CVE-2009-4537

N/A Unknown
Published: January 12, 2010 Modified: April 23, 2026
View on NVD

Description

drivers/net/r8169.c in the r8169 driver in the Linux kernel 2.6.32.3 and earlier does not properly check the size of an Ethernet frame that exceeds the MTU, which allows remote attackers to (1) cause a denial of service (temporary network outage) via a packet with a crafted size, in conjunction with certain packets containing A characters and certain packets containing E characters; or (2) cause a denial of service (system crash) via a packet with a crafted size, in conjunction with certain packets containing '\0' characters, related to the value of the status register and erroneous behavior associated with the RxMaxSize register. NOTE: this vulnerability exists because of an incorrect fix for CVE-2009-1389.

AI Explanation

Get an AI-powered plain-language explanation of this vulnerability and remediation steps.

Login to generate AI explanation

References to Advisories, Solutions, and Tools

Patch Vendor Advisory Exploit Third Party Advisory
http://blog.c22.cc/2009/12/27/26c3-cat-procsysnetipv4fuckups/
Source: cve@mitre.org
Third Party Advisory
http://events.ccc.de/congress/2009/Fahrplan/events/3596.en.html
Source: cve@mitre.org
Third Party Advisory
http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035159.html
Source: cve@mitre.org
Mailing List Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2010-07/msg00006.html
Source: cve@mitre.org
Mailing List Third Party Advisory
http://marc.info/?l=linux-netdev&m=126202972828626&w=2
Source: cve@mitre.org
Mailing List Third Party Advisory
http://marc.info/?t=126202986900002&r=1&w=2
Source: cve@mitre.org
Mailing List Third Party Advisory
http://secunia.com/advisories/38031
Source: cve@mitre.org
Third Party Advisory
http://secunia.com/advisories/38610
Source: cve@mitre.org
Third Party Advisory
http://secunia.com/advisories/39742
Source: cve@mitre.org
Third Party Advisory
http://secunia.com/advisories/39830
Source: cve@mitre.org
Third Party Advisory
http://secunia.com/advisories/40645
Source: cve@mitre.org
Third Party Advisory
http://securitytracker.com/id?1023419
Source: cve@mitre.org
Third Party Advisory VDB Entry
http://twitter.com/dakami/statuses/7104238406
Source: cve@mitre.org
Third Party Advisory
http://www.debian.org/security/2010/dsa-2053
Source: cve@mitre.org
Third Party Advisory
http://www.novell.com/linux/security/advisories/2010_23_kernel.html
Source: cve@mitre.org
Third Party Advisory
http://www.openwall.com/lists/oss-security/2009/12/28/1
Source: cve@mitre.org
Mailing List Third Party Advisory
http://www.openwall.com/lists/oss-security/2009/12/29/2
Source: cve@mitre.org
Mailing List Third Party Advisory
http://www.openwall.com/lists/oss-security/2009/12/31/1
Source: cve@mitre.org
Mailing List Third Party Advisory
http://www.redhat.com/support/errata/RHSA-2010-0019.html
Source: cve@mitre.org
Third Party Advisory
http://www.redhat.com/support/errata/RHSA-2010-0020.html
Source: cve@mitre.org
Third Party Advisory
http://www.redhat.com/support/errata/RHSA-2010-0041.html
Source: cve@mitre.org
Third Party Advisory
http://www.redhat.com/support/errata/RHSA-2010-0053.html
Source: cve@mitre.org
Third Party Advisory
http://www.redhat.com/support/errata/RHSA-2010-0111.html
Source: cve@mitre.org
Third Party Advisory
http://www.securityfocus.com/bid/37521
Source: cve@mitre.org
Third Party Advisory VDB Entry
http://www.vupen.com/english/advisories/2010/1857
Source: cve@mitre.org
Third Party Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=550907
Source: cve@mitre.org
Issue Tracking Third Party Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/55647
Source: cve@mitre.org
Third Party Advisory VDB Entry
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7443
Source: cve@mitre.org
Third Party Advisory
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9439
Source: cve@mitre.org
Third Party Advisory
https://rhn.redhat.com/errata/RHSA-2010-0095.html
Source: cve@mitre.org
Third Party Advisory
http://blog.c22.cc/2009/12/27/26c3-cat-procsysnetipv4fuckups/
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://events.ccc.de/congress/2009/Fahrplan/events/3596.en.html
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035159.html
Source: af854a3a-2127-422b-91ae-364da2661108
Mailing List Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2010-07/msg00006.html
Source: af854a3a-2127-422b-91ae-364da2661108
Mailing List Third Party Advisory
http://marc.info/?l=linux-netdev&m=126202972828626&w=2
Source: af854a3a-2127-422b-91ae-364da2661108
Mailing List Third Party Advisory
http://marc.info/?t=126202986900002&r=1&w=2
Source: af854a3a-2127-422b-91ae-364da2661108
Mailing List Third Party Advisory
http://secunia.com/advisories/38031
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://secunia.com/advisories/38610
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://secunia.com/advisories/39742
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://secunia.com/advisories/39830
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://secunia.com/advisories/40645
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://securitytracker.com/id?1023419
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory VDB Entry
http://twitter.com/dakami/statuses/7104238406
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://www.debian.org/security/2010/dsa-2053
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://www.novell.com/linux/security/advisories/2010_23_kernel.html
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://www.openwall.com/lists/oss-security/2009/12/28/1
Source: af854a3a-2127-422b-91ae-364da2661108
Mailing List Third Party Advisory
http://www.openwall.com/lists/oss-security/2009/12/29/2
Source: af854a3a-2127-422b-91ae-364da2661108
Mailing List Third Party Advisory
http://www.openwall.com/lists/oss-security/2009/12/31/1
Source: af854a3a-2127-422b-91ae-364da2661108
Mailing List Third Party Advisory
http://www.redhat.com/support/errata/RHSA-2010-0019.html
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://www.redhat.com/support/errata/RHSA-2010-0020.html
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://www.redhat.com/support/errata/RHSA-2010-0041.html
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://www.redhat.com/support/errata/RHSA-2010-0053.html
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://www.redhat.com/support/errata/RHSA-2010-0111.html
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://www.securityfocus.com/bid/37521
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory VDB Entry
http://www.vupen.com/english/advisories/2010/1857
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=550907
Source: af854a3a-2127-422b-91ae-364da2661108
Issue Tracking Third Party Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/55647
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory VDB Entry
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7443
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9439
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
https://rhn.redhat.com/errata/RHSA-2010-0095.html
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory

60 reference(s) from NVD

Quick Stats

CVSS v3 Score
N/A / 10.0
EPSS (Exploit Probability)
3.7%
88th percentile
Exploitation Status
Not in CISA KEV

Weaknesses (CWE)

CWE-20

Affected Vendors

debian linux

Related CVEs

CVE-2026-7024 5.4
CVE-2026-7023 6.3
CVE-2026-7022 7.3
CVE-2026-7021 3.5
CVE-2026-7020 5.6