Vulnerability-Lookup

CVE-2009-2844 (GCVE-0-2009-2844)

Vulnerability from cvelistv5 – Published: 2009-08-18 20:41 – Updated: 2024-08-07 06:07

Summary

cfg80211 in net/wireless/scan.c in the Linux kernel 2.6.30-rc1 and other versions before 2.6.31-rc6 allows remote attackers to cause a denial of service (crash) via a sequence of beacon frames in which one frame omits an SSID Information Element (IE) and the subsequent frame contains an SSID IE, which triggers a NULL pointer dereference in the cmp_ies function. NOTE: a potential weakness in the is_mesh function was also addressed, but the relevant condition did not exist in the code, so it is not a vulnerability.

Severity

No CVSS data available.

CWE

Assigner

mitre

References

7 references

URL	Tags
http://secunia.com/advisories/36278	third-party-advisoryx_refsource_SECUNIA
http://jon.oberheide.org/files/cfg80211-remote-dos.c	x_refsource_MISC
http://git.kernel.org/?p=linux/kernel/git/torvald…	x_refsource_CONFIRM
http://www.openwall.com/lists/oss-security/2009/08/17/2	mailing-listx_refsource_MLIST
http://www.openwall.com/lists/oss-security/2009/08/17/1	mailing-listx_refsource_MLIST
http://www.securityfocus.com/bid/36052	vdb-entryx_refsource_BID
http://www.kernel.org/pub/linux/kernel/v2.6/Chang…	x_refsource_CONFIRM

Date Public

2009-07-29 00:00

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T06:07:37.259Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "36278",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/36278"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://jon.oberheide.org/files/cfg80211-remote-dos.c"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commitdiff%3Bh=cd3468bad96c00b5a512f551674f36776129520e"
          },
          {
            "name": "[oss-security] 20090817 Re: CVE request: kernel: cfg80211: missing NULL pointer checks",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2009/08/17/2"
          },
          {
            "name": "[oss-security] 20090817 CVE request: kernel: cfg80211: missing NULL pointer checks",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2009/08/17/1"
          },
          {
            "name": "36052",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/36052"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.30.5"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2009-07-29T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "cfg80211 in net/wireless/scan.c in the Linux kernel 2.6.30-rc1 and other versions before 2.6.31-rc6 allows remote attackers to cause a denial of service (crash) via a sequence of beacon frames in which one frame omits an SSID Information Element (IE) and the subsequent frame contains an SSID IE, which triggers a NULL pointer dereference in the cmp_ies function.  NOTE: a potential weakness in the is_mesh function was also addressed, but the relevant condition did not exist in the code, so it is not a vulnerability."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2009-08-29T09:00:00.000Z",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "36278",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/36278"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://jon.oberheide.org/files/cfg80211-remote-dos.c"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commitdiff%3Bh=cd3468bad96c00b5a512f551674f36776129520e"
        },
        {
          "name": "[oss-security] 20090817 Re: CVE request: kernel: cfg80211: missing NULL pointer checks",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2009/08/17/2"
        },
        {
          "name": "[oss-security] 20090817 CVE request: kernel: cfg80211: missing NULL pointer checks",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2009/08/17/1"
        },
        {
          "name": "36052",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/36052"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.30.5"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2009-2844",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "cfg80211 in net/wireless/scan.c in the Linux kernel 2.6.30-rc1 and other versions before 2.6.31-rc6 allows remote attackers to cause a denial of service (crash) via a sequence of beacon frames in which one frame omits an SSID Information Element (IE) and the subsequent frame contains an SSID IE, which triggers a NULL pointer dereference in the cmp_ies function.  NOTE: a potential weakness in the is_mesh function was also addressed, but the relevant condition did not exist in the code, so it is not a vulnerability."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "36278",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/36278"
            },
            {
              "name": "http://jon.oberheide.org/files/cfg80211-remote-dos.c",
              "refsource": "MISC",
              "url": "http://jon.oberheide.org/files/cfg80211-remote-dos.c"
            },
            {
              "name": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commitdiff;h=cd3468bad96c00b5a512f551674f36776129520e",
              "refsource": "CONFIRM",
              "url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commitdiff;h=cd3468bad96c00b5a512f551674f36776129520e"
            },
            {
              "name": "[oss-security] 20090817 Re: CVE request: kernel: cfg80211: missing NULL pointer checks",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2009/08/17/2"
            },
            {
              "name": "[oss-security] 20090817 CVE request: kernel: cfg80211: missing NULL pointer checks",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2009/08/17/1"
            },
            {
              "name": "36052",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/36052"
            },
            {
              "name": "http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.30.5",
              "refsource": "CONFIRM",
              "url": "http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.30.5"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2009-2844",
    "datePublished": "2009-08-18T20:41:00.000Z",
    "dateReserved": "2009-08-18T00:00:00.000Z",
    "dateUpdated": "2024-08-07T06:07:37.259Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "epss": {
      "cve": "CVE-2009-2844",
      "date": "2026-06-06",
      "epss": "0.01735",
      "percentile": "0.8284"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2009-2844\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2009-08-18T21:00:00.313\",\"lastModified\":\"2026-04-23T00:35:47.467\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"cfg80211 in net/wireless/scan.c in the Linux kernel 2.6.30-rc1 and other versions before 2.6.31-rc6 allows remote attackers to cause a denial of service (crash) via a sequence of beacon frames in which one frame omits an SSID Information Element (IE) and the subsequent frame contains an SSID IE, which triggers a NULL pointer dereference in the cmp_ies function.  NOTE: a potential weakness in the is_mesh function was also addressed, but the relevant condition did not exist in the code, so it is not a vulnerability.\"},{\"lang\":\"es\",\"value\":\"cfg80211 en el archivo net/wireless/scan.c en el kernel de Linux versi\u00f3n 2.6.30-rc1 y otras versiones anteriores a 2.6.31-rc6,  permite a los atacantes remotos causar una denegaci\u00f3n de servicio (bloqueo de aplicaci\u00f3n) por medio de una secuencia de tramas beacon en los que una trama omite un Elemento de Informaci\u00f3n (IE) SSID y la trama posterior contiene un IE SSID, que desencadena una desreferencia de un puntero NULL en la funci\u00f3n cmp_ies. NOTA: tambi\u00e9n se abord\u00f3 una potencial debilidad en la funci\u00f3n is_mesh, pero la condici\u00f3n relevante no exist\u00eda en el c\u00f3digo, por lo que no es una vulnerabilidad.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:N/I:N/A:C\",\"baseScore\":7.8,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"COMPLETE\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":10.0,\"impactScore\":6.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-399\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:linux:kernel:2.6.24.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1760FDC9-BB79-4299-8A6D-482085EE5BD7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:linux:kernel:2.6.25.15:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"56EEB157-5037-4EAD-8625-35B91B167111\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:-rc5:*:*:*:*:*:*\",\"versionEndIncluding\":\"2.6.16.31\",\"matchCriteriaId\":\"6277DB43-CBB1-4E4A-B071-0D82CE293F3F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:2.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0FC560CC-F785-42D5-A25B-1BA02E7AC464\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:2.6.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"142BCD48-8387-4D0C-A052-44DD4144CBFF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:2.6.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E8220D81-9065-471F-9256-CFE7B9941555\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:2.6.10:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2CDE1E92-C64D-4A3B-95A2-384BD772B28B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:2.6.11:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9D90502F-EC45-4ADC-9428-B94346DA660B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:2.6.11.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1CD39A7A-9172-4B85-B8FE-CEB94207A897\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:2.6.11.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"35F5C369-6BFB-445F-AA8B-6F6FA7C33EF3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:2.6.11.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"81DE32C2-5B07-4812-9F88-000F5FB000C2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:2.6.11.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"02EED3D5-8F89-4B7F-A34B-52274B1A754F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:2.6.11.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5F87AA89-F377-4BEB-B69F-809F5DA6176C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:2.6.11.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C27AF62E-A026-43E9-89E6-CD807CE9DF51\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:2.6.11.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"79C2AE0E-DAE8-4443-B33F-6ABA9019AA88\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:2.6.11.8:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D343B121-C007-49F8-9DE8-AA05CE58FF0B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:2.6.11.9:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7936B7EE-9CD1-4698-AD67-C619D0171A88\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:2.6.11.10:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A1A2AA2D-5183-4C49-A59D-AEB7D9B5A69E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:2.6.11.11:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3A0370A2-0A23-4E34-A2AC-8D87D051B0B1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:2.6.11.12:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5738D628-0B2D-4F56-9427-2009BFCB6C11\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:2.6.12:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F43EBCB4-FCF4-479A-A44D-D913F7F09C77\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:2.6.12.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5C7BF3B2-CCD1-4D39-AE9C-AB24ABA57447\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:2.6.12.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"860F9225-8A3F-492C-B72B-5EFFB322802C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:2.6.12.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"19DFB4EF-EA1F-4680-9D97-2FDFAA4B4A25\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:2.6.12.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"57E23724-2CA4-4211-BB83-38661BE7E6AF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:2.6.12.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B0688B3F-F8F2-4C62-B7A3-08F9FDCE7A70\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:2.6.12.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3896C4A6-C2F6-47CE-818A-7EB3DBF15BC3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:2.6.13:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6143DC1F-D62E-4DB2-AF43-30A07413D68B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:2.6.13.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"298266AB-2A36-4606-BF80-2185FC56C4D2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:2.6.13.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7C2658CA-56C2-494F-AC42-618EC413CBDF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:2.6.13.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AD34526D-F2CC-44C5-991D-B1E41C327860\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:2.6.13.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C2F0B900-34E9-4545-B7AE-AF0A4363EACE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:2.6.13.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B36F432D-FED1-4B8D-A458-BEDEEF306AB1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:2.6.14:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5220F0FE-C4CC-4E75-A16A-4ADCABA7E8B8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:2.6.14.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"25379B32-D898-4E44-A740-978A129B5E05\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:2.6.14.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7B90F8F2-9549-413D-9676-3EF634D832B5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:2.6.14.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"915E64EF-6EEC-4DE2-A285-5F3FCE389645\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:2.6.14.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"585BEE46-088A-494E-8E18-03F33F6BBEA5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:2.6.14.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EFF35478-B292-4A00-B985-CEEDE8B212C3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:2.6.14.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6E85846A-61BE-4896-B4A6-42A7E1DBA515\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:2.6.14.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D6E3B925-031D-4F6D-915A-A16F0FFA878C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:2.6.15:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7344B707-6145-48BA-8BC9-9B140A260BCF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:2.6.15.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9BFCEA98-C708-4E1E-B189-E6F96D28F07A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:2.6.15.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2B753112-CCDE-4870-AA97-4AAA2946421A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:2.6.15.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"79B3AFE7-F4FF-4144-9046-E5926E305A03\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:2.6.15.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7616E197-ACCA-4191-A513-FD48417C7F88\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:2.6.15.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"ED1AA7FC-F5B9-406C-ABE4-0BE5E9889619\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:2.6.15.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7EE2F94D-E8E0-4BB7-A910-378012580025\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:2.6.15.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"66F5AE3B-B701-4579-B44A-0F7A4267852E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:2.6.16:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"34E60197-56C3-485C-9609-B1C4A0E0FCB2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:2.6.16.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"86E452E4-45A9-4469-BF69-F40B6598F0EA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:2.6.16.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C5751AC4-A60F-42C6-88E5-FC8CFEE6F696\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:2.6.16.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1FF886A6-7E73-47AD-B6A5-A9EC5BEDCD0C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:2.6.16.10:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"795C3B17-687E-4F33-AA99-8FEC16F14693\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:2.6.16.11:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F2BDD5C7-9B6A-41B5-8679-5062B8A6E11B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:2.6.16.12:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"190D5E2C-AD60-41F4-B29D-FB8EA8CB5FF6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:2.6.16.13:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6B81A4DD-2ADE-4455-B517-5E4E0532D5A1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:2.6.16.14:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4BD589CC-666B-4FAA-BCF0-91C484BDDB09\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:2.6.16.15:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4CD622EE-A840-42E1-B6BF-4AA27D039B12\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:2.6.16.16:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"900D6742-DE0F-45C5-A812-BF84088CB02A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:2.6.16.17:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"225CA94C-8C84-4FA6-95D0-160A0016FBFF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:2.6.16.18:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D88ED3C4-64C5-44B2-9F23-E16087046C40\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:2.6.16.19:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"03FB31E5-190C-489A-AB30-910D2CC854F2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:2.6.16.20:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EF4A781A-4A41-466F-8426-10B40CF8BA1A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:2.6.16.21:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9ED29B3F-456B-4767-8E59-8C19A3B7E1D8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:2.6.16.22:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F6316369-B54A-4E59-A022-E0610353B284\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:2.6.16.23:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"073C3CE0-E12D-4545-8460-5A1514271D50\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:2.6.16.24:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"670FAA25-A86F-4E04-A3A0-0B3FF6CF9C26\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:2.6.16.25:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AEB33DEA-13C7-4B36-AB8A-ED680679A071\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:2.6.16.26:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"86DD0FCC-BB12-410D-8C82-AB99C7C5311E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:2.6.16.27:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"83700989-8820-48DA-A9FE-6A77DF1E8439\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:2.6.16.28:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CC9F4CEC-7781-468B-B460-4F487B7C6601\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:2.6.16.29:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"67C75A62-8807-4821-9362-1E0D63C0A1B4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:2.6.16.30:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"894D4812-D62F-489E-8D0E-5E9468CE8EC9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:2.6.16.31:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C1F92E01-4F08-4364-9E87-FFBC095E32E7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:2.6.16.31:-rc1:*:*:*:*:*:*\",\"matchCriteriaId\":\"EC36074C-C310-4341-8B3C-BB34E572BF94\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:2.6.16.31:-rc2:*:*:*:*:*:*\",\"matchCriteriaId\":\"ECCC155A-C68C-44A8-8C44-7979C9889C34\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:2.6.16.31:-rc3:*:*:*:*:*:*\",\"matchCriteriaId\":\"040EBFDA-7F8D-428F-BB69-BB1B52BB868B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:2.6.16.31:-rc4:*:*:*:*:*:*\",\"matchCriteriaId\":\"69E703D2-8CC9-421A-9728-75E8FCFB4FE6\"}]}]}],\"references\":[{\"url\":\"http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commitdiff%3Bh=cd3468bad96c00b5a512f551674f36776129520e\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://jon.oberheide.org/files/cfg80211-remote-dos.c\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\"]},{\"url\":\"http://secunia.com/advisories/36278\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.30.5\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.openwall.com/lists/oss-security/2009/08/17/1\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2009/08/17/2\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\"]},{\"url\":\"http://www.securityfocus.com/bid/36052\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commitdiff%3Bh=cd3468bad96c00b5a512f551674f36776129520e\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://jon.oberheide.org/files/cfg80211-remote-dos.c\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"http://secunia.com/advisories/36278\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.30.5\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.openwall.com/lists/oss-security/2009/08/17/1\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2009/08/17/2\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"http://www.securityfocus.com/bid/36052\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}],\"vendorComments\":[{\"organization\":\"Red Hat\",\"comment\":\"Not vulnerable. This issue did not affect the versions of Linux kernel as shipped with Red Hat Enterprise Linux 3, 4, 5 or Red Hat Enterprise MRG.\\n\\nPlease note this issue only affected Linux kernel versions after v2.6.30-rc1 and was fixed in v2.6.31-rc6.\",\"lastModified\":\"2009-08-19T00:00:00\"}]}}"
  }
}

FKIE_CVE-2009-2844

Vulnerability from fkie_nvd - Published: 2009-08-18 21:00 - Updated: 2026-04-23 00:35

Severity

Summary

References

URL	Tags
cve@mitre.org	http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commitdiff%3Bh=cd3468bad96c00b5a512f551674f36776129520e
cve@mitre.org	http://jon.oberheide.org/files/cfg80211-remote-dos.c	Patch
cve@mitre.org	http://secunia.com/advisories/36278
cve@mitre.org	http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.30.5
cve@mitre.org	http://www.openwall.com/lists/oss-security/2009/08/17/1	Patch
cve@mitre.org	http://www.openwall.com/lists/oss-security/2009/08/17/2	Patch
cve@mitre.org	http://www.securityfocus.com/bid/36052
af854a3a-2127-422b-91ae-364da2661108	http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commitdiff%3Bh=cd3468bad96c00b5a512f551674f36776129520e
af854a3a-2127-422b-91ae-364da2661108	http://jon.oberheide.org/files/cfg80211-remote-dos.c	Patch
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/36278
af854a3a-2127-422b-91ae-364da2661108	http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.30.5
af854a3a-2127-422b-91ae-364da2661108	http://www.openwall.com/lists/oss-security/2009/08/17/1	Patch
af854a3a-2127-422b-91ae-364da2661108	http://www.openwall.com/lists/oss-security/2009/08/17/2	Patch
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/36052

Impacted products

Vendor	Product	Version
linux	kernel	2.6.24.7
linux	kernel	2.6.25.15
linux	linux_kernel	*
linux	linux_kernel	2.6
linux	linux_kernel	2.6.0
linux	linux_kernel	2.6.1
linux	linux_kernel	2.6.10
linux	linux_kernel	2.6.11
linux	linux_kernel	2.6.11.1
linux	linux_kernel	2.6.11.2
linux	linux_kernel	2.6.11.3
linux	linux_kernel	2.6.11.4
linux	linux_kernel	2.6.11.5
linux	linux_kernel	2.6.11.6
linux	linux_kernel	2.6.11.7
linux	linux_kernel	2.6.11.8
linux	linux_kernel	2.6.11.9
linux	linux_kernel	2.6.11.10
linux	linux_kernel	2.6.11.11
linux	linux_kernel	2.6.11.12
linux	linux_kernel	2.6.12
linux	linux_kernel	2.6.12.1
linux	linux_kernel	2.6.12.2
linux	linux_kernel	2.6.12.3
linux	linux_kernel	2.6.12.4
linux	linux_kernel	2.6.12.5
linux	linux_kernel	2.6.12.6
linux	linux_kernel	2.6.13
linux	linux_kernel	2.6.13.1
linux	linux_kernel	2.6.13.2
linux	linux_kernel	2.6.13.3
linux	linux_kernel	2.6.13.4
linux	linux_kernel	2.6.13.5
linux	linux_kernel	2.6.14
linux	linux_kernel	2.6.14.1
linux	linux_kernel	2.6.14.2
linux	linux_kernel	2.6.14.3
linux	linux_kernel	2.6.14.4
linux	linux_kernel	2.6.14.5
linux	linux_kernel	2.6.14.6
linux	linux_kernel	2.6.14.7
linux	linux_kernel	2.6.15
linux	linux_kernel	2.6.15.1
linux	linux_kernel	2.6.15.2
linux	linux_kernel	2.6.15.3
linux	linux_kernel	2.6.15.4
linux	linux_kernel	2.6.15.5
linux	linux_kernel	2.6.15.6
linux	linux_kernel	2.6.15.7
linux	linux_kernel	2.6.16
linux	linux_kernel	2.6.16.1
linux	linux_kernel	2.6.16.2
linux	linux_kernel	2.6.16.3
linux	linux_kernel	2.6.16.10
linux	linux_kernel	2.6.16.11
linux	linux_kernel	2.6.16.12
linux	linux_kernel	2.6.16.13
linux	linux_kernel	2.6.16.14
linux	linux_kernel	2.6.16.15
linux	linux_kernel	2.6.16.16
linux	linux_kernel	2.6.16.17
linux	linux_kernel	2.6.16.18
linux	linux_kernel	2.6.16.19
linux	linux_kernel	2.6.16.20
linux	linux_kernel	2.6.16.21
linux	linux_kernel	2.6.16.22
linux	linux_kernel	2.6.16.23
linux	linux_kernel	2.6.16.24
linux	linux_kernel	2.6.16.25
linux	linux_kernel	2.6.16.26
linux	linux_kernel	2.6.16.27
linux	linux_kernel	2.6.16.28
linux	linux_kernel	2.6.16.29
linux	linux_kernel	2.6.16.30
linux	linux_kernel	2.6.16.31
linux	linux_kernel	2.6.16.31
linux	linux_kernel	2.6.16.31
linux	linux_kernel	2.6.16.31
linux	linux_kernel	2.6.16.31

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:linux:kernel:2.6.24.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "1760FDC9-BB79-4299-8A6D-482085EE5BD7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:linux:kernel:2.6.25.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "56EEB157-5037-4EAD-8625-35B91B167111",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:*:-rc5:*:*:*:*:*:*",
              "matchCriteriaId": "6277DB43-CBB1-4E4A-B071-0D82CE293F3F",
              "versionEndIncluding": "2.6.16.31",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "0FC560CC-F785-42D5-A25B-1BA02E7AC464",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "142BCD48-8387-4D0C-A052-44DD4144CBFF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "E8220D81-9065-471F-9256-CFE7B9941555",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "2CDE1E92-C64D-4A3B-95A2-384BD772B28B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "9D90502F-EC45-4ADC-9428-B94346DA660B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.11.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "1CD39A7A-9172-4B85-B8FE-CEB94207A897",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.11.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "35F5C369-6BFB-445F-AA8B-6F6FA7C33EF3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.11.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "81DE32C2-5B07-4812-9F88-000F5FB000C2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.11.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "02EED3D5-8F89-4B7F-A34B-52274B1A754F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.11.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "5F87AA89-F377-4BEB-B69F-809F5DA6176C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.11.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "C27AF62E-A026-43E9-89E6-CD807CE9DF51",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.11.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "79C2AE0E-DAE8-4443-B33F-6ABA9019AA88",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.11.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "D343B121-C007-49F8-9DE8-AA05CE58FF0B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.11.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "7936B7EE-9CD1-4698-AD67-C619D0171A88",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.11.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "A1A2AA2D-5183-4C49-A59D-AEB7D9B5A69E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.11.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "3A0370A2-0A23-4E34-A2AC-8D87D051B0B1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.11.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "5738D628-0B2D-4F56-9427-2009BFCB6C11",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "F43EBCB4-FCF4-479A-A44D-D913F7F09C77",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.12.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "5C7BF3B2-CCD1-4D39-AE9C-AB24ABA57447",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.12.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "860F9225-8A3F-492C-B72B-5EFFB322802C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.12.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "19DFB4EF-EA1F-4680-9D97-2FDFAA4B4A25",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.12.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "57E23724-2CA4-4211-BB83-38661BE7E6AF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.12.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "B0688B3F-F8F2-4C62-B7A3-08F9FDCE7A70",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.12.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "3896C4A6-C2F6-47CE-818A-7EB3DBF15BC3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "6143DC1F-D62E-4DB2-AF43-30A07413D68B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.13.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "298266AB-2A36-4606-BF80-2185FC56C4D2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.13.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "7C2658CA-56C2-494F-AC42-618EC413CBDF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.13.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "AD34526D-F2CC-44C5-991D-B1E41C327860",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.13.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "C2F0B900-34E9-4545-B7AE-AF0A4363EACE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.13.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "B36F432D-FED1-4B8D-A458-BEDEEF306AB1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.14:*:*:*:*:*:*:*",
              "matchCriteriaId": "5220F0FE-C4CC-4E75-A16A-4ADCABA7E8B8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.14.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "25379B32-D898-4E44-A740-978A129B5E05",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.14.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "7B90F8F2-9549-413D-9676-3EF634D832B5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.14.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "915E64EF-6EEC-4DE2-A285-5F3FCE389645",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.14.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "585BEE46-088A-494E-8E18-03F33F6BBEA5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.14.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "EFF35478-B292-4A00-B985-CEEDE8B212C3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.14.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "6E85846A-61BE-4896-B4A6-42A7E1DBA515",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.14.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "D6E3B925-031D-4F6D-915A-A16F0FFA878C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "7344B707-6145-48BA-8BC9-9B140A260BCF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.15.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "9BFCEA98-C708-4E1E-B189-E6F96D28F07A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.15.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "2B753112-CCDE-4870-AA97-4AAA2946421A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.15.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "79B3AFE7-F4FF-4144-9046-E5926E305A03",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.15.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "7616E197-ACCA-4191-A513-FD48417C7F88",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.15.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "ED1AA7FC-F5B9-406C-ABE4-0BE5E9889619",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.15.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "7EE2F94D-E8E0-4BB7-A910-378012580025",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.15.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "66F5AE3B-B701-4579-B44A-0F7A4267852E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.16:*:*:*:*:*:*:*",
              "matchCriteriaId": "34E60197-56C3-485C-9609-B1C4A0E0FCB2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.16.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "86E452E4-45A9-4469-BF69-F40B6598F0EA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.16.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "C5751AC4-A60F-42C6-88E5-FC8CFEE6F696",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.16.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "1FF886A6-7E73-47AD-B6A5-A9EC5BEDCD0C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.16.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "795C3B17-687E-4F33-AA99-8FEC16F14693",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.16.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "F2BDD5C7-9B6A-41B5-8679-5062B8A6E11B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.16.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "190D5E2C-AD60-41F4-B29D-FB8EA8CB5FF6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.16.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "6B81A4DD-2ADE-4455-B517-5E4E0532D5A1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.16.14:*:*:*:*:*:*:*",
              "matchCriteriaId": "4BD589CC-666B-4FAA-BCF0-91C484BDDB09",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.16.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "4CD622EE-A840-42E1-B6BF-4AA27D039B12",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.16.16:*:*:*:*:*:*:*",
              "matchCriteriaId": "900D6742-DE0F-45C5-A812-BF84088CB02A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.16.17:*:*:*:*:*:*:*",
              "matchCriteriaId": "225CA94C-8C84-4FA6-95D0-160A0016FBFF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.16.18:*:*:*:*:*:*:*",
              "matchCriteriaId": "D88ED3C4-64C5-44B2-9F23-E16087046C40",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.16.19:*:*:*:*:*:*:*",
              "matchCriteriaId": "03FB31E5-190C-489A-AB30-910D2CC854F2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.16.20:*:*:*:*:*:*:*",
              "matchCriteriaId": "EF4A781A-4A41-466F-8426-10B40CF8BA1A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.16.21:*:*:*:*:*:*:*",
              "matchCriteriaId": "9ED29B3F-456B-4767-8E59-8C19A3B7E1D8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.16.22:*:*:*:*:*:*:*",
              "matchCriteriaId": "F6316369-B54A-4E59-A022-E0610353B284",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.16.23:*:*:*:*:*:*:*",
              "matchCriteriaId": "073C3CE0-E12D-4545-8460-5A1514271D50",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.16.24:*:*:*:*:*:*:*",
              "matchCriteriaId": "670FAA25-A86F-4E04-A3A0-0B3FF6CF9C26",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.16.25:*:*:*:*:*:*:*",
              "matchCriteriaId": "AEB33DEA-13C7-4B36-AB8A-ED680679A071",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.16.26:*:*:*:*:*:*:*",
              "matchCriteriaId": "86DD0FCC-BB12-410D-8C82-AB99C7C5311E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.16.27:*:*:*:*:*:*:*",
              "matchCriteriaId": "83700989-8820-48DA-A9FE-6A77DF1E8439",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.16.28:*:*:*:*:*:*:*",
              "matchCriteriaId": "CC9F4CEC-7781-468B-B460-4F487B7C6601",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.16.29:*:*:*:*:*:*:*",
              "matchCriteriaId": "67C75A62-8807-4821-9362-1E0D63C0A1B4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.16.30:*:*:*:*:*:*:*",
              "matchCriteriaId": "894D4812-D62F-489E-8D0E-5E9468CE8EC9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.16.31:*:*:*:*:*:*:*",
              "matchCriteriaId": "C1F92E01-4F08-4364-9E87-FFBC095E32E7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.16.31:-rc1:*:*:*:*:*:*",
              "matchCriteriaId": "EC36074C-C310-4341-8B3C-BB34E572BF94",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.16.31:-rc2:*:*:*:*:*:*",
              "matchCriteriaId": "ECCC155A-C68C-44A8-8C44-7979C9889C34",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.16.31:-rc3:*:*:*:*:*:*",
              "matchCriteriaId": "040EBFDA-7F8D-428F-BB69-BB1B52BB868B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.16.31:-rc4:*:*:*:*:*:*",
              "matchCriteriaId": "69E703D2-8CC9-421A-9728-75E8FCFB4FE6",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "cfg80211 in net/wireless/scan.c in the Linux kernel 2.6.30-rc1 and other versions before 2.6.31-rc6 allows remote attackers to cause a denial of service (crash) via a sequence of beacon frames in which one frame omits an SSID Information Element (IE) and the subsequent frame contains an SSID IE, which triggers a NULL pointer dereference in the cmp_ies function.  NOTE: a potential weakness in the is_mesh function was also addressed, but the relevant condition did not exist in the code, so it is not a vulnerability."
    },
    {
      "lang": "es",
      "value": "cfg80211 en el archivo net/wireless/scan.c en el kernel de Linux versi\u00f3n 2.6.30-rc1 y otras versiones anteriores a 2.6.31-rc6,  permite a los atacantes remotos causar una denegaci\u00f3n de servicio (bloqueo de aplicaci\u00f3n) por medio de una secuencia de tramas beacon en los que una trama omite un Elemento de Informaci\u00f3n (IE) SSID y la trama posterior contiene un IE SSID, que desencadena una desreferencia de un puntero NULL en la funci\u00f3n cmp_ies. NOTA: tambi\u00e9n se abord\u00f3 una potencial debilidad en la funci\u00f3n is_mesh, pero la condici\u00f3n relevante no exist\u00eda en el c\u00f3digo, por lo que no es una vulnerabilidad."
    }
  ],
  "id": "CVE-2009-2844",
  "lastModified": "2026-04-23T00:35:47.467",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 7.8,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 6.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2009-08-18T21:00:00.313",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commitdiff%3Bh=cd3468bad96c00b5a512f551674f36776129520e"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch"
      ],
      "url": "http://jon.oberheide.org/files/cfg80211-remote-dos.c"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/36278"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.30.5"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch"
      ],
      "url": "http://www.openwall.com/lists/oss-security/2009/08/17/1"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch"
      ],
      "url": "http://www.openwall.com/lists/oss-security/2009/08/17/2"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/bid/36052"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commitdiff%3Bh=cd3468bad96c00b5a512f551674f36776129520e"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://jon.oberheide.org/files/cfg80211-remote-dos.c"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/36278"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.30.5"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://www.openwall.com/lists/oss-security/2009/08/17/1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://www.openwall.com/lists/oss-security/2009/08/17/2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/36052"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vendorComments": [
    {
      "comment": "Not vulnerable. This issue did not affect the versions of Linux kernel as shipped with Red Hat Enterprise Linux 3, 4, 5 or Red Hat Enterprise MRG.\n\nPlease note this issue only affected Linux kernel versions after v2.6.30-rc1 and was fixed in v2.6.31-rc6.",
      "lastModified": "2009-08-19T00:00:00",
      "organization": "Red Hat"
    }
  ],
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-399"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

GHSA-H6CM-XHVP-X8JM

Vulnerability from github – Published: 2022-05-02 03:39 – Updated: 2025-04-09 04:13

Details

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2009-2844"
  ],
  "database_specific": {
    "cwe_ids": [],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2009-08-18T21:00:00Z",
    "severity": "HIGH"
  },
  "details": "cfg80211 in net/wireless/scan.c in the Linux kernel 2.6.30-rc1 and other versions before 2.6.31-rc6 allows remote attackers to cause a denial of service (crash) via a sequence of beacon frames in which one frame omits an SSID Information Element (IE) and the subsequent frame contains an SSID IE, which triggers a NULL pointer dereference in the cmp_ies function.  NOTE: a potential weakness in the is_mesh function was also addressed, but the relevant condition did not exist in the code, so it is not a vulnerability.",
  "id": "GHSA-h6cm-xhvp-x8jm",
  "modified": "2025-04-09T04:13:04Z",
  "published": "2022-05-02T03:39:02Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2009-2844"
    },
    {
      "type": "WEB",
      "url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commitdiff%3Bh=cd3468bad96c00b5a512f551674f36776129520e"
    },
    {
      "type": "WEB",
      "url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commitdiff;h=cd3468bad96c00b5a512f551674f36776129520e"
    },
    {
      "type": "WEB",
      "url": "http://jon.oberheide.org/files/cfg80211-remote-dos.c"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/36278"
    },
    {
      "type": "WEB",
      "url": "http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.30.5"
    },
    {
      "type": "WEB",
      "url": "http://www.openwall.com/lists/oss-security/2009/08/17/1"
    },
    {
      "type": "WEB",
      "url": "http://www.openwall.com/lists/oss-security/2009/08/17/2"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/36052"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

GSD-2009-2844

Vulnerability from gsd - Updated: 2023-12-13 01:19

Details

Aliases

CVE-2009-2844

Aliases

CVE-2009-2844

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2009-2844",
    "description": "cfg80211 in net/wireless/scan.c in the Linux kernel 2.6.30-rc1 and other versions before 2.6.31-rc6 allows remote attackers to cause a denial of service (crash) via a sequence of beacon frames in which one frame omits an SSID Information Element (IE) and the subsequent frame contains an SSID IE, which triggers a NULL pointer dereference in the cmp_ies function.  NOTE: a potential weakness in the is_mesh function was also addressed, but the relevant condition did not exist in the code, so it is not a vulnerability.",
    "id": "GSD-2009-2844",
    "references": [
      "https://www.suse.com/security/cve/CVE-2009-2844.html"
    ]
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2009-2844"
      ],
      "details": "cfg80211 in net/wireless/scan.c in the Linux kernel 2.6.30-rc1 and other versions before 2.6.31-rc6 allows remote attackers to cause a denial of service (crash) via a sequence of beacon frames in which one frame omits an SSID Information Element (IE) and the subsequent frame contains an SSID IE, which triggers a NULL pointer dereference in the cmp_ies function.  NOTE: a potential weakness in the is_mesh function was also addressed, but the relevant condition did not exist in the code, so it is not a vulnerability.",
      "id": "GSD-2009-2844",
      "modified": "2023-12-13T01:19:46.225947Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "cve@mitre.org",
        "ID": "CVE-2009-2844",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "cfg80211 in net/wireless/scan.c in the Linux kernel 2.6.30-rc1 and other versions before 2.6.31-rc6 allows remote attackers to cause a denial of service (crash) via a sequence of beacon frames in which one frame omits an SSID Information Element (IE) and the subsequent frame contains an SSID IE, which triggers a NULL pointer dereference in the cmp_ies function.  NOTE: a potential weakness in the is_mesh function was also addressed, but the relevant condition did not exist in the code, so it is not a vulnerability."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "36278",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/36278"
          },
          {
            "name": "http://jon.oberheide.org/files/cfg80211-remote-dos.c",
            "refsource": "MISC",
            "url": "http://jon.oberheide.org/files/cfg80211-remote-dos.c"
          },
          {
            "name": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commitdiff;h=cd3468bad96c00b5a512f551674f36776129520e",
            "refsource": "CONFIRM",
            "url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commitdiff;h=cd3468bad96c00b5a512f551674f36776129520e"
          },
          {
            "name": "[oss-security] 20090817 Re: CVE request: kernel: cfg80211: missing NULL pointer checks",
            "refsource": "MLIST",
            "url": "http://www.openwall.com/lists/oss-security/2009/08/17/2"
          },
          {
            "name": "[oss-security] 20090817 CVE request: kernel: cfg80211: missing NULL pointer checks",
            "refsource": "MLIST",
            "url": "http://www.openwall.com/lists/oss-security/2009/08/17/1"
          },
          {
            "name": "36052",
            "refsource": "BID",
            "url": "http://www.securityfocus.com/bid/36052"
          },
          {
            "name": "http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.30.5",
            "refsource": "CONFIRM",
            "url": "http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.30.5"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.6.11.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.6.11.4:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.6.11.5:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.6.11.8:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.6.12.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.6.14.7:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.6.14.5:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.6.14.6:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.6.16:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.6.15.7:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.6.15.6:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.6.15.5:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.6.16.25:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.6.16.28:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.6.16.27:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.6.16.22:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:linux:linux_kernel:*:-rc5:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "2.6.16.31",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.6.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.6.11:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.6.11.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:linux:kernel:2.6.25.15:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:linux:kernel:2.6.24.7:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.6.12.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.6.12.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.6.12.5:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.6.12.4:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.6.14.4:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.6.14.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.6.14.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.6.15:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.6.16.14:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.6.16.11:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.6.16.13:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.6.16.10:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.6.16.29:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.6.16.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.6.16.30:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.6.16.31:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.6.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.6:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.6.11.11:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.6.11.9:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.6.12:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.6.13:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.6.13.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.6.13.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.6.13.5:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.6.13.4:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.6.15.4:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.6.15.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.6.16.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.6.16.17:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.6.16.12:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.6.16.16:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.6.16.20:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.6.16.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.6.16.23:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.6.16.31:-rc3:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.6.16.31:-rc4:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.6.11.6:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.6.10:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.6.11.10:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.6.11.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.6.11.7:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.6.11.12:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.6.12.6:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.6.13.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.6.14:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.6.14.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.6.15.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.6.15.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.6.16.18:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.6.16.19:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.6.16.15:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.6.16.26:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.6.16.21:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.6.16.24:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.6.16.31:-rc2:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.6.16.31:-rc1:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2009-2844"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "cfg80211 in net/wireless/scan.c in the Linux kernel 2.6.30-rc1 and other versions before 2.6.31-rc6 allows remote attackers to cause a denial of service (crash) via a sequence of beacon frames in which one frame omits an SSID Information Element (IE) and the subsequent frame contains an SSID IE, which triggers a NULL pointer dereference in the cmp_ies function.  NOTE: a potential weakness in the is_mesh function was also addressed, but the relevant condition did not exist in the code, so it is not a vulnerability."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-399"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://jon.oberheide.org/files/cfg80211-remote-dos.c",
              "refsource": "MISC",
              "tags": [
                "Patch"
              ],
              "url": "http://jon.oberheide.org/files/cfg80211-remote-dos.c"
            },
            {
              "name": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commitdiff;h=cd3468bad96c00b5a512f551674f36776129520e",
              "refsource": "CONFIRM",
              "tags": [
                "Exploit"
              ],
              "url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commitdiff;h=cd3468bad96c00b5a512f551674f36776129520e"
            },
            {
              "name": "[oss-security] 20090817 Re: CVE request: kernel: cfg80211: missing NULL pointer checks",
              "refsource": "MLIST",
              "tags": [
                "Patch"
              ],
              "url": "http://www.openwall.com/lists/oss-security/2009/08/17/2"
            },
            {
              "name": "[oss-security] 20090817 CVE request: kernel: cfg80211: missing NULL pointer checks",
              "refsource": "MLIST",
              "tags": [
                "Patch"
              ],
              "url": "http://www.openwall.com/lists/oss-security/2009/08/17/1"
            },
            {
              "name": "36278",
              "refsource": "SECUNIA",
              "tags": [],
              "url": "http://secunia.com/advisories/36278"
            },
            {
              "name": "http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.30.5",
              "refsource": "CONFIRM",
              "tags": [],
              "url": "http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.30.5"
            },
            {
              "name": "36052",
              "refsource": "BID",
              "tags": [],
              "url": "http://www.securityfocus.com/bid/36052"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "COMPLETE",
            "baseScore": 7.8,
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
            "version": "2.0"
          },
          "exploitabilityScore": 10.0,
          "impactScore": 6.9,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "HIGH",
          "userInteractionRequired": false
        }
      },
      "lastModifiedDate": "2012-03-19T04:00Z",
      "publishedDate": "2009-08-18T21:00Z"
    }
  }
}

Sightings

Author	Source	Type	Date	Other

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2009-2844 (GCVE-0-2009-2844)

FKIE_CVE-2009-2844

GHSA-H6CM-XHVP-X8JM

GSD-2009-2844

Tags

Sightings

Nomenclature