7.1
CVE-2009-2903
- EPSS 3.85%
- Veröffentlicht 15.09.2009 22:30:00
- Zuletzt bearbeitet 16.06.2026 23:10:28
- Quelle secalert@redhat.com
- CVE-Watchlists
- Unerledigt
Memory leak in the appletalk subsystem in the Linux kernel 2.4.x through 2.4.37.6 and 2.6.x through 2.6.31, when the appletalk and ipddp modules are loaded but the ipddp"N" device is not found, allows remote attackers to cause a denial of service (memory consumption) via IP-DDP datagrams.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Linux ≫ Linux Kernel Version >= 2.4.0 <= 2.4.37.6
Linux ≫ Linux Kernel Version >= 2.6.0 <= 2.6.31
Suse ≫ Linux Enterprise Debuginfo Version10 Updatesp2
Suse ≫ Linux Enterprise Debuginfo Version10 Updatesp3
Suse ≫ Linux Enterprise Desktop Version10 Updatesp2
Suse ≫ Linux Enterprise Desktop Version10 Updatesp3
Suse ≫ Linux Enterprise Server Version9
Suse ≫ Linux Enterprise Server Version10 Updatesp2
Suse ≫ Linux Enterprise Server Version10 Updatesp3
Suse ≫ Linux Enterprise Software Development Kit Version10 Updatesp2
Suse ≫ Linux Enterprise Software Development Kit Version10 Updatesp3
Canonical ≫ Ubuntu Linux Version6.06
Canonical ≫ Ubuntu Linux Version8.04 SwEdition-
Canonical ≫ Ubuntu Linux Version8.10
Canonical ≫ Ubuntu Linux Version9.04
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 3.85% | 0.888 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 7.1 | 8.6 | 6.9 |
AV:N/AC:M/Au:N/C:N/I:N/A:C
|
CWE-772 Missing Release of Resource after Effective Lifetime
The product does not release a resource after its effective lifetime has ended, i.e., after the resource is no longer needed.
http://lists.opensuse.org/opensuse-security-announce/2010-02/msg00005.html
http://secunia.com/advisories/37105
http://www.ubuntu.com/usn/USN-852-1
http://git.kernel.org/?p=linux/kernel/git/davem/net-next-2.6.git%3Ba=commit%3Bh=ffcfb8db540ff879c2a85bf7e404954281443414
http://lists.opensuse.org/opensuse-security-announce/2009-12/msg00002.html
http://lists.opensuse.org/opensuse-security-announce/2009-12/msg00005.html
http://lists.opensuse.org/opensuse-security-announce/2010-02/msg00007.html
http://secunia.com/advisories/36707
http://secunia.com/advisories/37909
http://www.mandriva.com/security/advisories?name=MDVSA-2009:329
http://www.openwall.com/lists/oss-security/2009/09/14/1
http://www.openwall.com/lists/oss-security/2009/09/14/2
http://www.openwall.com/lists/oss-security/2009/09/17/11
http://www.securityfocus.com/bid/36379
https://bugzilla.redhat.com/show_bug.cgi?id=522331