CVE ID:	CVE-2009-1389
Description:	Buffer overflow in the RTL8169 NIC driver (drivers/net/r8169.c) in the Linux kernel before 2.6.30 allows remote attackers to cause a denial of service (kernel memory corruption and crash) via a long packet.
Test IDs:	1.3.6.1.4.1.25623.1.0.64748   1.3.6.1.4.1.25623.1.0.64555
Cross References:	Common Vulnerability Exposure (CVE) ID: CVE-2009-1389 1023507 http://www.securitytracker.com/id?1023507 20090724 rPSA-2009-0111-1 kernel http://www.securityfocus.com/archive/1/505254/100/0/threaded 20091120 VMSA-2009-0016 VMware vCenter and ESX update release and vMA patch release address multiple security issue in third party components http://www.securityfocus.com/archive/1/507985/100/0/threaded 35265 http://secunia.com/advisories/35265 35281 http://www.securityfocus.com/bid/35281 35566 http://secunia.com/advisories/35566 35847 http://secunia.com/advisories/35847 36045 http://secunia.com/advisories/36045 36051 http://secunia.com/advisories/36051 36131 http://secunia.com/advisories/36131 36327 http://secunia.com/advisories/36327 37298 http://secunia.com/advisories/37298 37471 http://secunia.com/advisories/37471 40645 http://secunia.com/advisories/40645 ADV-2009-3316 http://www.vupen.com/english/advisories/2009/3316 ADV-2010-0219 http://www.vupen.com/english/advisories/2010/0219 ADV-2010-1857 http://www.vupen.com/english/advisories/2010/1857 DSA-1844 http://www.debian.org/security/2009/dsa-1844 DSA-1865 http://www.debian.org/security/2009/dsa-1865 FEDORA-2009-6768 https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01094.html FEDORA-2009-6846 https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01193.html FEDORA-2009-6883 https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01048.html MDVSA-2009:148 http://www.mandriva.com/security/advisories?name=MDVSA-2009:148 RHSA-2009:1157 http://www.redhat.com/support/errata/RHSA-2009-1157.html RHSA-2009:1193 http://www.redhat.com/support/errata/RHSA-2009-1193.html SUSE-SA:2009:038 http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00004.html SUSE-SA:2010:031 http://lists.opensuse.org/opensuse-security-announce/2010-07/msg00006.html USN-807-1 http://www.ubuntu.com/usn/usn-807-1 [linux-kernel] 20090608 [Security, resend] Instant crash with rtl8169 and large packets http://lkml.org/lkml/2009/6/8/194 [linux-netdev] 20090214 r8169: instant crash if receiving packet larger than MTU http://marc.info/?l=linux-netdev&m=123462461713724&w=2 [oss-security] 20090610 CVE-2009-1389 kernel: r8169: fix crash when large packets are received http://www.openwall.com/lists/oss-security/2009/06/10/1 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commitdiff%3Bh=fdd7b4c3302c93f6833e338903ea77245eb510b4 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commitdiff%3Bh=fdd7b4c3302c93f6833e338903ea77245eb510b4 http://support.avaya.com/css/P8/documents/100067254 http://support.avaya.com/css/P8/documents/100067254 http://support.citrix.com/article/CTX123453 http://support.citrix.com/article/CTX123453 http://wiki.rpath.com/Advisories:rPSA-2009-0111 http://wiki.rpath.com/Advisories:rPSA-2009-0111 http://www.vmware.com/security/advisories/VMSA-2009-0016.html http://www.vmware.com/security/advisories/VMSA-2009-0016.html https://bugzilla.redhat.com/show_bug.cgi?id=504726 https://bugzilla.redhat.com/show_bug.cgi?id=504726 linux-kernel-rtl8169nic-dos(51051) https://exchange.xforce.ibmcloud.com/vulnerabilities/51051 oval:org.mitre.oval:def:10415 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10415 oval:org.mitre.oval:def:8108 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8108