Upstream information
Description
drivers/net/r8169.c in the r8169 driver in the Linux kernel 2.6.32.3 and earlier does not properly check the size of an Ethernet frame that exceeds the MTU, which allows remote attackers to (1) cause a denial of service (temporary network outage) via a packet with a crafted size, in conjunction with certain packets containing A characters and certain packets containing E characters; or (2) cause a denial of service (system crash) via a packet with a crafted size, in conjunction with certain packets containing '\0' characters, related to the value of the status register and erroneous behavior associated with the RxMaxSize register. NOTE: this vulnerability exists because of an incorrect fix for CVE-2009-1389.NVD CVSS v2 Base Score: 7.8 (AV:N/AC:L/Au:N/C:N/I:N/A:C)
Novell/SUSE information
Novell Bugzilla entry: 567376 SUSE Security Advisories:- SUSE-SA:2010:005, published Fri, 15 Jan 2010 14:00:00 +0000
- SUSE-SA:2010:023, published Thu, 06 May 2010 13:00:00 +0000
- SUSE-SA:2010:031, published Tue, 20 Jul 2010 11:00:00 +0000
- SUSE-SA:2010:036, published Wed, 01 Sep 2010 11:00:00 +0000
- SUSE-SA:2010:046, published Thu, 23 Sep 2010 15:00:00 +0000
List of released packages
| Product(s) | Fixed package version(s) | References |
|---|---|---|
| SUSE Linux Enterprise 10 SP2 DEBUGINFO for IBM zSeries 64bit |
| sles10-sp2.s390x sles10-sp2-debuginfo.s390x ZYPP Patch Nr: 7014 |
| SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T |
| sle10-sp3-sdk.x86-64 sles10-sp3-debuginfo.x86-64 sles10-sp3.x86-64 sled10-sp3.x86-64 ZYPP Patch Nr: 6986 |
| SUSE Linux Enterprise Server 10 SP3 DEBUGINFO |
| sle10-sp3-sdk.x86-64 sles10-sp3-debuginfo.x86-64 sles10-sp3.x86-64 sled10-sp3.x86-64 ZYPP Patch Nr: 6986 |
| SUSE Linux Enterprise SDK 10 SP3 SUSE Linux Enterprise Server for SAP 10 SP3 |
| sle10-sp3-sdk.x86-64 sles10-sp3-debuginfo.x86-64 sles10-sp3.x86-64 sled10-sp3.x86-64 ZYPP Patch Nr: 6986 |
| SUSE Linux Enterprise SDK 10 SP3 |
| sle10-sp3-sdk.x86-64 sles10-sp3-debuginfo.x86-64 sles10-sp3.x86-64 sled10-sp3.x86-64 ZYPP Patch Nr: 6986 |
| SUSE Linux Enterprise Server 10 SP3 DEBUGINFO |
| sles10-sp3-debuginfo.s390x sles10-sp3.s390x ZYPP Patch Nr: 7062 |
| SUSE Linux Enterprise Server 10 SP3 |
| sles10-sp3-debuginfo.s390x sles10-sp3.s390x ZYPP Patch Nr: 7062 |
| SUSE Linux Enterprise 11 GA DEBUGINFO |
| sles11.ppc sle11-hae.ppc SAT Patch Nr: 2693 |
| SUSE Linux Enterprise High Availability Extension 11 |
| sles11.ppc sle11-hae.ppc SAT Patch Nr: 2693 |
| SUSE Linux Enterprise Server 11 GA |
| sles11.ppc sle11-hae.ppc SAT Patch Nr: 2693 |
| SUSE Linux Enterprise 10 SP2 DEBUGINFO for AMD64 and Intel EM64T |
| sles10-sp2-debuginfo.x86-64 sled10-sp2.x86-64 sle10-sp2-sdk.x86-64 sles10-sp2.x86-64 ZYPP Patch Nr: 7015 |
| SUSE Linux Enterprise Server for SAP 10 SP2 |
| sles10-sp2-debuginfo.x86-64 sled10-sp2.x86-64 sle10-sp2-sdk.x86-64 sles10-sp2.x86-64 ZYPP Patch Nr: 7015 |
| SUSE Linux Enterprise SDK 10 SP2 |
| sles10-sp2-debuginfo.x86-64 sled10-sp2.x86-64 sle10-sp2-sdk.x86-64 sles10-sp2.x86-64 ZYPP Patch Nr: 7015 |
| SUSE Linux Enterprise 10 SP2 DEBUGINFO for x86 |
| sled10-sp2.x86 sles10-sp2-debuginfo.x86 sle10-sp2-sdk.x86 sles10-sp2.x86 ZYPP Patch Nr: 7011 |
| SUSE Linux Enterprise SDK 10 SP2 |
| sled10-sp2.x86 sles10-sp2-debuginfo.x86 sle10-sp2-sdk.x86 sles10-sp2.x86 ZYPP Patch Nr: 7011 |
| openSUSE 11.1 |
| |
| openSUSE 11.1 |
| |
| SUSE Linux Enterprise Server 10 SP3 DEBUGINFO |
| sle10-sp3-sdk.ppc sles10-sp3.ppc sles10-sp3-debuginfo.ppc ZYPP Patch Nr: 7061 |
| SUSE Linux Enterprise SDK 10 SP3 |
| sle10-sp3-sdk.ppc sles10-sp3.ppc sles10-sp3-debuginfo.ppc ZYPP Patch Nr: 7061 |
| SUSE Linux Enterprise Server 10 SP3 |
| sle10-sp3-sdk.ppc sles10-sp3.ppc sles10-sp3-debuginfo.ppc ZYPP Patch Nr: 7061 |
| SUSE Linux Enterprise 11 GA DEBUGINFO |
| sles11.x86 sled11.x86 sle11-hae.x86 SAT Patch Nr: 2682 |
| SUSE Linux Enterprise High Availability Extension 11 |
| sles11.x86 sled11.x86 sle11-hae.x86 SAT Patch Nr: 2682 |
| SUSE Linux Enterprise Desktop 11 GA |
| sles11.x86 sled11.x86 sle11-hae.x86 SAT Patch Nr: 2682 |
| SUSE Linux Enterprise Server 11 GA |
| sles11.x86 sled11.x86 sle11-hae.x86 SAT Patch Nr: 2682 |
| SUSE Linux Enterprise Server 10 SP3 DEBUGINFO |
| sles10-sp3.ia64 sles10-sp3-debuginfo.ia64 sle10-sp3-sdk.ia64 ZYPP Patch Nr: 7060 |
| SUSE Linux Enterprise SDK 10 SP3 |
| sles10-sp3.ia64 sles10-sp3-debuginfo.ia64 sle10-sp3-sdk.ia64 ZYPP Patch Nr: 7060 |
| SUSE Linux Enterprise Server 10 SP3 |
| sles10-sp3.ia64 sles10-sp3-debuginfo.ia64 sle10-sp3-sdk.ia64 ZYPP Patch Nr: 7060 |
| SUSE Linux Enterprise 11 GA DEBUGINFO |
| sle11-hae.ia64 sles11.ia64 SAT Patch Nr: 2683 |
| SUSE Linux Enterprise High Availability Extension 11 |
| sle11-hae.ia64 sles11.ia64 SAT Patch Nr: 2683 |
| SUSE Linux Enterprise Server 11 GA |
| sle11-hae.ia64 sles11.ia64 SAT Patch Nr: 2683 |
| SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T |
| sled10-sp3.x86-64 sles10-sp3-debuginfo.x86-64 sles10-sp3.x86-64 sle10-sp3-sdk.x86-64 ZYPP Patch Nr: 7063 |
| SUSE Linux Enterprise Server 10 SP3 DEBUGINFO |
| sled10-sp3.x86-64 sles10-sp3-debuginfo.x86-64 sles10-sp3.x86-64 sle10-sp3-sdk.x86-64 ZYPP Patch Nr: 7063 |
| SUSE Linux Enterprise SDK 10 SP3 SUSE Linux Enterprise Server for SAP 10 SP3 |
| sled10-sp3.x86-64 sles10-sp3-debuginfo.x86-64 sles10-sp3.x86-64 sle10-sp3-sdk.x86-64 ZYPP Patch Nr: 7063 |
| SUSE Linux Enterprise SDK 10 SP3 |
| sled10-sp3.x86-64 sles10-sp3-debuginfo.x86-64 sles10-sp3.x86-64 sle10-sp3-sdk.x86-64 ZYPP Patch Nr: 7063 |
| SUSE CORE 9 for AMD64 and Intel EM64T |
| Builds YOU Patch Nr: 12814 |
| SUSE Linux Enterprise 11 GA DEBUGINFO |
| sles11.x86-64 sle11-hae.x86-64 sled11.x86-64 SAT Patch Nr: 2689 |
| SUSE Linux Enterprise High Availability Extension 11 |
| sles11.x86-64 sle11-hae.x86-64 sled11.x86-64 SAT Patch Nr: 2689 |
| SUSE Linux Enterprise Desktop 11 GA |
| sles11.x86-64 sle11-hae.x86-64 sled11.x86-64 SAT Patch Nr: 2689 |
| SUSE Linux Enterprise Server 11 GA |
| sles11.x86-64 sle11-hae.x86-64 sled11.x86-64 SAT Patch Nr: 2689 |
| SUSE Linux Enterprise Desktop 10 SP3 for x86 |
| sled10-sp3.x86 sle10-sp3-sdk.x86 sles10-sp3.x86 sles10-sp3-debuginfo.x86 ZYPP Patch Nr: 7059 |
| SUSE Linux Enterprise Server 10 SP3 DEBUGINFO |
| sled10-sp3.x86 sle10-sp3-sdk.x86 sles10-sp3.x86 sles10-sp3-debuginfo.x86 ZYPP Patch Nr: 7059 |
| SUSE Linux Enterprise SDK 10 SP3 |
| sled10-sp3.x86 sle10-sp3-sdk.x86 sles10-sp3.x86 sles10-sp3-debuginfo.x86 ZYPP Patch Nr: 7059 |
| SUSE Linux Enterprise Server 10 SP3 |
| sled10-sp3.x86 sle10-sp3-sdk.x86 sles10-sp3.x86 sles10-sp3-debuginfo.x86 ZYPP Patch Nr: 7059 |
| openSUSE 11.2 |
| |
| openSUSE 11.2 |
| |
| Open Enterprise Server |
| sles9-oes.x86 YOU Patch Nr: 12637 |
| SUSE Linux Enterprise SDK 10 SP2 |
| sles10-sp2-debuginfo.ia64 sle10-sp2-sdk.ia64 sles10-sp2.ia64 ZYPP Patch Nr: 7012 |
| SUSE Linux Enterprise SDK 10 SP2 |
| sles10-sp2-debuginfo.ppc sle10-sp2-sdk.ppc sles10-sp2.ppc ZYPP Patch Nr: 7013 |
| SUSE Linux Enterprise 11 GA DEBUGINFO |
| sles11.s390x sle11-hae.s390x SAT Patch Nr: 2687 |
| SUSE Linux Enterprise High Availability Extension 11 |
| sles11.s390x sle11-hae.s390x SAT Patch Nr: 2687 |
| SUSE Linux Enterprise Server 11 GA |
| sles11.s390x sle11-hae.s390x SAT Patch Nr: 2687 |