CVE-2009-1389

CWE-119Buffer OverflowCWE-6828 documents6 sources
Severity
7.8HIGH
EPSS
7.8%
top 8.01%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Linux KernelLinux Linux Kernel
Timeline
PublishedJun 16
Latest updateMay 2

Description

Buffer overflow in the RTL8169 NIC driver (drivers/net/r8169.c) in the Linux kernel before 2.6.30 allows remote attackers to cause a denial of service (kernel memory corruption and crash) via a long packet.

CVSS vector

AV:N/AC:L/C:N/I:N/A:CExploitability: 10.0 | Impact: 6.9

Affected Packages2 packages

NVDlinux/kernel2.6.24.7, 2.6.25.15+1
NVDlinux/linux_kernel253 versions+252

🔴Vulnerability Details

2
GHSA
GHSA-g3p7-2p6v-2v85: Buffer overflow in the RTL8169 NIC driver (drivers/net/r81692022-05-02
CVEList
CVE-2009-1389: Buffer overflow in the RTL8169 NIC driver (drivers/net/r81692009-06-16

📋Vendor Advisories

3
Red Hat
kernel: r8169 issue reported at 26c32009-12-28
Ubuntu
Linux kernel vulnerabilities2009-07-28
Red Hat
kernel: r8169: fix crash when large packets are received2009-02-14

💬Community

2
Bugzilla
CVE-2009-4537 kernel: r8169 issue reported at 26c32009-12-28
Bugzilla
CVE-2009-1389 kernel: r8169: fix crash when large packets are received2009-06-09
CVE-2009-1389 (HIGH CVSS 7.8) | Buffer overflow in the RTL8169 NIC | cvebase.io