[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#532721: linux-2.6: CVE-2009-1385 dos in e1000 driver

Package: linux-2.6
Severity: important
Version: 2.6.18.dfsg.1-24 (and newer)
Tags: security , patch

the following CVE (Common Vulnerabilities & Exposures) id was
published for linux-2.6.

| Integer underflow in the e1000_clean_rx_irq function in
| drivers/net/e1000/e1000_main.c in the e1000 driver in the Linux kernel
| before 2.6.30-rc8, the e1000e driver in the Linux kernel, and Intel
| Wired Ethernet (aka e1000) before 7.5.5 allows remote attackers to
| cause a denial of service (panic) via a crafted frame size.

If you fix the vulnerability please also make sure to include the
CVE id in your changelog entry.

Patches available [1].

For further information see:

[0] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1385
[1] http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=ea30e11970a96cfe5e32c03a29332554573b4a10

Reply to: