CVE-2009-4067
published 2020-02-11CVE-2009-4067: Buffer overflow in the auerswald_probe function in the Auerswald Linux USB driver for the Linux kernel before 2.6.27 allows physically proximate attackers to…
PriorityP336medium6.8CVSS 3.1
AVPACLPRNUINSUCHIHAH
EXPLOIT
EPSS
2.06%
78.9th percentile
Buffer overflow in the auerswald_probe function in the Auerswald Linux USB driver for the Linux kernel before 2.6.27 allows physically proximate attackers to execute arbitrary code, cause a denial of service via a crafted USB device, or take full control of the system.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| linux | linux_kernel | < 2.6.27 | 2.6.27 |
| redhat | enterprise_linux | — | — |
CVSS provenance
nvdv3.16.8MEDIUMCVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
nvdv2.07.2HIGHAV:L/AC:L/Au:N/C:C/I:C/A:C
vendor_redhat6.8MEDIUM
vendor_ubuntu6.8MEDIUM
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Ubuntu
Linux kernel vulnerabilities
vendor_ubuntu·2011-10-20·CVSS 6.8
CVE-2011-2495 [MEDIUM] Linux kernel vulnerabilities
Title: Linux kernel vulnerabilities
Summary: Multiple kernel flaws have been fixed.
It was discovered that the Auerswald usb driver incorrectly handled lengths
of the USB string descriptors. A local attacker with physical access could
insert a specially crafted USB device and gain root privileges.
(CVE-2009-4067)
It was discovered that the Stream Control Transmission Protocol (SCTP)
implementation incorrectly calculated lengths. If the net.sctp.addip_enable
variable was turned on, a remote attacker could send specially crafted
traffic to crash the system. (CVE-2011-1573)
Vasiliy Kulikov discovered that taskstats did not enforce access
restrictions. A local attacker could exploit this to read certain
information, leading to a loss of privacy. (CVE-2011-2494)
Vasiliy Kulikov discovered
Red Hat
kernel: usb: buffer overflow in auerswald_probe()
vendor_redhat·2009-10-29·CVSS 6.8
CVE-2009-4067 [MEDIUM] kernel: usb: buffer overflow in auerswald_probe()
kernel: usb: buffer overflow in auerswald_probe()
Buffer overflow in the auerswald_probe function in the Auerswald Linux USB driver for the Linux kernel before 2.6.27 allows physically proximate attackers to execute arbitrary code, cause a denial of service via a crafted USB device, or take full control of the system.
Statement: This issue did not affect the Linux kernel as shipped with Red Hat Enterprise Linux 6 and Red Hat Enterprise MRG as the affected code has been removed. It was addressed in Red Hat Enterprise Linux 5 via https://rhn.redhat.com/errata/RHSA-2011-1386.html. Red Hat Enterprise Linux 4 is now in Production 3 of the maintenance life-cycle, https://access.redhat.com/support/policy/updates/errata/, therefore the fix for this issue is not currently planned to be included i
GHSA
GHSA-p3pg-j7qj-fx26: Buffer overflow in the auerswald_probe function in the Auerswald Linux USB driver for the Linux kernel before 2
ghsa_unreviewed·2022-04-21
CVE-2009-4067 [HIGH] GHSA-p3pg-j7qj-fx26: Buffer overflow in the auerswald_probe function in the Auerswald Linux USB driver for the Linux kernel before 2
Buffer overflow in the auerswald_probe function in the Auerswald Linux USB driver for the Linux kernel before 2.6.27 allows physically proximate attackers to execute arbitrary code, cause a denial of service via a crafted USB device, or take full control of the system.
No detection rules found.
Bugzilla
CVE-2009-4067 kernel: usb: buffer overflow in auerswald_probe() [fedora-all]
bugzilla·2011-10-25·CVSS 6.8
CVE-2009-4067 [MEDIUM] CVE-2009-4067 kernel: usb: buffer overflow in auerswald_probe() [fedora-all]
CVE-2009-4067 kernel: usb: buffer overflow in auerswald_probe() [fedora-all]
This is an automatically created tracking bug! It was created to ensure
that one or more security vulnerabilities are fixed in affected Fedora
versions.
For comments that are specific to the vulnerability please use bugs filed
against "Security Response" product referenced in the "Blocks" field.
For more information see:
http://fedoraproject.org/wiki/Security/TrackingBugs
When creating a Bodhi update request, please include the bug IDs of the
respective parent bugs filed against the "Security Response" product.
Please mention CVE ids in the RPM changelog when available.
Bodhi update submission link:
https://admin.fedoraproject.org/updates/new/?type_=security&bugs=722393
Please note: this issue affects multip
Bugzilla
CVE-2009-4067 kernel: usb: buffer overflow in auerswald_probe()
bugzilla·2011-07-15·CVSS 6.8
CVE-2009-4067 [MEDIUM] CVE-2009-4067 kernel: usb: buffer overflow in auerswald_probe()
CVE-2009-4067 kernel: usb: buffer overflow in auerswald_probe()
A buffer overflow flaw was found in the Linux kernel's Auerswald PBX/System Telephone usb driver implementation. There's no upstream patch as the affected driver was removed from the kernel in 2.6.27.
For more information, check out the references:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4067
http://labs.mwrinfosecurity.com/files/Advisories/mwri_linux-usb-buffer-overflow_2009-10-29.pdf
Acknowledgement:
Red Hat would like to thank Rafael Dominguez Vega for reporting this issue.
Discussion:
Statement:
This issue did not affect the Linux kernel as shipped with Red Hat Enterprise Linux 6 and Red Hat Enterprise MRG as the affected code has been removed. It was addressed in Red Hat Enterprise Linux 5 via https:
2020-02-11
Published