CVE-2009-1265 - OpenCVE

Integer overflow in rose_sendmsg (sys/net/af_rose.c) in the Linux kernel 2.6.24.4, and other versions before 2.6.30-rc1, might allow remote attackers to obtain sensitive information via a large length value, which causes "garbage" memory to be sent.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact None

Availability Impact None

AV:N/AC:L/Au:N/C:P/I:N/A:N

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Linux	Linux Kernel

Configuration 1 [-]

OR	cpe:2.3:o:linux:linux_kernel:2.6.24.4:::::::*
	cpe:2.3:o:linux:linux_kernel:2.6.24.5:::::::*
	cpe:2.3:o:linux:linux_kernel:2.6.24.6:::::::*
	cpe:2.3:o:linux:linux_kernel:2.6.24.7:::::::*
	cpe:2.3:o:linux:linux_kernel:2.6.25:::::::*
	cpe:2.3:o:linux:linux_kernel:2.6.25.1:::::::*
	cpe:2.3:o:linux:linux_kernel:2.6.25.2:::::::*
	cpe:2.3:o:linux:linux_kernel:2.6.25.3:::::::*
	cpe:2.3:o:linux:linux_kernel:2.6.25.4:::::::*
	cpe:2.3:o:linux:linux_kernel:2.6.25.5:::::::*
	cpe:2.3:o:linux:linux_kernel:2.6.25.6:::::::*
	cpe:2.3:o:linux:linux_kernel:2.6.25.7:::::::*
	cpe:2.3:o:linux:linux_kernel:2.6.25.8:::::::*
	cpe:2.3:o:linux:linux_kernel:2.6.25.9:::::::*
	cpe:2.3:o:linux:linux_kernel:2.6.25.10:::::::*
	cpe:2.3:o:linux:linux_kernel:2.6.25.11:::::::*
	cpe:2.3:o:linux:linux_kernel:2.6.25.12:::::::*
	cpe:2.3:o:linux:linux_kernel:2.6.25.13:::::::*
	cpe:2.3:o:linux:linux_kernel:2.6.25.14:::::::*
	cpe:2.3:o:linux:linux_kernel:2.6.25.15:::::::*
	cpe:2.3:o:linux:linux_kernel:2.6.25.16:::::::*
	cpe:2.3:o:linux:linux_kernel:2.6.25.17:::::::*
	cpe:2.3:o:linux:linux_kernel:2.6.25.18:::::::*
	cpe:2.3:o:linux:linux_kernel:2.6.25.19:::::::*
	cpe:2.3:o:linux:linux_kernel:2.6.25.20:::::::*
	cpe:2.3:o:linux:linux_kernel:2.6.26:::::::*
	cpe:2.3:o:linux:linux_kernel:2.6.26.1:::::::*
	cpe:2.3:o:linux:linux_kernel:2.6.26.2:::::::*
	cpe:2.3:o:linux:linux_kernel:2.6.26.3:::::::*
	cpe:2.3:o:linux:linux_kernel:2.6.26.4:::::::*
	cpe:2.3:o:linux:linux_kernel:2.6.26.5:::::::*
	cpe:2.3:o:linux:linux_kernel:2.6.26.6:::::::*
	cpe:2.3:o:linux:linux_kernel:2.6.26.7:::::::*
	cpe:2.3:o:linux:linux_kernel:2.6.27:::::::*
	cpe:2.3:o:linux:linux_kernel:2.6.27.1:::::::*
	cpe:2.3:o:linux:linux_kernel:2.6.27.2:::::::*
	cpe:2.3:o:linux:linux_kernel:2.6.27.3:::::::*
	cpe:2.3:o:linux:linux_kernel:2.6.27.4:::::::*
	cpe:2.3:o:linux:linux_kernel:2.6.27.5:::::::*
	cpe:2.3:o:linux:linux_kernel:2.6.27.6:::::::*
	cpe:2.3:o:linux:linux_kernel:2.6.27.7:::::::*
	cpe:2.3:o:linux:linux_kernel:2.6.27.8:::::::*
	cpe:2.3:o:linux:linux_kernel:2.6.27.9:::::::*
	cpe:2.3:o:linux:linux_kernel:2.6.27.10:::::::*
	cpe:2.3:o:linux:linux_kernel:2.6.27.11:::::::*
	cpe:2.3:o:linux:linux_kernel:2.6.27.12:::::::*
	cpe:2.3:o:linux:linux_kernel:2.6.27.13:::::::*
	cpe:2.3:o:linux:linux_kernel:2.6.27.14:::::::*
	cpe:2.3:o:linux:linux_kernel:2.6.27.15:::::::*
	cpe:2.3:o:linux:linux_kernel:2.6.27.16:::::::*
	cpe:2.3:o:linux:linux_kernel:2.6.27.17:::::::*
	cpe:2.3:o:linux:linux_kernel:2.6.27.18:::::::*
	cpe:2.3:o:linux:linux_kernel:2.6.27.19:::::::*
	cpe:2.3:o:linux:linux_kernel:2.6.27.20:::::::*
	cpe:2.3:o:linux:linux_kernel:2.6.27.21:::::::*
	cpe:2.3:o:linux:linux_kernel:2.6.27.22:::::::*
	cpe:2.3:o:linux:linux_kernel:2.6.27.23:::::::*
	cpe:2.3:o:linux:linux_kernel:2.6.27.24:::::::*
	cpe:2.3:o:linux:linux_kernel:2.6.27.25:::::::*
	cpe:2.3:o:linux:linux_kernel:2.6.27.26:::::::*
	cpe:2.3:o:linux:linux_kernel:2.6.27.27:::::::*
	cpe:2.3:o:linux:linux_kernel:2.6.27.28:::::::*
	cpe:2.3:o:linux:linux_kernel:2.6.27.29:::::::*
	cpe:2.3:o:linux:linux_kernel:2.6.27.30:::::::*
cpe:2.3:o:linux:linux_kernel:2.6.27.31:::::::*
cpe:2.3:o:linux:linux_kernel:2.6.27.32:::::::*
cpe:2.3:o:linux:linux_kernel:2.6.27.33:::::::*
cpe:2.3:o:linux:linux_kernel:2.6.27.34:::::::*
cpe:2.3:o:linux:linux_kernel:2.6.27.35:::::::*
cpe:2.3:o:linux:linux_kernel:2.6.27.36:::::::*
cpe:2.3:o:linux:linux_kernel:2.6.27.37:::::::*
cpe:2.3:o:linux:linux_kernel:2.6.27.38:::::::*
cpe:2.3:o:linux:linux_kernel:2.6.27.39:::::::*
cpe:2.3:o:linux:linux_kernel:2.6.27.40:::::::*
cpe:2.3:o:linux:linux_kernel:2.6.27.41:::::::*
cpe:2.3:o:linux:linux_kernel:2.6.27.42:::::::*
cpe:2.3:o:linux:linux_kernel:2.6.27.43:::::::*
cpe:2.3:o:linux:linux_kernel:2.6.27.44:::::::*
cpe:2.3:o:linux:linux_kernel:2.6.27.45:::::::*
cpe:2.3:o:linux:linux_kernel:2.6.27.46:::::::*
cpe:2.3:o:linux:linux_kernel:2.6.27.47:::::::*
cpe:2.3:o:linux:linux_kernel:2.6.27.48:::::::*
cpe:2.3:o:linux:linux_kernel:2.6.27.49:::::::*
cpe:2.3:o:linux:linux_kernel:2.6.27.50:::::::*
cpe:2.3:o:linux:linux_kernel:2.6.27.51:::::::*
cpe:2.3:o:linux:linux_kernel:2.6.27.52:::::::*
cpe:2.3:o:linux:linux_kernel:2.6.27.53:::::::*
cpe:2.3:o:linux:linux_kernel:2.6.27.54:::::::*
cpe:2.3:o:linux:linux_kernel:2.6.27.55:::::::*
cpe:2.3:o:linux:linux_kernel:2.6.27.56:::::::*
cpe:2.3:o:linux:linux_kernel:2.6.27.57:::::::*
cpe:2.3:o:linux:linux_kernel:2.6.27.58:::::::*
cpe:2.3:o:linux:linux_kernel:2.6.27.59:::::::*
cpe:2.3:o:linux:linux_kernel:2.6.27.60:::::::*
cpe:2.3:o:linux:linux_kernel:2.6.27.61:::::::*
cpe:2.3:o:linux:linux_kernel:2.6.27.62:::::::*
cpe:2.3:o:linux:linux_kernel:2.6.28:::::::*
cpe:2.3:o:linux:linux_kernel:2.6.28.1:::::::*
cpe:2.3:o:linux:linux_kernel:2.6.28.2:::::::*
cpe:2.3:o:linux:linux_kernel:2.6.28.3:::::::*
cpe:2.3:o:linux:linux_kernel:2.6.28.4:::::::*
cpe:2.3:o:linux:linux_kernel:2.6.28.5:::::::*
cpe:2.3:o:linux:linux_kernel:2.6.28.6:::::::*
cpe:2.3:o:linux:linux_kernel:2.6.28.7:::::::*
cpe:2.3:o:linux:linux_kernel:2.6.28.8:::::::*
cpe:2.3:o:linux:linux_kernel:2.6.28.9:::::::*
cpe:2.3:o:linux:linux_kernel:2.6.28.10:::::::*
cpe:2.3:o:linux:linux_kernel:2.6.29:::::::*
cpe:2.3:o:linux:linux_kernel:2.6.29.1:::::::*
cpe:2.3:o:linux:linux_kernel:2.6.29.2:::::::*
cpe:2.3:o:linux:linux_kernel:2.6.29.3:::::::*
cpe:2.3:o:linux:linux_kernel:2.6.29.4:::::::*
cpe:2.3:o:linux:linux_kernel:2.6.29.5:::::::*
cpe:2.3:o:linux:linux_kernel:2.6.29.6:::::::*

No data.

References

Link	Providers
http://bugzilla.kernel.org/show_bug.cgi?id=10423
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commitdiff%3Bh=83e0bbcbe2145f160fbaa109b0439dae7f4a38a9
http://lists.opensuse.org/opensuse-security-announce/2009-05/msg00002.html
http://lists.opensuse.org/opensuse-security-announce/2009-06/msg00000.html
http://lists.opensuse.org/opensuse-security-announce/2009-06/msg00001.html
http://lists.opensuse.org/opensuse-security-announce/2009-06/msg00002.html
http://osvdb.org/53571
http://osvdb.org/53630
http://osvdb.org/53631
http://secunia.com/advisories/34981
http://secunia.com/advisories/35011
http://secunia.com/advisories/35121
http://secunia.com/advisories/35185
http://secunia.com/advisories/35387
http://secunia.com/advisories/35390
http://secunia.com/advisories/35394
http://secunia.com/advisories/35656
http://www.debian.org/security/2009/dsa-1787
http://www.debian.org/security/2009/dsa-1794
http://www.debian.org/security/2009/dsa-1800
http://www.mandriva.com/security/advisories?name=MDVSA-2009:119
http://www.mandriva.com/security/advisories?name=MDVSA-2009:135
http://www.openwall.com/lists/oss-security/2009/04/08/2
http://www.securityfocus.com/bid/34654
http://www.ubuntu.com/usn/usn-793-1

History

No history.

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2009-04-08T01:00:00

Updated: 2024-08-07T05:04:49.368Z

Reserved: 2009-04-07T00:00:00

Link: CVE-2009-1265

Vulnrichment

No data.

NVD

Status : Modified

Published: 2009-04-08T01:30:00.467

Modified: 2023-11-07T02:03:52.073

Link: CVE-2009-1265

Redhat

No data.

Metrics

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact None

Availability Impact None

Affected Vendors & Products

Metrics

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact None

Availability Impact None

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object