CVE-2009-4538

Publication date 12 January 2010

Last updated 24 July 2024

Ubuntu priority

drivers/net/e1000e/netdev.c in the e1000e driver in the Linux kernel 2.6.32.3 and earlier does not properly check the size of an Ethernet frame that exceeds the MTU, which allows remote attackers to have an unspecified impact via crafted packets, a related issue to CVE-2009-4537.

Read the notes from the security team

Status

Show unmaintained releases

Package	Ubuntu Release	Status
linux	9.10 karmic	Fixed 2.6.31-19.56
	9.04 jaunty	Fixed 2.6.28-18.59
	8.10 intrepid	Fixed 2.6.27-17.45
	8.04 LTS hardy	Fixed 2.6.24-27.65
	6.06 LTS dapper	Not in release
linux-source-2.6.15	9.10 karmic	Not in release
	9.04 jaunty	Not in release
	8.10 intrepid	Not in release
	8.04 LTS hardy	Not in release
	6.06 LTS dapper	Not affected

Notes

mdeslaur

same patch as CVE-2009-4536, but applied to e1000e

References

Related Ubuntu Security Notices (USN)

USN-894-1
Linux kernel vulnerabilities
5 February 2010

Other references

https://www.cve.org/CVERecord?id=CVE-2009-4538