CVE-2009-2903

2009-09-1522:30:00

CWE-772

[email protected]

web.nvd.nist.gov

CVSS2

7.1

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:N/I:N/A:C

AI Score

Confidence

High

EPSS

0.028

Percentile

90.6%

JSON

Memory leak in the appletalk subsystem in the Linux kernel 2.4.x through 2.4.37.6 and 2.6.x through 2.6.31, when the appletalk and ipddp modules are loaded but the ipddp"N" device is not found, allows remote attackers to cause a denial of service (memory consumption) via IP-DDP datagrams.

Affected configurations

Nvd

Node

linuxlinux_kernelRange2.4.0–2.4.37.6

linuxlinux_kernelRange2.6.0–2.6.31

Node

suselinux_enterprise_debuginfoMatch10sp2

suselinux_enterprise_debuginfoMatch10sp3

suselinux_enterprise_desktopMatch10sp2

suselinux_enterprise_desktopMatch10sp3

suselinux_enterprise_serverMatch9

suselinux_enterprise_serverMatch10sp2

suselinux_enterprise_serverMatch10sp3

suselinux_enterprise_software_development_kitMatch10sp2

suselinux_enterprise_software_development_kitMatch10sp3

Node

canonicalubuntu_linuxMatch6.06

canonicalubuntu_linuxMatch8.04-

canonicalubuntu_linuxMatch8.10

canonicalubuntu_linuxMatch9.04

VendorProductVersionCPE
linuxlinux_kernel*cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
suselinux_enterprise_debuginfo10cpe:2.3:a:suse:linux_enterprise_debuginfo:10:sp2:*:*:*:*:*:*
suselinux_enterprise_debuginfo10cpe:2.3:a:suse:linux_enterprise_debuginfo:10:sp3:*:*:*:*:*:*
suselinux_enterprise_desktop10cpe:2.3:o:suse:linux_enterprise_desktop:10:sp2:*:*:*:*:*:*
suselinux_enterprise_desktop10cpe:2.3:o:suse:linux_enterprise_desktop:10:sp3:*:*:*:*:*:*
suselinux_enterprise_server9cpe:2.3:o:suse:linux_enterprise_server:9:*:*:*:*:*:*:*
suselinux_enterprise_server10cpe:2.3:o:suse:linux_enterprise_server:10:sp2:*:*:*:*:*:*
suselinux_enterprise_server10cpe:2.3:o:suse:linux_enterprise_server:10:sp3:*:*:*:*:*:*
suselinux_enterprise_software_development_kit10cpe:2.3:o:suse:linux_enterprise_software_development_kit:10:sp2:*:*:*:*:*:*
suselinux_enterprise_software_development_kit10cpe:2.3:o:suse:linux_enterprise_software_development_kit:10:sp3:*:*:*:*:*:*

Vendor	Product	Version	CPE
linux	linux_kernel	*	cpe:2.3:o:linux:linux_kernel::::::::
suse	linux_enterprise_debuginfo	10	cpe:2.3:a:suse:linux_enterprise_debuginfo:10:sp2::::::
suse	linux_enterprise_debuginfo	10	cpe:2.3:a:suse:linux_enterprise_debuginfo:10:sp3::::::
suse	linux_enterprise_desktop	10	cpe:2.3:o:suse:linux_enterprise_desktop:10:sp2::::::
suse	linux_enterprise_desktop	10	cpe:2.3:o:suse:linux_enterprise_desktop:10:sp3::::::
suse	linux_enterprise_server	9	cpe:2.3:o:suse:linux_enterprise_server:9:::::::*
suse	linux_enterprise_server	10	cpe:2.3:o:suse:linux_enterprise_server:10:sp2::::::
suse	linux_enterprise_server	10	cpe:2.3:o:suse:linux_enterprise_server:10:sp3::::::
suse	linux_enterprise_software_development_kit	10	cpe:2.3:o:suse:linux_enterprise_software_development_kit:10:sp2::::::
suse	linux_enterprise_software_development_kit	10	cpe:2.3:o:suse:linux_enterprise_software_development_kit:10:sp3::::::