{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2009-03-27T00:00:00", "descriptions": [{"lang": "en", "value": "Integer overflow in rose_sendmsg (sys/net/af_rose.c) in the Linux kernel 2.6.24.4, and other versions before 2.6.30-rc1, might allow remote attackers to obtain sensitive information via a large length value, which causes \"garbage\" memory to be sent."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2009-04-16T09:00:00", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "35390", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/35390"}, {"name": "MDVSA-2009:135", "tags": ["vendor-advisory", "x_refsource_MANDRIVA"], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:135"}, {"name": "53630", "tags": ["vdb-entry", "x_refsource_OSVDB"], "url": "http://osvdb.org/53630"}, {"name": "SUSE-SA:2009:028", "tags": ["vendor-advisory", "x_refsource_SUSE"], "url": "http://lists.opensuse.org/opensuse-security-announce/2009-05/msg00002.html"}, {"name": "SUSE-SA:2009:032", "tags": ["vendor-advisory", "x_refsource_SUSE"], "url": "http://lists.opensuse.org/opensuse-security-announce/2009-06/msg00002.html"}, {"name": "35656", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/35656"}, {"tags": ["x_refsource_MISC"], "url": "http://bugzilla.kernel.org/show_bug.cgi?id=10423"}, {"name": "DSA-1794", "tags": ["vendor-advisory", "x_refsource_DEBIAN"], "url": "http://www.debian.org/security/2009/dsa-1794"}, {"name": "53571", "tags": ["vdb-entry", "x_refsource_OSVDB"], "url": "http://osvdb.org/53571"}, {"name": "SUSE-SA:2009:030", "tags": ["vendor-advisory", "x_refsource_SUSE"], "url": "http://lists.opensuse.org/opensuse-security-announce/2009-06/msg00000.html"}, {"name": "35185", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/35185"}, {"name": "35011", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/35011"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commitdiff%3Bh=83e0bbcbe2145f160fbaa109b0439dae7f4a38a9"}, {"name": "34654", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/34654"}, {"name": "[oss-security] 20090408 CVE-2009-1265 kernel: af_rose/x25: Sanity check the maximum user frame size", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://www.openwall.com/lists/oss-security/2009/04/08/2"}, {"name": "SUSE-SA:2009:031", "tags": ["vendor-advisory", "x_refsource_SUSE"], "url": "http://lists.opensuse.org/opensuse-security-announce/2009-06/msg00001.html"}, {"name": "USN-793-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU"], "url": "http://www.ubuntu.com/usn/usn-793-1"}, {"name": "53631", "tags": ["vdb-entry", "x_refsource_OSVDB"], "url": "http://osvdb.org/53631"}, {"name": "34981", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/34981"}, {"name": "DSA-1800", "tags": ["vendor-advisory", "x_refsource_DEBIAN"], "url": "http://www.debian.org/security/2009/dsa-1800"}, {"name": "35387", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/35387"}, {"name": "DSA-1787", "tags": ["vendor-advisory", "x_refsource_DEBIAN"], "url": "http://www.debian.org/security/2009/dsa-1787"}, {"name": "MDVSA-2009:119", "tags": ["vendor-advisory", "x_refsource_MANDRIVA"], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:119"}, {"name": "35121", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/35121"}, {"name": "35394", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/35394"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2009-1265", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Integer overflow in rose_sendmsg (sys/net/af_rose.c) in the Linux kernel 2.6.24.4, and other versions before 2.6.30-rc1, might allow remote attackers to obtain sensitive information via a large length value, which causes \"garbage\" memory to be sent."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "35390", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/35390"}, {"name": "MDVSA-2009:135", "refsource": "MANDRIVA", "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:135"}, {"name": "53630", "refsource": "OSVDB", "url": "http://osvdb.org/53630"}, {"name": "SUSE-SA:2009:028", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2009-05/msg00002.html"}, {"name": "SUSE-SA:2009:032", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2009-06/msg00002.html"}, {"name": "35656", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/35656"}, {"name": "http://bugzilla.kernel.org/show_bug.cgi?id=10423", "refsource": "MISC", "url": "http://bugzilla.kernel.org/show_bug.cgi?id=10423"}, {"name": "DSA-1794", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2009/dsa-1794"}, {"name": "53571", "refsource": "OSVDB", "url": "http://osvdb.org/53571"}, {"name": "SUSE-SA:2009:030", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2009-06/msg00000.html"}, {"name": "35185", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/35185"}, {"name": "35011", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/35011"}, {"name": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commitdiff;h=83e0bbcbe2145f160fbaa109b0439dae7f4a38a9", "refsource": "CONFIRM", "url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commitdiff;h=83e0bbcbe2145f160fbaa109b0439dae7f4a38a9"}, {"name": "34654", "refsource": "BID", "url": "http://www.securityfocus.com/bid/34654"}, {"name": "[oss-security] 20090408 CVE-2009-1265 kernel: af_rose/x25: Sanity check the maximum user frame size", "refsource": "MLIST", "url": "http://www.openwall.com/lists/oss-security/2009/04/08/2"}, {"name": "SUSE-SA:2009:031", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2009-06/msg00001.html"}, {"name": "USN-793-1", "refsource": "UBUNTU", "url": "http://www.ubuntu.com/usn/usn-793-1"}, {"name": "53631", "refsource": "OSVDB", "url": "http://osvdb.org/53631"}, {"name": "34981", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/34981"}, {"name": "DSA-1800", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2009/dsa-1800"}, {"name": "35387", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/35387"}, {"name": "DSA-1787", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2009/dsa-1787"}, {"name": "MDVSA-2009:119", "refsource": "MANDRIVA", "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:119"}, {"name": "35121", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/35121"}, {"name": "35394", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/35394"}]}}}}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2009-1265", "datePublished": "2009-04-08T01:00:00", "dateReserved": "2009-04-07T00:00:00", "dateUpdated": "2009-04-16T09:00:00", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.24.4:*:*:*:*:*:*:*", "matchCriteriaId": "6EE92406-DBF3-463E-8A51-F9679E851FDB", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.24.5:*:*:*:*:*:*:*", "matchCriteriaId": "3C60D19B-ED9B-443C-9D49-002ABD381119", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.24.6:*:*:*:*:*:*:*", "matchCriteriaId": "264C61EE-64F6-43AD-B54F-7D683C29E64F", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.24.7:*:*:*:*:*:*:*", "matchCriteriaId": "0149408A-30F6-4EDF-8B3B-CBAB884CE758", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.25:*:*:*:*:*:*:*", "matchCriteriaId": "71295664-89EC-4BB3-9F86-B1DDA20FAC5A", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.25.1:*:*:*:*:*:*:*", "matchCriteriaId": "37BE853A-BA6F-4A70-B166-E34441F0B7DE", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.25.2:*:*:*:*:*:*:*", "matchCriteriaId": "85064FDF-4B62-43BF-B36C-F659D739BC22", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.25.3:*:*:*:*:*:*:*", "matchCriteriaId": "CEADC505-FF44-4D45-8EA6-B23A1C4564D1", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.25.4:*:*:*:*:*:*:*", "matchCriteriaId": "0CE3C807-5C9B-4B71-868B-DF17ECB1514F", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.25.5:*:*:*:*:*:*:*", "matchCriteriaId": "A6CADAA2-91D2-40C4-90F3-D7F40A3D4CB0", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.25.6:*:*:*:*:*:*:*", "matchCriteriaId": "45B6847C-873B-4BE1-852D-239115E59BA4", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.25.7:*:*:*:*:*:*:*", "matchCriteriaId": "FF41209E-D27F-4642-A405-90E822A41897", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.25.8:*:*:*:*:*:*:*", "matchCriteriaId": "97F59FD9-46E5-4F63-80A0-091AD44D1867", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.25.9:*:*:*:*:*:*:*", "matchCriteriaId": "428844A5-E020-4AE9-8012-9AEDFCB7C32E", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.25.10:*:*:*:*:*:*:*", "matchCriteriaId": "94C9D70D-A552-48D6-9497-EE07EB5649D1", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.25.11:*:*:*:*:*:*:*", "matchCriteriaId": "AF6169FF-9FF9-4A81-BAEB-6D5132F64F61", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.25.12:*:*:*:*:*:*:*", "matchCriteriaId": "E6DC79CF-A504-4232-9F66-B5DCD0213DA0", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.25.13:*:*:*:*:*:*:*", "matchCriteriaId": "192B4273-0935-4232-BBFD-A850855CAC5F", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.25.14:*:*:*:*:*:*:*", "matchCriteriaId": "60E9FDA8-7EC3-4B9B-B508-27F948D60DDB", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.25.15:*:*:*:*:*:*:*", "matchCriteriaId": "E4E4A6E5-0C2C-42FD-B982-684CCB0DDFBB", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.25.16:*:*:*:*:*:*:*", "matchCriteriaId": "A16F2182-C489-4CA9-A56B-01463148D16F", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.25.17:*:*:*:*:*:*:*", "matchCriteriaId": "630A56D3-7A82-44DE-8888-2EB8CD1C24A0", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.25.18:*:*:*:*:*:*:*", "matchCriteriaId": "2E0D6431-E8E0-4079-A1A0-9CE6D1D67709", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.25.19:*:*:*:*:*:*:*", "matchCriteriaId": "BF4EF7A7-6E96-43B4-8287-368098ABBFA9", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.25.20:*:*:*:*:*:*:*", "matchCriteriaId": "BEF91995-A084-422A-A544-30B0B4D75E22", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.26:*:*:*:*:*:*:*", "matchCriteriaId": "E45F4429-5A9C-4E8B-96EE-CCF19776CABF", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.26.1:*:*:*:*:*:*:*", "matchCriteriaId": "1EFCAF09-BB20-424C-8648-014C0F71F8A9", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.26.2:*:*:*:*:*:*:*", "matchCriteriaId": "3A74970C-5EEA-47A7-A62D-AF98F4D1228F", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.26.3:*:*:*:*:*:*:*", "matchCriteriaId": "CEA56669-B09E-42C2-9591-245C46909A2F", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.26.4:*:*:*:*:*:*:*", "matchCriteriaId": "E9B33D60-8023-4A0B-ACF7-9F811EEB8BCD", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.26.5:*:*:*:*:*:*:*", "matchCriteriaId": "3D08D180-23F7-456F-98CA-26B53C678D76", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.26.6:*:*:*:*:*:*:*", "matchCriteriaId": "80E3C363-49C9-4869-83B5-76C14100BFF7", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.26.7:*:*:*:*:*:*:*", "matchCriteriaId": "1E1DE903-EDFC-4E0F-8EDF-7762FE3C7C80", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.27:*:*:*:*:*:*:*", "matchCriteriaId": "856FE78A-29B5-4411-98A0-4B0281C17EB9", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.27.1:*:*:*:*:*:*:*", "matchCriteriaId": "324B5A3E-FA65-4F02-9B8F-872F38CD1808", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.27.2:*:*:*:*:*:*:*", "matchCriteriaId": "C75A8FC4-58D2-4B6A-9D8E-FF12DF52E249", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.27.3:*:*:*:*:*:*:*", "matchCriteriaId": "DE21E2AE-9E01-471C-A419-6AB40A49C2F0", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.27.4:*:*:*:*:*:*:*", "matchCriteriaId": "ADFC2D46-65D0-426F-9AF8-8C910AE91D49", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.27.5:*:*:*:*:*:*:*", "matchCriteriaId": "11795F8E-7ACD-4597-9194-FC7241DCE057", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.27.6:*:*:*:*:*:*:*", "matchCriteriaId": "60F381E1-F3C5-49BE-B094-4D90E7B108F1", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.27.7:*:*:*:*:*:*:*", "matchCriteriaId": "D82A6217-CFA6-4E72-8BED-0297E13EABF6", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.27.8:*:*:*:*:*:*:*", "matchCriteriaId": "7CEA1AF2-2DE7-4B38-987D-15FFA70F06B8", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.27.9:*:*:*:*:*:*:*", "matchCriteriaId": "7954A701-1671-4080-B1E6-47E0208FD28C", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.27.10:*:*:*:*:*:*:*", "matchCriteriaId": "63D06512-EAF0-48C6-98F0-066E63FF07EC", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.27.11:*:*:*:*:*:*:*", "matchCriteriaId": "7F35DA6B-C6D4-47CC-97E7-9659DCFDD162", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.27.12:*:*:*:*:*:*:*", "matchCriteriaId": "D75B48F1-623A-4B96-9E08-4AA2DE748490", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.27.13:*:*:*:*:*:*:*", "matchCriteriaId": "9E6EB7C3-D9AB-43E7-8B78-2C36AE920935", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.27.14:*:*:*:*:*:*:*", "matchCriteriaId": "7FC87A28-C6A1-4E90-BD9F-A5BE1985DB50", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.27.15:*:*:*:*:*:*:*", "matchCriteriaId": "0383E2A5-60EE-47F3-9DA8-BF75028D511F", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.27.16:*:*:*:*:*:*:*", "matchCriteriaId": "E8B0C229-2A79-47E0-856A-2AE0FF97B967", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.27.17:*:*:*:*:*:*:*", "matchCriteriaId": "FB27B247-D6BF-49C4-B113-76C9A47B7DCD", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.27.18:*:*:*:*:*:*:*", "matchCriteriaId": "F94BA1B0-52B9-4303-9C41-3ACC3AC1945E", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.27.19:*:*:*:*:*:*:*", "matchCriteriaId": "1ACBB194-1D24-464A-B79C-44B8127EAD52", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.27.20:*:*:*:*:*:*:*", "matchCriteriaId": "83E5F269-7711-447D-B798-0F5478E36299", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.27.21:*:*:*:*:*:*:*", "matchCriteriaId": "A0138807-6313-4A3F-AB5A-4B7D4A9BE287", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.27.22:*:*:*:*:*:*:*", "matchCriteriaId": "D4BA2227-F259-499D-BF50-5074B1E7DD3E", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.27.23:*:*:*:*:*:*:*", "matchCriteriaId": "78A896D0-032C-4467-9D57-E47E8C612704", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.27.24:*:*:*:*:*:*:*", "matchCriteriaId": "3D1D4C8F-8C09-4A49-AFFD-33093AE7A437", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.27.25:*:*:*:*:*:*:*", "matchCriteriaId": "A415FECF-89CC-4D71-B1BF-6A678D32599D", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.27.26:*:*:*:*:*:*:*", "matchCriteriaId": "98F77E54-5F4A-4D47-8DE8-097B4BBC7944", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.27.27:*:*:*:*:*:*:*", "matchCriteriaId": "752148FC-1594-4108-AE0F-C5145B978454", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.27.28:*:*:*:*:*:*:*", "matchCriteriaId": "09546671-E75D-4F50-9D86-DFDDAC9DC5DE", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.27.29:*:*:*:*:*:*:*", "matchCriteriaId": "EDC7A2D7-ACB4-4871-B7C0-02711A53DF1C", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.27.30:*:*:*:*:*:*:*", "matchCriteriaId": "6964925C-4394-4E82-976B-770A99E74F1D", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.27.31:*:*:*:*:*:*:*", "matchCriteriaId": "2E8C909E-02D7-4B29-AA68-897BD0200B7C", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.27.32:*:*:*:*:*:*:*", "matchCriteriaId": "AA036609-ADD3-4903-AB9D-E8BF81CFC776", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.27.33:*:*:*:*:*:*:*", "matchCriteriaId": "38F9E122-994B-4276-9FCF-A8E4D2D06D4E", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.27.34:*:*:*:*:*:*:*", "matchCriteriaId": "7A15720C-3BDF-4343-B270-2575978293EE", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.27.35:*:*:*:*:*:*:*", "matchCriteriaId": "FB5ADCFA-2CD8-4A00-AFEC-B84F7E0015A6", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.27.36:*:*:*:*:*:*:*", "matchCriteriaId": "6EA2EE9B-27FD-49FE-8665-159DABA0E3C6", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.27.37:*:*:*:*:*:*:*", "matchCriteriaId": "4C81C5F8-2224-4D84-B7C0-E18421276AFF", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.27.38:*:*:*:*:*:*:*", "matchCriteriaId": "B44A2C76-174E-40A5-9603-3B84D0D35557", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.27.39:*:*:*:*:*:*:*", "matchCriteriaId": "42ACE154-0709-4AA1-82E3-1B7F34E63187", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.27.40:*:*:*:*:*:*:*", "matchCriteriaId": "3022E902-9F0D-49FF-9279-71E0E1E8A873", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.27.41:*:*:*:*:*:*:*", "matchCriteriaId": "DDF77B26-91FA-4245-BFEC-43FD021A28E7", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.27.42:*:*:*:*:*:*:*", "matchCriteriaId": "601B4C93-9A9C-40E8-A9D0-DA9D71C745EA", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.27.43:*:*:*:*:*:*:*", "matchCriteriaId": "FF7CE35A-87A4-4D95-86F9-211D50E30482", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.27.44:*:*:*:*:*:*:*", "matchCriteriaId": "CEA8675A-A37C-4658-9D26-3359EBA277B1", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.27.45:*:*:*:*:*:*:*", "matchCriteriaId": "00E8CB86-ECEE-4435-BEFC-B8D209B2C5AF", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.27.46:*:*:*:*:*:*:*", "matchCriteriaId": "B373DEAE-8F8B-44AA-BAE5-3A0120A541F9", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.27.47:*:*:*:*:*:*:*", "matchCriteriaId": "7D40063F-13D0-4897-AE71-1C7B617C8855", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.27.48:*:*:*:*:*:*:*", "matchCriteriaId": "AC7E89C8-CF89-4FA8-A9F1-F0B415E5FE10", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.27.49:*:*:*:*:*:*:*", "matchCriteriaId": "4034EFE6-449D-4749-9265-B47D44AA4EC6", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.27.50:*:*:*:*:*:*:*", "matchCriteriaId": "1F835D17-ACF9-4AE6-8C38-B74BE448B8B8", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.27.51:*:*:*:*:*:*:*", "matchCriteriaId": "21A12676-7EBE-4D83-83BD-D46CC7A1773A", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.27.52:*:*:*:*:*:*:*", "matchCriteriaId": "2FB112DB-891D-4FDB-8772-2E233A39A7BA", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.27.53:*:*:*:*:*:*:*", "matchCriteriaId": "4B3A0794-B10C-4DFD-9CAD-202CA1DC9250", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.27.54:*:*:*:*:*:*:*", "matchCriteriaId": "76E86CE6-CD1C-4412-939F-B45867068D44", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.27.55:*:*:*:*:*:*:*", "matchCriteriaId": "1F6896A4-16E0-46B6-B90C-5C002C526478", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.27.56:*:*:*:*:*:*:*", "matchCriteriaId": "469534AB-2D0F-4B31-8121-05A792FA9332", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.27.57:*:*:*:*:*:*:*", "matchCriteriaId": "C2820354-F25B-485D-9FA7-E32B38DDBB1D", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.27.58:*:*:*:*:*:*:*", "matchCriteriaId": "EF88BEB3-9EA4-47AA-B24E-DE9AD879382A", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.27.59:*:*:*:*:*:*:*", "matchCriteriaId": "C4209B4C-4901-4235-B35E-B0085AF1952F", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.27.60:*:*:*:*:*:*:*", "matchCriteriaId": "5D748A69-4A93-421E-AD83-2B63B2460A2D", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.27.61:*:*:*:*:*:*:*", "matchCriteriaId": "2727A6AE-A1B6-4158-BB73-49D7C86104F4", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.27.62:*:*:*:*:*:*:*", "matchCriteriaId": "71F3744A-0205-4BD6-8D43-E06DCBA54C9A", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.28:*:*:*:*:*:*:*", "matchCriteriaId": "26BD805F-08EB-42EC-BC54-26A7278E5089", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.28.1:*:*:*:*:*:*:*", "matchCriteriaId": "217715A5-E69D-45C0-B8E4-5681528C651B", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.28.2:*:*:*:*:*:*:*", "matchCriteriaId": "A87AD66C-4321-4459-8556-3B0BA38C493A", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.28.3:*:*:*:*:*:*:*", "matchCriteriaId": "87A347E0-9C0B-4674-9363-3C36DA27AC45", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.28.4:*:*:*:*:*:*:*", "matchCriteriaId": "8E0F3DF0-6BD0-4560-9A13-C6493939D8B0", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.28.5:*:*:*:*:*:*:*", "matchCriteriaId": "D4BE1DF7-99CB-416B-B6F9-EC40FBD7D1C6", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.28.6:*:*:*:*:*:*:*", "matchCriteriaId": "B93AF773-FBB4-4A4A-ADD5-ADA40C24CD36", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.28.7:*:*:*:*:*:*:*", "matchCriteriaId": "38A55F08-88A9-42D5-A2B1-8B8C0D6DED09", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.28.8:*:*:*:*:*:*:*", "matchCriteriaId": "3975EC77-D33D-4167-91BE-08237C3EE9D0", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.28.9:*:*:*:*:*:*:*", "matchCriteriaId": "0A0F2534-C267-43D9-8365-C00CD979B052", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.28.10:*:*:*:*:*:*:*", "matchCriteriaId": "27430190-EB83-43C5-9584-4F65CF65151A", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.29:*:*:*:*:*:*:*", "matchCriteriaId": "C386B13F-9D7C-45F8-B86A-886384144A8D", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.29.1:*:*:*:*:*:*:*", "matchCriteriaId": "04BCABEB-DE2A-4C85-BFD5-7A1318479ECA", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.29.2:*:*:*:*:*:*:*", "matchCriteriaId": "A67A63E8-837E-4162-999E-3B3DAAE57C96", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.29.3:*:*:*:*:*:*:*", "matchCriteriaId": "A701E87D-B807-426E-9CD4-6721DBCABE19", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.29.4:*:*:*:*:*:*:*", "matchCriteriaId": "66F6E506-EC0A-4784-BDA3-B7B5CD938B92", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.29.5:*:*:*:*:*:*:*", "matchCriteriaId": "DBFA0277-B491-4BB1-88DC-85362F0A689C", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.29.6:*:*:*:*:*:*:*", "matchCriteriaId": "BE922924-6496-4D24-94A6-8EDD431A4568", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "Integer overflow in rose_sendmsg (sys/net/af_rose.c) in the Linux kernel 2.6.24.4, and other versions before 2.6.30-rc1, might allow remote attackers to obtain sensitive information via a large length value, which causes \"garbage\" memory to be sent."}, {"lang": "es", "value": "Desbordamiento de entero en rose_sendmsg (sys/net/af_rose.c) en el kernel de Linux v2.6.24.4 y otras versiones anteriores a la 2.6.30-rc1, podr\u00eda permitir a atacantes remotos conseguir informaci\u00f3n sensible a trav\u00e9s de un valor largo, lo que causar\u00eda que la \"basura\" de la memoria fuese enviada."}], "id": "CVE-2009-1265", "lastModified": "2023-11-07T02:03:52.073", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2009-04-08T01:30:00.467", "references": [{"source": "cve@mitre.org", "tags": ["Exploit"], "url": "http://bugzilla.kernel.org/show_bug.cgi?id=10423"}, {"source": "cve@mitre.org", "url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commitdiff%3Bh=83e0bbcbe2145f160fbaa109b0439dae7f4a38a9"}, {"source": "cve@mitre.org", "url": "http://lists.opensuse.org/opensuse-security-announce/2009-05/msg00002.html"}, {"source": "cve@mitre.org", "url": "http://lists.opensuse.org/opensuse-security-announce/2009-06/msg00000.html"}, {"source": "cve@mitre.org", "url": "http://lists.opensuse.org/opensuse-security-announce/2009-06/msg00001.html"}, {"source": "cve@mitre.org", "url": "http://lists.opensuse.org/opensuse-security-announce/2009-06/msg00002.html"}, {"source": "cve@mitre.org", "url": "http://osvdb.org/53571"}, {"source": "cve@mitre.org", "url": "http://osvdb.org/53630"}, {"source": "cve@mitre.org", "url": "http://osvdb.org/53631"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/34981"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/35011"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/35121"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/35185"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/35387"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/35390"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/35394"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/35656"}, {"source": "cve@mitre.org", "url": "http://www.debian.org/security/2009/dsa-1787"}, {"source": "cve@mitre.org", "url": "http://www.debian.org/security/2009/dsa-1794"}, {"source": "cve@mitre.org", "url": "http://www.debian.org/security/2009/dsa-1800"}, {"source": "cve@mitre.org", "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:119"}, {"source": "cve@mitre.org", "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:135"}, {"source": "cve@mitre.org", "url": "http://www.openwall.com/lists/oss-security/2009/04/08/2"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/bid/34654"}, {"source": "cve@mitre.org", "url": "http://www.ubuntu.com/usn/usn-793-1"}], "sourceIdentifier": "cve@mitre.org", "vendorComments": [{"comment": "This issue did not affect the versions of Linux kernel as shipped with Red Hat Enterprise Linux 2.1, 4, 5, or Red Hat Enterprise MRG, as the affected driver is not enabled in these kernels.\n\nThe affected driver is available in Red Hat Enterprise Linux 3, but only if the kernel-unsupported package is installed.\n\nThis issue has been rated as having moderate security impact as it does not lead to a denial of service or privilege escalation. As Red Hat Enterprise Linux 3 is now in Production 3 of its maintenance life-cycle, http://www.redhat.com/security/updates/errata, and the affected driver can only be enabled when using the unsupported kernel-unsupported package, a fix for this issue is not currently planned to be included in the future updates.", "lastModified": "2009-06-17T00:00:00", "organization": "Red Hat"}], "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-189"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}