PT-2009-6738 · Suse+3 · Suse Linux Enterprise+3

Julien Tinnes

+1

·

Published

1970-01-01

·

Updated

2026-02-10

·

CVE-2009-2698

CVSS v2.0

7.2

High

VectorAV:L/AC:L/Au:N/C:C/I:C/A:C
Name of the Vulnerable Software and Affected Versions SUSE Linux Enterprise (affected versions not specified) Linux kernel versions prior to 2.6.19
Description The issue allows local users to gain privileges or cause a denial of service via vectors involving the MSG MORE flag and a UDP socket. This can lead to a disruption of confidentiality, integrity, and availability of protected information. The exploitation of the issue can be carried out locally.
Recommendations For Linux kernel versions prior to 2.6.19, update to a version 2.6.19 or later to resolve the issue. At the moment, there is no information about a newer version of SUSE Linux Enterprise that contains a fix for this vulnerability.

Exploit

Fix

DoS

NULL Pointer Dereference

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-476

Related Identifiers

BDU:2015-04183
BDU:2015-04184
BDU:2015-04185
BDU:2015-04186
BDU:2015-04187
BDU:2015-04188
BDU:2015-04189
BDU:2015-04190
BDU:2015-04191
BDU:2015-04192
BDU:2015-04193
BDU:2015-04194
BDU:2015-04195
BDU:2015-04196
BDU:2015-04197
BDU:2015-04198
CVE-2009-2698
DSA-1872-1
RHSA-2009:1222
RHSA-2009:1223
RHSA-2009:1233
RHSA-2009:1457
RHSA-2009:1469
RHSA-2009_1222
RHSA-2009_1223

Affected Products

Linux Kernel
Red Hat
Suse Linux Enterprise
Vmware Vcenter