fkie_nvd - fkie_cve-2009-1265

FKIE_CVE-2009-1265

Vulnerability from fkie_nvd - Published: 2009-04-08 01:30 - Updated: 2025-04-09 00:30

Severity ?

Summary

Integer overflow in rose_sendmsg (sys/net/af_rose.c) in the Linux kernel 2.6.24.4, and other versions before 2.6.30-rc1, might allow remote attackers to obtain sensitive information via a large length value, which causes "garbage" memory to be sent.

References

URL	Tags
cve@mitre.org	http://bugzilla.kernel.org/show_bug.cgi?id=10423	Exploit
cve@mitre.org	http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commitdiff%3Bh=83e0bbcbe2145f160fbaa109b0439dae7f4a38a9
cve@mitre.org	http://lists.opensuse.org/opensuse-security-announce/2009-05/msg00002.html
cve@mitre.org	http://lists.opensuse.org/opensuse-security-announce/2009-06/msg00000.html
cve@mitre.org	http://lists.opensuse.org/opensuse-security-announce/2009-06/msg00001.html
cve@mitre.org	http://lists.opensuse.org/opensuse-security-announce/2009-06/msg00002.html
cve@mitre.org	http://osvdb.org/53571
cve@mitre.org	http://osvdb.org/53630
cve@mitre.org	http://osvdb.org/53631
cve@mitre.org	http://secunia.com/advisories/34981	Vendor Advisory
cve@mitre.org	http://secunia.com/advisories/35011	Vendor Advisory
cve@mitre.org	http://secunia.com/advisories/35121	Vendor Advisory
cve@mitre.org	http://secunia.com/advisories/35185	Vendor Advisory
cve@mitre.org	http://secunia.com/advisories/35387	Vendor Advisory
cve@mitre.org	http://secunia.com/advisories/35390	Vendor Advisory
cve@mitre.org	http://secunia.com/advisories/35394	Vendor Advisory
cve@mitre.org	http://secunia.com/advisories/35656	Vendor Advisory
cve@mitre.org	http://www.debian.org/security/2009/dsa-1787
cve@mitre.org	http://www.debian.org/security/2009/dsa-1794
cve@mitre.org	http://www.debian.org/security/2009/dsa-1800
cve@mitre.org	http://www.mandriva.com/security/advisories?name=MDVSA-2009:119
cve@mitre.org	http://www.mandriva.com/security/advisories?name=MDVSA-2009:135
cve@mitre.org	http://www.openwall.com/lists/oss-security/2009/04/08/2
cve@mitre.org	http://www.securityfocus.com/bid/34654
cve@mitre.org	http://www.ubuntu.com/usn/usn-793-1
af854a3a-2127-422b-91ae-364da2661108	http://bugzilla.kernel.org/show_bug.cgi?id=10423	Exploit
af854a3a-2127-422b-91ae-364da2661108	http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commitdiff%3Bh=83e0bbcbe2145f160fbaa109b0439dae7f4a38a9
af854a3a-2127-422b-91ae-364da2661108	http://lists.opensuse.org/opensuse-security-announce/2009-05/msg00002.html
af854a3a-2127-422b-91ae-364da2661108	http://lists.opensuse.org/opensuse-security-announce/2009-06/msg00000.html
af854a3a-2127-422b-91ae-364da2661108	http://lists.opensuse.org/opensuse-security-announce/2009-06/msg00001.html
af854a3a-2127-422b-91ae-364da2661108	http://lists.opensuse.org/opensuse-security-announce/2009-06/msg00002.html
af854a3a-2127-422b-91ae-364da2661108	http://osvdb.org/53571
af854a3a-2127-422b-91ae-364da2661108	http://osvdb.org/53630
af854a3a-2127-422b-91ae-364da2661108	http://osvdb.org/53631
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/34981	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/35011	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/35121	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/35185	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/35387	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/35390	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/35394	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/35656	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.debian.org/security/2009/dsa-1787
af854a3a-2127-422b-91ae-364da2661108	http://www.debian.org/security/2009/dsa-1794
af854a3a-2127-422b-91ae-364da2661108	http://www.debian.org/security/2009/dsa-1800
af854a3a-2127-422b-91ae-364da2661108	http://www.mandriva.com/security/advisories?name=MDVSA-2009:119
af854a3a-2127-422b-91ae-364da2661108	http://www.mandriva.com/security/advisories?name=MDVSA-2009:135
af854a3a-2127-422b-91ae-364da2661108	http://www.openwall.com/lists/oss-security/2009/04/08/2
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/34654
af854a3a-2127-422b-91ae-364da2661108	http://www.ubuntu.com/usn/usn-793-1

Impacted products

Vendor	Product	Version
linux	linux_kernel	2.6.24.4
linux	linux_kernel	2.6.24.5
linux	linux_kernel	2.6.24.6
linux	linux_kernel	2.6.24.7
linux	linux_kernel	2.6.25
linux	linux_kernel	2.6.25.1
linux	linux_kernel	2.6.25.2
linux	linux_kernel	2.6.25.3
linux	linux_kernel	2.6.25.4
linux	linux_kernel	2.6.25.5
linux	linux_kernel	2.6.25.6
linux	linux_kernel	2.6.25.7
linux	linux_kernel	2.6.25.8
linux	linux_kernel	2.6.25.9
linux	linux_kernel	2.6.25.10
linux	linux_kernel	2.6.25.11
linux	linux_kernel	2.6.25.12
linux	linux_kernel	2.6.25.13
linux	linux_kernel	2.6.25.14
linux	linux_kernel	2.6.25.15
linux	linux_kernel	2.6.25.16
linux	linux_kernel	2.6.25.17
linux	linux_kernel	2.6.25.18
linux	linux_kernel	2.6.25.19
linux	linux_kernel	2.6.25.20
linux	linux_kernel	2.6.26
linux	linux_kernel	2.6.26.1
linux	linux_kernel	2.6.26.2
linux	linux_kernel	2.6.26.3
linux	linux_kernel	2.6.26.4
linux	linux_kernel	2.6.26.5
linux	linux_kernel	2.6.26.6
linux	linux_kernel	2.6.26.7
linux	linux_kernel	2.6.27
linux	linux_kernel	2.6.27.1
linux	linux_kernel	2.6.27.2
linux	linux_kernel	2.6.27.3
linux	linux_kernel	2.6.27.4
linux	linux_kernel	2.6.27.5
linux	linux_kernel	2.6.27.6
linux	linux_kernel	2.6.27.7
linux	linux_kernel	2.6.27.8
linux	linux_kernel	2.6.27.9
linux	linux_kernel	2.6.27.10
linux	linux_kernel	2.6.27.11
linux	linux_kernel	2.6.27.12
linux	linux_kernel	2.6.27.13
linux	linux_kernel	2.6.27.14
linux	linux_kernel	2.6.27.15
linux	linux_kernel	2.6.27.16
linux	linux_kernel	2.6.27.17
linux	linux_kernel	2.6.27.18
linux	linux_kernel	2.6.27.19
linux	linux_kernel	2.6.27.20
linux	linux_kernel	2.6.27.21
linux	linux_kernel	2.6.27.22
linux	linux_kernel	2.6.27.23
linux	linux_kernel	2.6.27.24
linux	linux_kernel	2.6.27.25
linux	linux_kernel	2.6.27.26
linux	linux_kernel	2.6.27.27
linux	linux_kernel	2.6.27.28
linux	linux_kernel	2.6.27.29
linux	linux_kernel	2.6.27.30
linux	linux_kernel	2.6.27.31
linux	linux_kernel	2.6.27.32
linux	linux_kernel	2.6.27.33
linux	linux_kernel	2.6.27.34
linux	linux_kernel	2.6.27.35
linux	linux_kernel	2.6.27.36
linux	linux_kernel	2.6.27.37
linux	linux_kernel	2.6.27.38
linux	linux_kernel	2.6.27.39
linux	linux_kernel	2.6.27.40
linux	linux_kernel	2.6.27.41
linux	linux_kernel	2.6.27.42
linux	linux_kernel	2.6.27.43
linux	linux_kernel	2.6.27.44
linux	linux_kernel	2.6.27.45
linux	linux_kernel	2.6.27.46
linux	linux_kernel	2.6.27.47
linux	linux_kernel	2.6.27.48
linux	linux_kernel	2.6.27.49
linux	linux_kernel	2.6.27.50
linux	linux_kernel	2.6.27.51
linux	linux_kernel	2.6.27.52
linux	linux_kernel	2.6.27.53
linux	linux_kernel	2.6.27.54
linux	linux_kernel	2.6.27.55
linux	linux_kernel	2.6.27.56
linux	linux_kernel	2.6.27.57
linux	linux_kernel	2.6.27.58
linux	linux_kernel	2.6.27.59
linux	linux_kernel	2.6.27.60
linux	linux_kernel	2.6.27.61
linux	linux_kernel	2.6.27.62
linux	linux_kernel	2.6.28
linux	linux_kernel	2.6.28.1
linux	linux_kernel	2.6.28.2
linux	linux_kernel	2.6.28.3
linux	linux_kernel	2.6.28.4
linux	linux_kernel	2.6.28.5
linux	linux_kernel	2.6.28.6
linux	linux_kernel	2.6.28.7
linux	linux_kernel	2.6.28.8
linux	linux_kernel	2.6.28.9
linux	linux_kernel	2.6.28.10
linux	linux_kernel	2.6.29
linux	linux_kernel	2.6.29.1
linux	linux_kernel	2.6.29.2
linux	linux_kernel	2.6.29.3
linux	linux_kernel	2.6.29.4
linux	linux_kernel	2.6.29.5
linux	linux_kernel	2.6.29.6

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.24.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "6EE92406-DBF3-463E-8A51-F9679E851FDB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.24.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "3C60D19B-ED9B-443C-9D49-002ABD381119",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.24.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "264C61EE-64F6-43AD-B54F-7D683C29E64F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.24.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "0149408A-30F6-4EDF-8B3B-CBAB884CE758",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.25:*:*:*:*:*:*:*",
              "matchCriteriaId": "71295664-89EC-4BB3-9F86-B1DDA20FAC5A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.25.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "37BE853A-BA6F-4A70-B166-E34441F0B7DE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.25.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "85064FDF-4B62-43BF-B36C-F659D739BC22",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.25.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "CEADC505-FF44-4D45-8EA6-B23A1C4564D1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.25.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "0CE3C807-5C9B-4B71-868B-DF17ECB1514F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.25.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "A6CADAA2-91D2-40C4-90F3-D7F40A3D4CB0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.25.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "45B6847C-873B-4BE1-852D-239115E59BA4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.25.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "FF41209E-D27F-4642-A405-90E822A41897",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.25.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "97F59FD9-46E5-4F63-80A0-091AD44D1867",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.25.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "428844A5-E020-4AE9-8012-9AEDFCB7C32E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.25.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "94C9D70D-A552-48D6-9497-EE07EB5649D1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.25.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "AF6169FF-9FF9-4A81-BAEB-6D5132F64F61",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.25.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "E6DC79CF-A504-4232-9F66-B5DCD0213DA0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.25.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "192B4273-0935-4232-BBFD-A850855CAC5F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.25.14:*:*:*:*:*:*:*",
              "matchCriteriaId": "60E9FDA8-7EC3-4B9B-B508-27F948D60DDB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.25.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "E4E4A6E5-0C2C-42FD-B982-684CCB0DDFBB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.25.16:*:*:*:*:*:*:*",
              "matchCriteriaId": "A16F2182-C489-4CA9-A56B-01463148D16F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.25.17:*:*:*:*:*:*:*",
              "matchCriteriaId": "630A56D3-7A82-44DE-8888-2EB8CD1C24A0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.25.18:*:*:*:*:*:*:*",
              "matchCriteriaId": "2E0D6431-E8E0-4079-A1A0-9CE6D1D67709",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.25.19:*:*:*:*:*:*:*",
              "matchCriteriaId": "BF4EF7A7-6E96-43B4-8287-368098ABBFA9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.25.20:*:*:*:*:*:*:*",
              "matchCriteriaId": "BEF91995-A084-422A-A544-30B0B4D75E22",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.26:*:*:*:*:*:*:*",
              "matchCriteriaId": "E45F4429-5A9C-4E8B-96EE-CCF19776CABF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.26.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "1EFCAF09-BB20-424C-8648-014C0F71F8A9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.26.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "3A74970C-5EEA-47A7-A62D-AF98F4D1228F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.26.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "CEA56669-B09E-42C2-9591-245C46909A2F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.26.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "E9B33D60-8023-4A0B-ACF7-9F811EEB8BCD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.26.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "3D08D180-23F7-456F-98CA-26B53C678D76",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.26.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "80E3C363-49C9-4869-83B5-76C14100BFF7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.26.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "1E1DE903-EDFC-4E0F-8EDF-7762FE3C7C80",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.27:*:*:*:*:*:*:*",
              "matchCriteriaId": "856FE78A-29B5-4411-98A0-4B0281C17EB9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.27.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "324B5A3E-FA65-4F02-9B8F-872F38CD1808",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.27.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "C75A8FC4-58D2-4B6A-9D8E-FF12DF52E249",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.27.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "DE21E2AE-9E01-471C-A419-6AB40A49C2F0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.27.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "ADFC2D46-65D0-426F-9AF8-8C910AE91D49",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.27.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "11795F8E-7ACD-4597-9194-FC7241DCE057",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.27.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "60F381E1-F3C5-49BE-B094-4D90E7B108F1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.27.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "D82A6217-CFA6-4E72-8BED-0297E13EABF6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.27.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "7CEA1AF2-2DE7-4B38-987D-15FFA70F06B8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.27.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "7954A701-1671-4080-B1E6-47E0208FD28C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.27.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "63D06512-EAF0-48C6-98F0-066E63FF07EC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.27.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "7F35DA6B-C6D4-47CC-97E7-9659DCFDD162",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.27.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "D75B48F1-623A-4B96-9E08-4AA2DE748490",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.27.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "9E6EB7C3-D9AB-43E7-8B78-2C36AE920935",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.27.14:*:*:*:*:*:*:*",
              "matchCriteriaId": "7FC87A28-C6A1-4E90-BD9F-A5BE1985DB50",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.27.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "0383E2A5-60EE-47F3-9DA8-BF75028D511F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.27.16:*:*:*:*:*:*:*",
              "matchCriteriaId": "E8B0C229-2A79-47E0-856A-2AE0FF97B967",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.27.17:*:*:*:*:*:*:*",
              "matchCriteriaId": "FB27B247-D6BF-49C4-B113-76C9A47B7DCD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.27.18:*:*:*:*:*:*:*",
              "matchCriteriaId": "F94BA1B0-52B9-4303-9C41-3ACC3AC1945E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.27.19:*:*:*:*:*:*:*",
              "matchCriteriaId": "1ACBB194-1D24-464A-B79C-44B8127EAD52",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.27.20:*:*:*:*:*:*:*",
              "matchCriteriaId": "83E5F269-7711-447D-B798-0F5478E36299",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.27.21:*:*:*:*:*:*:*",
              "matchCriteriaId": "A0138807-6313-4A3F-AB5A-4B7D4A9BE287",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.27.22:*:*:*:*:*:*:*",
              "matchCriteriaId": "D4BA2227-F259-499D-BF50-5074B1E7DD3E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.27.23:*:*:*:*:*:*:*",
              "matchCriteriaId": "78A896D0-032C-4467-9D57-E47E8C612704",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.27.24:*:*:*:*:*:*:*",
              "matchCriteriaId": "3D1D4C8F-8C09-4A49-AFFD-33093AE7A437",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.27.25:*:*:*:*:*:*:*",
              "matchCriteriaId": "A415FECF-89CC-4D71-B1BF-6A678D32599D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.27.26:*:*:*:*:*:*:*",
              "matchCriteriaId": "98F77E54-5F4A-4D47-8DE8-097B4BBC7944",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.27.27:*:*:*:*:*:*:*",
              "matchCriteriaId": "752148FC-1594-4108-AE0F-C5145B978454",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.27.28:*:*:*:*:*:*:*",
              "matchCriteriaId": "09546671-E75D-4F50-9D86-DFDDAC9DC5DE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.27.29:*:*:*:*:*:*:*",
              "matchCriteriaId": "EDC7A2D7-ACB4-4871-B7C0-02711A53DF1C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.27.30:*:*:*:*:*:*:*",
              "matchCriteriaId": "6964925C-4394-4E82-976B-770A99E74F1D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.27.31:*:*:*:*:*:*:*",
              "matchCriteriaId": "2E8C909E-02D7-4B29-AA68-897BD0200B7C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.27.32:*:*:*:*:*:*:*",
              "matchCriteriaId": "AA036609-ADD3-4903-AB9D-E8BF81CFC776",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.27.33:*:*:*:*:*:*:*",
              "matchCriteriaId": "38F9E122-994B-4276-9FCF-A8E4D2D06D4E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.27.34:*:*:*:*:*:*:*",
              "matchCriteriaId": "7A15720C-3BDF-4343-B270-2575978293EE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.27.35:*:*:*:*:*:*:*",
              "matchCriteriaId": "FB5ADCFA-2CD8-4A00-AFEC-B84F7E0015A6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.27.36:*:*:*:*:*:*:*",
              "matchCriteriaId": "6EA2EE9B-27FD-49FE-8665-159DABA0E3C6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.27.37:*:*:*:*:*:*:*",
              "matchCriteriaId": "4C81C5F8-2224-4D84-B7C0-E18421276AFF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.27.38:*:*:*:*:*:*:*",
              "matchCriteriaId": "B44A2C76-174E-40A5-9603-3B84D0D35557",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.27.39:*:*:*:*:*:*:*",
              "matchCriteriaId": "42ACE154-0709-4AA1-82E3-1B7F34E63187",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.27.40:*:*:*:*:*:*:*",
              "matchCriteriaId": "3022E902-9F0D-49FF-9279-71E0E1E8A873",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.27.41:*:*:*:*:*:*:*",
              "matchCriteriaId": "DDF77B26-91FA-4245-BFEC-43FD021A28E7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.27.42:*:*:*:*:*:*:*",
              "matchCriteriaId": "601B4C93-9A9C-40E8-A9D0-DA9D71C745EA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.27.43:*:*:*:*:*:*:*",
              "matchCriteriaId": "FF7CE35A-87A4-4D95-86F9-211D50E30482",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.27.44:*:*:*:*:*:*:*",
              "matchCriteriaId": "CEA8675A-A37C-4658-9D26-3359EBA277B1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.27.45:*:*:*:*:*:*:*",
              "matchCriteriaId": "00E8CB86-ECEE-4435-BEFC-B8D209B2C5AF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.27.46:*:*:*:*:*:*:*",
              "matchCriteriaId": "B373DEAE-8F8B-44AA-BAE5-3A0120A541F9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.27.47:*:*:*:*:*:*:*",
              "matchCriteriaId": "7D40063F-13D0-4897-AE71-1C7B617C8855",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.27.48:*:*:*:*:*:*:*",
              "matchCriteriaId": "AC7E89C8-CF89-4FA8-A9F1-F0B415E5FE10",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.27.49:*:*:*:*:*:*:*",
              "matchCriteriaId": "4034EFE6-449D-4749-9265-B47D44AA4EC6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.27.50:*:*:*:*:*:*:*",
              "matchCriteriaId": "1F835D17-ACF9-4AE6-8C38-B74BE448B8B8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.27.51:*:*:*:*:*:*:*",
              "matchCriteriaId": "21A12676-7EBE-4D83-83BD-D46CC7A1773A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.27.52:*:*:*:*:*:*:*",
              "matchCriteriaId": "2FB112DB-891D-4FDB-8772-2E233A39A7BA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.27.53:*:*:*:*:*:*:*",
              "matchCriteriaId": "4B3A0794-B10C-4DFD-9CAD-202CA1DC9250",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.27.54:*:*:*:*:*:*:*",
              "matchCriteriaId": "76E86CE6-CD1C-4412-939F-B45867068D44",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.27.55:*:*:*:*:*:*:*",
              "matchCriteriaId": "1F6896A4-16E0-46B6-B90C-5C002C526478",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.27.56:*:*:*:*:*:*:*",
              "matchCriteriaId": "469534AB-2D0F-4B31-8121-05A792FA9332",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.27.57:*:*:*:*:*:*:*",
              "matchCriteriaId": "C2820354-F25B-485D-9FA7-E32B38DDBB1D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.27.58:*:*:*:*:*:*:*",
              "matchCriteriaId": "EF88BEB3-9EA4-47AA-B24E-DE9AD879382A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.27.59:*:*:*:*:*:*:*",
              "matchCriteriaId": "C4209B4C-4901-4235-B35E-B0085AF1952F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.27.60:*:*:*:*:*:*:*",
              "matchCriteriaId": "5D748A69-4A93-421E-AD83-2B63B2460A2D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.27.61:*:*:*:*:*:*:*",
              "matchCriteriaId": "2727A6AE-A1B6-4158-BB73-49D7C86104F4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.27.62:*:*:*:*:*:*:*",
              "matchCriteriaId": "71F3744A-0205-4BD6-8D43-E06DCBA54C9A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.28:*:*:*:*:*:*:*",
              "matchCriteriaId": "26BD805F-08EB-42EC-BC54-26A7278E5089",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.28.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "217715A5-E69D-45C0-B8E4-5681528C651B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.28.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "A87AD66C-4321-4459-8556-3B0BA38C493A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.28.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "87A347E0-9C0B-4674-9363-3C36DA27AC45",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.28.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "8E0F3DF0-6BD0-4560-9A13-C6493939D8B0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.28.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "D4BE1DF7-99CB-416B-B6F9-EC40FBD7D1C6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.28.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "B93AF773-FBB4-4A4A-ADD5-ADA40C24CD36",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.28.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "38A55F08-88A9-42D5-A2B1-8B8C0D6DED09",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.28.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "3975EC77-D33D-4167-91BE-08237C3EE9D0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.28.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "0A0F2534-C267-43D9-8365-C00CD979B052",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.28.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "27430190-EB83-43C5-9584-4F65CF65151A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.29:*:*:*:*:*:*:*",
              "matchCriteriaId": "C386B13F-9D7C-45F8-B86A-886384144A8D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.29.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "04BCABEB-DE2A-4C85-BFD5-7A1318479ECA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.29.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "A67A63E8-837E-4162-999E-3B3DAAE57C96",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.29.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "A701E87D-B807-426E-9CD4-6721DBCABE19",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.29.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "66F6E506-EC0A-4784-BDA3-B7B5CD938B92",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.29.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "DBFA0277-B491-4BB1-88DC-85362F0A689C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.29.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "BE922924-6496-4D24-94A6-8EDD431A4568",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Integer overflow in rose_sendmsg (sys/net/af_rose.c) in the Linux kernel 2.6.24.4, and other versions before 2.6.30-rc1, might allow remote attackers to obtain sensitive information via a large length value, which causes \"garbage\" memory to be sent."
    },
    {
      "lang": "es",
      "value": "Desbordamiento de entero en rose_sendmsg (sys/net/af_rose.c) en el kernel de Linux  v2.6.24.4 y otras versiones anteriores a la 2.6.30-rc1, podr\u00eda permitir a atacantes remotos conseguir informaci\u00f3n sensible a trav\u00e9s de un valor largo, lo que causar\u00eda que la \"basura\" de la memoria fuese enviada."
    }
  ],
  "id": "CVE-2009-1265",
  "lastModified": "2025-04-09T00:30:58.490",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 5.0,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2009-04-08T01:30:00.467",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Exploit"
      ],
      "url": "http://bugzilla.kernel.org/show_bug.cgi?id=10423"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commitdiff%3Bh=83e0bbcbe2145f160fbaa109b0439dae7f4a38a9"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2009-05/msg00002.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2009-06/msg00000.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2009-06/msg00001.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2009-06/msg00002.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://osvdb.org/53571"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://osvdb.org/53630"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://osvdb.org/53631"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/34981"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/35011"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/35121"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/35185"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/35387"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/35390"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/35394"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/35656"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.debian.org/security/2009/dsa-1787"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.debian.org/security/2009/dsa-1794"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.debian.org/security/2009/dsa-1800"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:119"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:135"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.openwall.com/lists/oss-security/2009/04/08/2"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/bid/34654"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.ubuntu.com/usn/usn-793-1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit"
      ],
      "url": "http://bugzilla.kernel.org/show_bug.cgi?id=10423"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commitdiff%3Bh=83e0bbcbe2145f160fbaa109b0439dae7f4a38a9"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2009-05/msg00002.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2009-06/msg00000.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2009-06/msg00001.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2009-06/msg00002.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://osvdb.org/53571"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://osvdb.org/53630"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://osvdb.org/53631"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/34981"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/35011"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/35121"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/35185"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/35387"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/35390"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/35394"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/35656"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.debian.org/security/2009/dsa-1787"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.debian.org/security/2009/dsa-1794"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.debian.org/security/2009/dsa-1800"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:119"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:135"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.openwall.com/lists/oss-security/2009/04/08/2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/34654"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.ubuntu.com/usn/usn-793-1"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vendorComments": [
    {
      "comment": "This issue did not affect the versions of Linux kernel as shipped with Red Hat Enterprise Linux 2.1, 4, 5, or Red Hat Enterprise MRG, as the affected driver is not enabled in these kernels.\n\nThe affected driver is available in Red Hat Enterprise Linux 3, but only if the kernel-unsupported package is installed.\n\nThis issue has been rated as having moderate security impact as it does not lead to a denial of service or privilege escalation. As Red Hat Enterprise Linux 3 is now in Production 3 of its maintenance life-cycle, http://www.redhat.com/security/updates/errata, and the affected driver can only be enabled when using the unsupported kernel-unsupported package, a fix for this issue is not currently planned to be included in the future updates.",
      "lastModified": "2009-06-17T00:00:00",
      "organization": "Red Hat"
    }
  ],
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-189"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

CVE-2009-1265 (GCVE-0-2009-1265)

Vulnerability from cvelistv5 – Published: 2009-04-08 01:00 – Updated: 2024-08-07 05:04

Summary

Severity ?

No CVSS data available.

CWE

Assigner

mitre

References

URL

Tags

	http://secunia.com/advisories/35390	third-party-advisoryx_refsource_SECUNIA
	http://www.mandriva.com/security/advisories?name=…	vendor-advisoryx_refsource_MANDRIVA
	http://osvdb.org/53630	vdb-entryx_refsource_OSVDB
	http://lists.opensuse.org/opensuse-security-annou…	vendor-advisoryx_refsource_SUSE
	http://lists.opensuse.org/opensuse-security-annou…	vendor-advisoryx_refsource_SUSE
	http://secunia.com/advisories/35656	third-party-advisoryx_refsource_SECUNIA
	http://bugzilla.kernel.org/show_bug.cgi?id=10423	x_refsource_MISC
	http://www.debian.org/security/2009/dsa-1794	vendor-advisoryx_refsource_DEBIAN
	http://osvdb.org/53571	vdb-entryx_refsource_OSVDB
	http://lists.opensuse.org/opensuse-security-annou…	vendor-advisoryx_refsource_SUSE
	http://secunia.com/advisories/35185	third-party-advisoryx_refsource_SECUNIA
	http://secunia.com/advisories/35011	third-party-advisoryx_refsource_SECUNIA
	http://git.kernel.org/?p=linux/kernel/git/torvald…	x_refsource_CONFIRM
	http://www.securityfocus.com/bid/34654	vdb-entryx_refsource_BID
	http://www.openwall.com/lists/oss-security/2009/04/08/2	mailing-listx_refsource_MLIST
	http://lists.opensuse.org/opensuse-security-annou…	vendor-advisoryx_refsource_SUSE
	http://www.ubuntu.com/usn/usn-793-1	vendor-advisoryx_refsource_UBUNTU
	http://osvdb.org/53631	vdb-entryx_refsource_OSVDB
	http://secunia.com/advisories/34981	third-party-advisoryx_refsource_SECUNIA
	http://www.debian.org/security/2009/dsa-1800	vendor-advisoryx_refsource_DEBIAN
	http://secunia.com/advisories/35387	third-party-advisoryx_refsource_SECUNIA
	http://www.debian.org/security/2009/dsa-1787	vendor-advisoryx_refsource_DEBIAN
	http://www.mandriva.com/security/advisories?name=…	vendor-advisoryx_refsource_MANDRIVA
	http://secunia.com/advisories/35121	third-party-advisoryx_refsource_SECUNIA
	http://secunia.com/advisories/35394	third-party-advisoryx_refsource_SECUNIA

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T05:04:49.368Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "35390",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/35390"
          },
          {
            "name": "MDVSA-2009:135",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:135"
          },
          {
            "name": "53630",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://osvdb.org/53630"
          },
          {
            "name": "SUSE-SA:2009:028",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2009-05/msg00002.html"
          },
          {
            "name": "SUSE-SA:2009:032",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2009-06/msg00002.html"
          },
          {
            "name": "35656",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/35656"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://bugzilla.kernel.org/show_bug.cgi?id=10423"
          },
          {
            "name": "DSA-1794",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2009/dsa-1794"
          },
          {
            "name": "53571",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://osvdb.org/53571"
          },
          {
            "name": "SUSE-SA:2009:030",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2009-06/msg00000.html"
          },
          {
            "name": "35185",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/35185"
          },
          {
            "name": "35011",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/35011"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commitdiff%3Bh=83e0bbcbe2145f160fbaa109b0439dae7f4a38a9"
          },
          {
            "name": "34654",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/34654"
          },
          {
            "name": "[oss-security] 20090408 CVE-2009-1265 kernel: af_rose/x25: Sanity check the maximum user frame size",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2009/04/08/2"
          },
          {
            "name": "SUSE-SA:2009:031",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2009-06/msg00001.html"
          },
          {
            "name": "USN-793-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/usn-793-1"
          },
          {
            "name": "53631",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://osvdb.org/53631"
          },
          {
            "name": "34981",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/34981"
          },
          {
            "name": "DSA-1800",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2009/dsa-1800"
          },
          {
            "name": "35387",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/35387"
          },
          {
            "name": "DSA-1787",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2009/dsa-1787"
          },
          {
            "name": "MDVSA-2009:119",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:119"
          },
          {
            "name": "35121",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/35121"
          },
          {
            "name": "35394",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/35394"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2009-03-27T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Integer overflow in rose_sendmsg (sys/net/af_rose.c) in the Linux kernel 2.6.24.4, and other versions before 2.6.30-rc1, might allow remote attackers to obtain sensitive information via a large length value, which causes \"garbage\" memory to be sent."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2009-04-16T09:00:00",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "35390",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/35390"
        },
        {
          "name": "MDVSA-2009:135",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:135"
        },
        {
          "name": "53630",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://osvdb.org/53630"
        },
        {
          "name": "SUSE-SA:2009:028",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2009-05/msg00002.html"
        },
        {
          "name": "SUSE-SA:2009:032",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2009-06/msg00002.html"
        },
        {
          "name": "35656",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/35656"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://bugzilla.kernel.org/show_bug.cgi?id=10423"
        },
        {
          "name": "DSA-1794",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2009/dsa-1794"
        },
        {
          "name": "53571",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://osvdb.org/53571"
        },
        {
          "name": "SUSE-SA:2009:030",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2009-06/msg00000.html"
        },
        {
          "name": "35185",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/35185"
        },
        {
          "name": "35011",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/35011"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commitdiff%3Bh=83e0bbcbe2145f160fbaa109b0439dae7f4a38a9"
        },
        {
          "name": "34654",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/34654"
        },
        {
          "name": "[oss-security] 20090408 CVE-2009-1265 kernel: af_rose/x25: Sanity check the maximum user frame size",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2009/04/08/2"
        },
        {
          "name": "SUSE-SA:2009:031",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2009-06/msg00001.html"
        },
        {
          "name": "USN-793-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/usn-793-1"
        },
        {
          "name": "53631",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://osvdb.org/53631"
        },
        {
          "name": "34981",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/34981"
        },
        {
          "name": "DSA-1800",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2009/dsa-1800"
        },
        {
          "name": "35387",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/35387"
        },
        {
          "name": "DSA-1787",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2009/dsa-1787"
        },
        {
          "name": "MDVSA-2009:119",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:119"
        },
        {
          "name": "35121",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/35121"
        },
        {
          "name": "35394",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/35394"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2009-1265",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Integer overflow in rose_sendmsg (sys/net/af_rose.c) in the Linux kernel 2.6.24.4, and other versions before 2.6.30-rc1, might allow remote attackers to obtain sensitive information via a large length value, which causes \"garbage\" memory to be sent."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "35390",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/35390"
            },
            {
              "name": "MDVSA-2009:135",
              "refsource": "MANDRIVA",
              "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:135"
            },
            {
              "name": "53630",
              "refsource": "OSVDB",
              "url": "http://osvdb.org/53630"
            },
            {
              "name": "SUSE-SA:2009:028",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2009-05/msg00002.html"
            },
            {
              "name": "SUSE-SA:2009:032",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2009-06/msg00002.html"
            },
            {
              "name": "35656",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/35656"
            },
            {
              "name": "http://bugzilla.kernel.org/show_bug.cgi?id=10423",
              "refsource": "MISC",
              "url": "http://bugzilla.kernel.org/show_bug.cgi?id=10423"
            },
            {
              "name": "DSA-1794",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2009/dsa-1794"
            },
            {
              "name": "53571",
              "refsource": "OSVDB",
              "url": "http://osvdb.org/53571"
            },
            {
              "name": "SUSE-SA:2009:030",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2009-06/msg00000.html"
            },
            {
              "name": "35185",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/35185"
            },
            {
              "name": "35011",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/35011"
            },
            {
              "name": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commitdiff;h=83e0bbcbe2145f160fbaa109b0439dae7f4a38a9",
              "refsource": "CONFIRM",
              "url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commitdiff;h=83e0bbcbe2145f160fbaa109b0439dae7f4a38a9"
            },
            {
              "name": "34654",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/34654"
            },
            {
              "name": "[oss-security] 20090408 CVE-2009-1265 kernel: af_rose/x25: Sanity check the maximum user frame size",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2009/04/08/2"
            },
            {
              "name": "SUSE-SA:2009:031",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2009-06/msg00001.html"
            },
            {
              "name": "USN-793-1",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/usn-793-1"
            },
            {
              "name": "53631",
              "refsource": "OSVDB",
              "url": "http://osvdb.org/53631"
            },
            {
              "name": "34981",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/34981"
            },
            {
              "name": "DSA-1800",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2009/dsa-1800"
            },
            {
              "name": "35387",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/35387"
            },
            {
              "name": "DSA-1787",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2009/dsa-1787"
            },
            {
              "name": "MDVSA-2009:119",
              "refsource": "MANDRIVA",
              "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:119"
            },
            {
              "name": "35121",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/35121"
            },
            {
              "name": "35394",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/35394"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2009-1265",
    "datePublished": "2009-04-08T01:00:00",
    "dateReserved": "2009-04-07T00:00:00",
    "dateUpdated": "2024-08-07T05:04:49.368Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

FKIE_CVE-2009-1265

CVE-2009-1265 (GCVE-0-2009-1265)

Tags

Sightings

Nomenclature