PT-2009-6755 · Linux+1 · Linux Kernel+1

Thomas Pollet

·

Published

1970-01-01

·

Updated

2012-03-23

·

CVE-2009-1265

CVSS v2.0

7.8

High

VectorAV:N/AC:L/Au:N/C:N/I:N/A:C
Name of the Vulnerable Software and Affected Versions openSUSE dazuko-kmp-debug (affected versions not specified) openSUSE kvm-kmp-trace (affected versions not specified) openSUSE ofed-kmp-debug (affected versions not specified) openSUSE aufs-kmp-debug (affected versions not specified) openSUSE kqemu-kmp-debug (affected versions not specified) openSUSE drbd-kmp-debug (affected versions not specified) openSUSE ofed-kmp-trace (affected versions not specified) openSUSE iscsitarget-kmp-trace (affected versions not specified) openSUSE pcfclock-kmp-trace (affected versions not specified) openSUSE intel-iamt-heci-kmp-debug (affected versions not specified) openSUSE kqemu-kmp-trace (affected versions not specified) openSUSE dazuko-kmp-trace (affected versions not specified) openSUSE drbd-kmp-trace (affected versions not specified) openSUSE iscsitarget-kmp-debug (affected versions not specified) openSUSE pcfclock-kmp-debug (affected versions not specified) openSUSE aufs-kmp-trace (affected versions not specified) openSUSE intel-iamt-heci-kmp-trace (affected versions not specified) Linux kernel versions prior to 2.6.30-rc1
Description The issue involves multiple vulnerabilities in various packages of the openSUSE operating system, which can lead to a disruption of protected information. These vulnerabilities can be exploited remotely. In the Linux kernel, an integer overflow in the rose sendmsg function might allow remote attackers to obtain sensitive information via a large length value.
Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-189

Related Identifiers

BDU:2015-05202
BDU:2015-05203
BDU:2015-05204
BDU:2015-05205
BDU:2015-05206
BDU:2015-05207
BDU:2015-05208
BDU:2015-05209
BDU:2015-05210
BDU:2015-05211
BDU:2015-05212
BDU:2015-05213
BDU:2015-05214
BDU:2015-05215
BDU:2015-05216
BDU:2015-05217
BDU:2015-05218
CVE-2009-1265
DSA-1787-1
DSA-1794-1
DSA-1800-1

Affected Products

Linux Kernel
Opensuse