PT-2009-6738 · Suse+3 · Suse Linux Enterprise+3

Julien Tinnes

+1

·

Publicado

1970-01-01

·

Atualizado

2026-02-10

·

CVE-2009-2698

CVSS v2.0

7.2

Alta

VetorAV:L/AC:L/Au:N/C:C/I:C/A:C
Name of the Vulnerable Software and Affected Versions SUSE Linux Enterprise (affected versions not specified) Linux kernel versions prior to 2.6.19
Description The issue allows local users to gain privileges or cause a denial of service via vectors involving the MSG MORE flag and a UDP socket. This can lead to a disruption of confidentiality, integrity, and availability of protected information. The exploitation of the issue can be carried out locally.
Recommendations For Linux kernel versions prior to 2.6.19, update to a version 2.6.19 or later to resolve the issue. At the moment, there is no information about a newer version of SUSE Linux Enterprise that contains a fix for this vulnerability.

Exploit

Correção

DoS

NULL Pointer Dereference

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-476

Identificadores relacionados

BDU:2015-04183
BDU:2015-04184
BDU:2015-04185
BDU:2015-04186
BDU:2015-04187
BDU:2015-04188
BDU:2015-04189
BDU:2015-04190
BDU:2015-04191
BDU:2015-04192
BDU:2015-04193
BDU:2015-04194
BDU:2015-04195
BDU:2015-04196
BDU:2015-04197
BDU:2015-04198
CVE-2009-2698
DSA-1872-1
RHSA-2009:1222
RHSA-2009:1223
RHSA-2009:1233
RHSA-2009:1457
RHSA-2009:1469
RHSA-2009_1222
RHSA-2009_1223

Produtos afetados

Linux Kernel
Red Hat
Suse Linux Enterprise
Vmware Vcenter