CVE-2009-2909

Name	CVE-2009-2909
Description	Integer signedness error in the ax25_setsockopt function in net/ax25/af_ax25.c in the ax25 subsystem in the Linux kernel before 2.6.31.2 allows local users to cause a denial of service (OOPS) via a crafted optlen value in an SO_BINDTODEVICE operation.
Source	CVE (at NVD; CERT, LWN, oss-sec, fulldisc, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, GitHub advisories/code/issues, web search, more)
References	DSA-1915-1, DSA-1928-1, DSA-1929-1

The information below is based on the following data on fixed versions.

Package	Type	Release	Fixed Version	Urgency	Origin
linux-2.6	source	etch	2.6.18.dfsg.1-26etch1		DSA-1929-1
linux-2.6	source	lenny	2.6.26-19lenny1		DSA-1915-1
linux-2.6	source	(unstable)	2.6.31-1	medium
linux-2.6.24	source	etch	2.6.24-6~etchnhalf.9etch1		DSA-1928-1
linux-2.6.24	source	(unstable)	(unfixed)	medium