Home > Vulnerability Database > CVE-2009-2903

Mend.io Vulnerability Database

CVE-2009-2903

Good to know:

Date: September 15, 2009

Memory leak in the appletalk subsystem in the Linux kernel 2.4.x through 2.4.37.6 and 2.6.x through 2.6.31, when the appletalk and ipddp modules are loaded but the ipddp"N" device is not found, allows remote attackers to cause a denial of service (memory consumption) via IP-DDP datagrams.

Language: C

Severity Score

8.8

Related Resources (18)

Url: http://lists.opensuse.org/opensuse-security-announce/2009-12/msg00005.html

Url: http://secunia.com/advisories/36707

Url: http://lists.opensuse.org/opensuse-security-announce/2010-02/msg00005.html

Url: http://lists.opensuse.org/opensuse-security-announce/2009-12/msg00002.html

Url: https://bugzilla.redhat.com/show_bug.cgi?id=522331

Url: http://git.kernel.org/?p=linux/kernel/git/davem/net-next-2.6.git%3Ba=commit%3Bh=ffcfb8db540ff879c2a85bf7e404954281443414

Url: http://lists.opensuse.org/opensuse-security-announce/2010-02/msg00007.html

Url: http://secunia.com/advisories/37105

Url: http://www.openwall.com/lists/oss-security/2009/09/17/11

Url: http://www.mandriva.com/security/advisories?name=MDVSA-2009:329

Url: https://nvd.nist.gov/vuln/detail/CVE-2009-2903

Url: http://www.securityfocus.com/bid/36379

Url: https://people.canonical.com/~ubuntu-security/cve/CVE-2009-2903

Url: http://www.ubuntu.com/usn/USN-852-1

Url: http://www.openwall.com/lists/oss-security/2009/09/14/1

Url: http://secunia.com/advisories/37909

Url: http://www.openwall.com/lists/oss-security/2009/09/14/2

Url: https://www.mend.io/vulnerability-database/CVE-2009-2903

Severity Score

8.8

Weakness Type (CWE)

Resource Management Errors

CWE-399

Missing Release of Resource after Effective Lifetime

CWE-772

Top Fix

Upgrade Version

Upgrade to version v2.6.32-rc1

Learn More

CVSS v3.1

Base Score:	8.8
Attack Vector (AV):	ADJACENT_NETWORK
Attack Complexity (AC):	LOW
Privileges Required (PR):	NONE
User Interaction (UI):	NONE
Scope (S):	UNCHANGED
Confidentiality (C):	HIGH
Integrity (I):	HIGH
Availability (A):	HIGH

CVSS v2

Base Score:	7.1
Access Vector (AV):	NETWORK
Access Complexity (AC):	MEDIUM
Authentication (AU):	NONE
Confidentiality (C):	NONE
Integrity (I):	NONE
Availability (A):	COMPLETE
Additional information:

Mend.io Vulnerability Database

We found results for “”

CVE-2009-2903

Good to know:

Date: September 15, 2009

Language: C

Severity Score

Related Resources (18)

Severity Score

Weakness Type (CWE)

Top Fix

Upgrade Version

CVSS v3.1

CVSS v2

Do you need more information?