The udp_sendmsg function in the UDP implementation in (1) net/ipv4/udp.c and (2) net/ipv6/udp.c in the Linux kernel before 2.6.19 allows local users to gain privileges or cause a denial of service (NULL pointer dereference and system crash) via vectors involving the MSG_MORE flag and a UDP socket.
References
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
|
Configuration 3 (hide)
|
Configuration 4 (hide)
|
Configuration 5 (hide)
|
Configuration 6 (hide)
|
History
28 Dec 2023, 15:22
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:o:redhat:enterprise_linux_desktop:4.0:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_server:4.0:*:*:*:*:*:*:* cpe:2.3:a:vmware:vcenter_server:4.0:-:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_workstation:4.0:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_server_aus:5.3:*:*:*:*:*:*:* cpe:2.3:o:vmware:esxi:4.0:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:* cpe:2.3:o:fedoraproject:fedora:10:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_eus:4.8:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_eus:5.3:*:*:*:*:*:*:* |
|
References | () http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=1e0c14f49d6b393179f423abbac47f85618d3d46 - Broken Link | |
References | () http://rhn.redhat.com/errata/RHSA-2009-1222.html - Third Party Advisory | |
References | () http://rhn.redhat.com/errata/RHSA-2009-1223.html - Third Party Advisory | |
References | () http://secunia.com/advisories/23073 - Broken Link, Vendor Advisory | |
References | () http://secunia.com/advisories/36430 - Broken Link, Vendor Advisory | |
References | () http://secunia.com/advisories/36510 - Broken Link, Vendor Advisory | |
References | () http://secunia.com/advisories/37105 - Broken Link, Vendor Advisory | |
References | () http://secunia.com/advisories/37298 - Broken Link, Vendor Advisory | |
References | () http://secunia.com/advisories/37471 - Broken Link, Vendor Advisory | |
References | () http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.19 - Broken Link, Vendor Advisory | |
References | () http://www.mandriva.com/security/advisories?name=MDVSA-2011:051 - Broken Link, Third Party Advisory | |
References | () http://www.redhat.com/support/errata/RHSA-2009-1233.html - Broken Link, Third Party Advisory | |
References | () http://www.securityfocus.com/archive/1/507985/100/0/threaded - Broken Link, Third Party Advisory, VDB Entry | |
References | () http://www.securityfocus.com/archive/1/512019/100/0/threaded - Broken Link, Third Party Advisory, VDB Entry | |
References | () http://www.securityfocus.com/bid/36108 - Broken Link, Exploit, Patch, Third Party Advisory, VDB Entry | |
References | () http://www.securitytracker.com/id?1022761 - Broken Link, Third Party Advisory, VDB Entry | |
References | () https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11514 - Broken Link, Third Party Advisory | |
References | () https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8557 - Broken Link, Third Party Advisory | |
References | () https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9142 - Broken Link, Third Party Advisory | |
First Time |
Vmware vcenter Server
Redhat enterprise Linux Eus Redhat Redhat enterprise Linux Server Redhat enterprise Linux Desktop Fedoraproject fedora Vmware Vmware esxi Fedoraproject Redhat enterprise Linux Server Aus Redhat enterprise Linux Workstation |
|
CVSS |
v2 : v3 : |
v2 : 7.2
v3 : 7.8 |
07 Nov 2023, 02:04
Type | Values Removed | Values Added |
---|---|---|
References |
|
|
Information
Published : 2009-08-27 17:30
Updated : 2023-12-28 15:22
NVD link : CVE-2009-2698
Mitre link : CVE-2009-2698
CVE.ORG link : CVE-2009-2698
JSON object : View
Products Affected
redhat
- enterprise_linux_desktop
- enterprise_linux_server_aus
- enterprise_linux_server
- enterprise_linux_workstation
- enterprise_linux_eus
suse
- linux_enterprise_server
- linux_enterprise_desktop
vmware
- esxi
- vcenter_server
linux
- linux_kernel
canonical
- ubuntu_linux
fedoraproject
- fedora
CWE
CWE-476
NULL Pointer Dereference