CVE-2009-4067

EUVD-2009-4038
Buffer overflow in the auerswald_probe function in the Auerswald Linux USB driver for the Linux kernel before 2.6.27 allows physically proximate attackers to execute arbitrary code, cause a denial of service via a crafted USB device, or take full control of the system.
Classic Buffer Overflow
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
6.8 MEDIUM
PHYSICAL
LOW
NONE
CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: 69%
Affected Products (NVD)
VendorProductVersion
linuxlinux_kernel
𝑥
< 2.6.27
redhatenterprise_linux
4.0
𝑥
= Vulnerable software versions
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
linux
hardy
Fixed 2.6.24-29.95
released
lucid
not-affected
maverick
not-affected
natty
not-affected
oneiric
not-affected
linux-ec2
hardy
dne
lucid
not-affected
maverick
ignored
natty
dne
oneiric
dne
linux-fsl-imx51
hardy
dne
lucid
not-affected
maverick
dne
natty
dne
oneiric
dne
linux-lts-backport-maverick
hardy
dne
lucid
not-affected
maverick
dne
natty
dne
oneiric
dne
linux-lts-backport-natty
hardy
dne
lucid
not-affected
maverick
dne
natty
dne
oneiric
dne
linux-mvl-dove
hardy
dne
lucid
not-affected
maverick
not-affected
natty
dne
oneiric
dne
linux-ti-omap4
hardy
dne
lucid
dne
maverick
not-affected
natty
not-affected
oneiric
not-affected
Common Weakness Enumeration
References
http://labs.mwrinfosecurity.com/files/Advisories/mwri_linux-usb-buffer-overflow_2009-10-29.pdf
https://bugzilla.redhat.com/show_bug.cgi?id=722393
http://labs.mwrinfosecurity.com/files/Advisories/mwri_linux-usb-buffer-overflow_2009-10-29.pdf
https://bugzilla.redhat.com/show_bug.cgi?id=722393