CVE-2009-2903

EUVD-2009-2891
Memory leak in the appletalk subsystem in the Linux kernel 2.4.x through 2.4.37.6 and 2.6.x through 2.6.31, when the appletalk and ipddp modules are loaded but the ipddp"N" device is not found, allows remote attackers to cause a denial of service (memory consumption) via IP-DDP datagrams.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
7.1 UNKNOWN
NETWORK
MEDIUM
AV:N/AC:M/Au:N/C:N/I:N/A:C
Base Score
CVSS 3.x
EPSS Score
Percentile: 87%
Affected Products (NVD)
VendorProductVersion
linuxlinux_kernel
2.4.0 ≤
𝑥
≤ 2.4.37.6
linuxlinux_kernel
2.6.0 ≤
𝑥
≤ 2.6.31
canonicalubuntu_linux
6.06
canonicalubuntu_linux
8.04
canonicalubuntu_linux
8.10
canonicalubuntu_linux
9.04
𝑥
= Vulnerable software versions
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
linux
dapper
dne
hardy
Fixed 2.6.24-25.63
released
intrepid
Fixed 2.6.27-15.43
released
jaunty
Fixed 2.6.28-16.55
released
linux-source-2.6.15
dapper
Fixed 2.6.15-55.80
released
hardy
dne
intrepid
dne
jaunty
dne
Common Weakness Enumeration
References
http://git.kernel.org/?p=linux/kernel/git/davem/net-next-2.6.git%3Ba=commit%3Bh=ffcfb8db540ff879c2a85bf7e404954281443414
http://lists.opensuse.org/opensuse-security-announce/2009-12/msg00002.html
http://lists.opensuse.org/opensuse-security-announce/2009-12/msg00005.html
http://lists.opensuse.org/opensuse-security-announce/2010-02/msg00005.html
http://lists.opensuse.org/opensuse-security-announce/2010-02/msg00007.html
http://secunia.com/advisories/36707
http://secunia.com/advisories/37105
http://secunia.com/advisories/37909
http://www.mandriva.com/security/advisories?name=MDVSA-2009:329
http://www.openwall.com/lists/oss-security/2009/09/14/1
http://www.openwall.com/lists/oss-security/2009/09/14/2
http://www.openwall.com/lists/oss-security/2009/09/17/11
http://www.securityfocus.com/bid/36379
http://www.ubuntu.com/usn/USN-852-1
https://bugzilla.redhat.com/show_bug.cgi?id=522331
http://git.kernel.org/?p=linux/kernel/git/davem/net-next-2.6.git%3Ba=commit%3Bh=ffcfb8db540ff879c2a85bf7e404954281443414
http://lists.opensuse.org/opensuse-security-announce/2009-12/msg00002.html
http://lists.opensuse.org/opensuse-security-announce/2009-12/msg00005.html
http://lists.opensuse.org/opensuse-security-announce/2010-02/msg00005.html
http://lists.opensuse.org/opensuse-security-announce/2010-02/msg00007.html
http://secunia.com/advisories/36707
http://secunia.com/advisories/37105
http://secunia.com/advisories/37909
http://www.mandriva.com/security/advisories?name=MDVSA-2009:329
http://www.openwall.com/lists/oss-security/2009/09/14/1
http://www.openwall.com/lists/oss-security/2009/09/14/2
http://www.openwall.com/lists/oss-security/2009/09/17/11
http://www.securityfocus.com/bid/36379
http://www.ubuntu.com/usn/USN-852-1
https://bugzilla.redhat.com/show_bug.cgi?id=522331