CVE-2009-2903

Memory leak in the appletalk subsystem in the Linux kernel 2.4.x through 2.4.37.6 and 2.6.x through 2.6.31, when the appletalk and ipddp modules are loaded but the ipddp"N" device is not found, allows remote attackers to cause a denial of service (memory consumption) via IP-DDP datagrams.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
7.1 UNKNOWN
NETWORK
MEDIUM
AV:N/AC:M/Au:N/C:N/I:N/A:C
redhatCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 87%
VendorProductVersion
linuxlinux_kernel
2.4.0 ≤
𝑥
≤ 2.4.37.6
linuxlinux_kernel
2.6.0 ≤
𝑥
≤ 2.6.31
canonicalubuntu_linux
6.06
canonicalubuntu_linux
8.04
canonicalubuntu_linux
8.10
canonicalubuntu_linux
9.04
𝑥
= Vulnerable software versions
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
linux
jaunty
Fixed 2.6.28-16.55
released
intrepid
Fixed 2.6.27-15.43
released
hardy
Fixed 2.6.24-25.63
released
dapper
dne
linux-source-2.6.15
jaunty
dne
intrepid
dne
hardy
dne
dapper
Fixed 2.6.15-55.80
released
Common Weakness Enumeration
References
http://git.kernel.org/?p=linux/kernel/git/davem/net-next-2.6.git%3Ba=commit%3Bh=ffcfb8db540ff879c2a85bf7e404954281443414
http://lists.opensuse.org/opensuse-security-announce/2009-12/msg00002.html
http://lists.opensuse.org/opensuse-security-announce/2009-12/msg00005.html
http://lists.opensuse.org/opensuse-security-announce/2010-02/msg00005.html
http://lists.opensuse.org/opensuse-security-announce/2010-02/msg00007.html
http://secunia.com/advisories/36707
http://secunia.com/advisories/37105
http://secunia.com/advisories/37909
http://www.mandriva.com/security/advisories?name=MDVSA-2009:329
http://www.openwall.com/lists/oss-security/2009/09/14/1
http://www.openwall.com/lists/oss-security/2009/09/14/2
http://www.openwall.com/lists/oss-security/2009/09/17/11
http://www.securityfocus.com/bid/36379
http://www.ubuntu.com/usn/USN-852-1
https://bugzilla.redhat.com/show_bug.cgi?id=522331
http://git.kernel.org/?p=linux/kernel/git/davem/net-next-2.6.git%3Ba=commit%3Bh=ffcfb8db540ff879c2a85bf7e404954281443414
http://lists.opensuse.org/opensuse-security-announce/2009-12/msg00002.html
http://lists.opensuse.org/opensuse-security-announce/2009-12/msg00005.html
http://lists.opensuse.org/opensuse-security-announce/2010-02/msg00005.html
http://lists.opensuse.org/opensuse-security-announce/2010-02/msg00007.html
http://secunia.com/advisories/36707
http://secunia.com/advisories/37105
http://secunia.com/advisories/37909
http://www.mandriva.com/security/advisories?name=MDVSA-2009:329
http://www.openwall.com/lists/oss-security/2009/09/14/1
http://www.openwall.com/lists/oss-security/2009/09/14/2
http://www.openwall.com/lists/oss-security/2009/09/17/11
http://www.securityfocus.com/bid/36379
http://www.ubuntu.com/usn/USN-852-1
https://bugzilla.redhat.com/show_bug.cgi?id=522331