CVE-2009-4538

NameCVE-2009-4538
Descriptiondrivers/net/e1000e/netdev.c in the e1000e driver in the Linux kernel 2.6.32.3 and earlier does not properly check the size of an Ethernet frame that exceeds the MTU, which allows remote attackers to have an unspecified impact via crafted packets, a related issue to CVE-2009-4537.
SourceCVE (at NVD; CERT, LWN, oss-sec, fulldisc, bugtraq, EDB, Metasploit, Red Hat, Ubuntu, Gentoo, SuSE, Mageia, GitHub code/issues, web search, more)
ReferencesDSA-1996-1, DSA-2005-1
NVD severityhigh (attack range: remote)
Debian Bugs564114

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
linux-2.6source(unstable)2.6.32-6low564114
linux-2.6sourceetch(not affected)
linux-2.6sourcelenny2.6.26-21lenny3highDSA-1996-1
linux-2.6.24source(unstable)(unfixed)low
linux-2.6.24sourceetch2.6.24-6~etchnhalf.9etch3highDSA-2005-1

Notes

[etch] - linux-2.6 <not-affected> (does not have e1000e driver)
just like CVE-2009-4536 but was reported later

Search for package or bug name: Reporting problems