CVE-2009-4067

Опубликовано: 29 окт. 2009

Источник: redhat

CVSS2: 6.2

EPSS Низкий

Описание

Buffer overflow in the auerswald_probe function in the Auerswald Linux USB driver for the Linux kernel before 2.6.27 allows physically proximate attackers to execute arbitrary code, cause a denial of service via a crafted USB device, or take full control of the system.

Отчет

This issue did not affect the Linux kernel as shipped with Red Hat Enterprise Linux 6 and Red Hat Enterprise MRG as the affected code has been removed. It was addressed in Red Hat Enterprise Linux 5 via https://rhn.redhat.com/errata/RHSA-2011-1386.html. Red Hat Enterprise Linux 4 is now in Production 3 of the maintenance life-cycle, https://access.redhat.com/support/policy/updates/errata/, therefore the fix for this issue is not currently planned to be included in the future updates.

Затронутые пакеты

Платформа	Пакет	Состояние	Рекомендация	Релиз
Red Hat Enterprise Linux 4	kernel	Will not fix
Red Hat Enterprise Linux 6	kernel	Not affected
Red Hat Enterprise MRG 2	realtime-kernel	Not affected
Red Hat Enterprise Linux 5	kernel	Fixed	RHSA-2011:1386	20.10.2011

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Low

https://bugzilla.redhat.com/show_bug.cgi?id=722393kernel: usb: buffer overflow in auerswald_probe()

EPSS

Процентиль: 59%

0.00393

Низкий

6.2 Medium

CVSS2

Связанные уязвимости

CVE-2009-4067

CVSS3: 6.8

ubuntu

больше 5 лет назад

CVE-2009-4067

CVSS3: 6.8

nvd

больше 5 лет назад

CVE-2009-4067

CVSS3: 6.8

debian

больше 5 лет назад

Buffer overflow in the auerswald_probe function in the Auerswald Linux ...

GHSA-p3pg-j7qj-fx26

github

около 3 лет назад

ELSA-2011-1386

oracle-oval

больше 13 лет назад

ELSA-2011-1386: kernel security, bug fix, and enhancement update (IMPORTANT)

EPSS

Процентиль: 59%

0.00393

Низкий

6.2 Medium

CVSS2