CVE-2009-4538

Name of the Vulnerable Software and Affected Versions openSUSE kernel-ps3-debuginfo versions (affected versions not specified) openSUSE kernel-ps3-debugsource versions (affected versions not specified) Linux kernel version 2.6.32.3 and earlier

Description The issue affects the Linux kernel and openSUSE operating system, involving multiple vulnerabilities in the kernel-ps3-debuginfo and kernel-ps3-debugsource packages. These vulnerabilities can be exploited remotely, potentially leading to a breach of confidentiality, integrity, and availability of protected information. The e1000e driver in the Linux kernel does not properly check the size of an Ethernet frame that exceeds the MTU, allowing remote attackers to have an unspecified impact via crafted packets.

Recommendations For openSUSE kernel-ps3-debuginfo, at the moment, there is no information about a newer version that contains a fix for this vulnerability. For openSUSE kernel-ps3-debugsource, at the moment, there is no information about a newer version that contains a fix for this vulnerability. For Linux kernel version 2.6.32.3 and earlier, consider updating to a version later than 2.6.32.3 to resolve the issue. As a temporary workaround, consider restricting access to the e1000e driver to minimize the risk of exploitation.