Numeric Errors

CVE-2009-4536

High

7.8/10

Summary

drivers/net/e1000/e1000_main.c in the e1000 driver in the Linux kernel 2.6.32.3 and earlier handles Ethernet frames that exceed the MTU by processing certain trailing payload data as if it were a complete frame, which allows remote attackers to bypass packet filters via a large packet with a crafted payload. NOTE: this vulnerability exists because of an incorrect fix for CVE-2009-1385.

Access Complexity: LOW
AccessVector: NETWORK
Authentication: NONE
Integrity Impact: NONE
Confidentiality Impact: NONE
Availability Impact: COMPLETE

CWE-189 - Numeric Errors

Weaknesses in this category are related to improper calculation or conversion of numbers.

References

Advisory Timeline

Published Jan 12, 2010

Numeric Errors

CVE-2009-4536

Summary

CWE-189 - Numeric Errors

References

Advisory Timeline

ChainJacking

JetBrains IDE

KICS SaaS