Eugene Teo (Jun 02)