CVE-2009-2844: Null Pointer Dereference
First published: Tue Aug 18 2009(Updated: )
cfg80211 in net/wireless/scan.c in the Linux kernel 2.6.30-rc1 and other versions before 2.6.31-rc6 allows remote attackers to cause a denial of service (crash) via a sequence of beacon frames in which one frame omits an SSID Information Element (IE) and the subsequent frame contains an SSID IE, which triggers a NULL pointer dereference in the cmp_ies function. NOTE: a potential weakness in the is_mesh function was also addressed, but the relevant condition did not exist in the code, so it is not a vulnerability.
Credit: cve@mitre.org cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Linux Linux kernel | =2.6.11 | |
| Linux Linux kernel | =2.6.16.16 | |
| Linux Linux kernel | =2.6.11.2 | |
| Linux Linux kernel | =2.6.15.3 | |
| Linux Linux kernel | =2.6.11.10 | |
| Linux Linux kernel | =2.6.1 | |
| Linux Linux kernel | =2.6.14.7 | |
| Linux Linux kernel | =2.6.13 | |
| Linux Linux kernel | =2.6.13.3 | |
| Linux Linux kernel | =2.6.11.8 | |
| Linux Linux kernel | =2.6.14.4 | |
| Linux Linux kernel | =2.6.14 | |
| Linux Linux kernel | =2.6.16.31--rc3 | |
| Linux Linux kernel | =2.6.16.18 | |
| Linux Linux kernel | =2.6.10 | |
| Linux Linux kernel | =2.6.14.3 | |
| Linux Linux kernel | =2.6.11.6 | |
| Linux Linux kernel | =2.6.11.11 | |
| Linux Linux kernel | =2.6.16.13 | |
| Linux Linux kernel | =2.6.16.15 | |
| Linux Linux kernel | =2.6.15.6 | |
| Linux Linux kernel | =2.6.15.1 | |
| Linux Linux kernel | =2.6.11.5 | |
| Linux Linux kernel | =2.6.16.1 | |
| Linux Linux kernel | =2.6.14.5 | |
| Linux Linux kernel | =2.6.13.2 | |
| Linux Linux kernel | =2.6.13.5 | |
| Linux Linux kernel | =2.6.16.11 | |
| Linux Linux kernel | =2.6.16.14 | |
| Linux Linux kernel | =2.6.16.25 | |
| Linux Linux kernel | =2.6.16.21 | |
| Linux Linux kernel | =2.6.16.28 | |
| Linux Linux kernel | =2.6.14.1 | |
| Linux Linux kernel | =2.6.16.23 | |
| Linux Linux kernel | =2.6.12.5 | |
| Linux Linux kernel | =2.6.15.7 | |
| Linux Linux kernel | =2.6.16.3 | |
| Linux Linux kernel | =2.6.14.6 | |
| Linux Linux kernel | =2.6.12.1 | |
| Linux Linux kernel | =2.6.11.9 | |
| Linux Linux kernel | =2.6.0 | |
| Linux Linux kernel | =2.6.13.4 | |
| Linux Linux kernel | =2.6.12.2 | |
| Linux Linux kernel | =2.6.16.31 | |
| Linux Linux kernel | =2.6.16.26 | |
| Linux Linux kernel | =2.6.16.29 | |
| Linux Linux kernel | =2.6.16 | |
| Linux Linux kernel | =2.6.15.2 | |
| Linux Linux kernel | =2.6.16.22 | |
| Linux Linux kernel | =2.6.16.10 | |
| Linux Linux kernel | =2.6.12.4 | |
| Linux Linux kernel | =2.6.11.3 | |
| Linux Linux kernel | =2.6.16.24 | |
| Linux Linux kernel | =2.6.16.31--rc2 | |
| Linux kernel | =2.6.24.7 | |
| Linux Linux kernel | =2.6.12.3 | |
| Linux Linux kernel | =2.6.16.30 | |
| Linux Linux kernel | =2.6.15.4 | |
| Linux Linux kernel | =2.6.16.17 | |
| Linux Linux kernel | =2.6.16.12 | |
| Linux Linux kernel | =2.6.16.31--rc1 | |
| Linux Linux kernel | =2.6.16.27 | |
| Linux Linux kernel | =2.6.12.6 | |
| Linux Linux kernel | <=2.6.16.31 | |
| Linux Linux kernel | =2.6.11.7 | |
| Linux Linux kernel | =2.6.16.2 | |
| Linux Linux kernel | =2.6.15 | |
| Linux kernel | =2.6.25.15 | |
| Linux Linux kernel | =2.6.14.2 | |
| Linux Linux kernel | =2.6.11.4 | |
| Linux Linux kernel | =2.6.16.19 | |
| Linux Linux kernel | =2.6.11.12 | |
| Linux Linux kernel | =2.6.16.20 | |
| Linux Linux kernel | =2.6.15.5 | |
| Linux Linux kernel | =2.6.11.1 | |
| Linux Linux kernel | =2.6.16.31--rc4 | |
| Linux Linux kernel | =2.6.13.1 | |
| Linux Linux kernel | =2.6 | |
| Linux Linux kernel | =2.6.12 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://jon.oberheide.org/files/cfg80211-remote-dos.c
- http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commitdiff;h=cd3468bad96c00b5a512f551674f36776129520e
- http://www.openwall.com/lists/oss-security/2009/08/17/2
- http://www.openwall.com/lists/oss-security/2009/08/17/1
- http://secunia.com/advisories/36278
- http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.30.5
- http://www.securityfocus.com/bid/36052
- http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commitdiff%3Bh=cd3468bad96c00b5a512f551674f36776129520e
- collector/nvd-historical
- collector/nvd-api
- collector/nvd-index
- agent/weakness
- agent/references
- agent/severity
- agent/author
- agent/type
- agent/event
- agent/description
- agent/remedy
- agent/last-modified-date
- agent/softwarecombine
- agent/first-publish-date
- agent/tags
- collector/mitre-cve
- source/MITRE
- vendor/linux
- canonical/linux linux kernel
- version/linux linux kernel/2.6.11
- version/linux linux kernel/2.6.16.16
- version/linux linux kernel/2.6.11.2
- version/linux linux kernel/2.6.15.3
- version/linux linux kernel/2.6.11.10
- version/linux linux kernel/2.6.1
- version/linux linux kernel/2.6.14.7
- version/linux linux kernel/2.6.13
- version/linux linux kernel/2.6.13.3
- version/linux linux kernel/2.6.11.8
- version/linux linux kernel/2.6.14.4
- version/linux linux kernel/2.6.14
- version/linux linux kernel/2.6.16.31--rc3
- version/linux linux kernel/2.6.16.18
- version/linux linux kernel/2.6.10
- version/linux linux kernel/2.6.14.3
- version/linux linux kernel/2.6.11.6
- version/linux linux kernel/2.6.11.11
- version/linux linux kernel/2.6.16.13
- version/linux linux kernel/2.6.16.15
- version/linux linux kernel/2.6.15.6
- version/linux linux kernel/2.6.15.1
- version/linux linux kernel/2.6.11.5
- version/linux linux kernel/2.6.16.1
- version/linux linux kernel/2.6.14.5
- version/linux linux kernel/2.6.13.2
- version/linux linux kernel/2.6.13.5
- version/linux linux kernel/2.6.16.11
- version/linux linux kernel/2.6.16.14
- version/linux linux kernel/2.6.16.25
- version/linux linux kernel/2.6.16.21
- version/linux linux kernel/2.6.16.28
- version/linux linux kernel/2.6.14.1
- version/linux linux kernel/2.6.16.23
- version/linux linux kernel/2.6.12.5
- version/linux linux kernel/2.6.15.7
- version/linux linux kernel/2.6.16.3
- version/linux linux kernel/2.6.14.6
- version/linux linux kernel/2.6.12.1
- version/linux linux kernel/2.6.11.9
- version/linux linux kernel/2.6.0
- version/linux linux kernel/2.6.13.4
- version/linux linux kernel/2.6.12.2
- version/linux linux kernel/2.6.16.31
- version/linux linux kernel/2.6.16.26
- version/linux linux kernel/2.6.16.29
- version/linux linux kernel/2.6.16
- version/linux linux kernel/2.6.15.2
- version/linux linux kernel/2.6.16.22
- version/linux linux kernel/2.6.16.10
- version/linux linux kernel/2.6.12.4
- version/linux linux kernel/2.6.11.3
- version/linux linux kernel/2.6.16.24
- version/linux linux kernel/2.6.16.31--rc2
- canonical/linux kernel
- version/linux kernel/2.6.24.7
- version/linux linux kernel/2.6.12.3
- version/linux linux kernel/2.6.16.30
- version/linux linux kernel/2.6.15.4
- version/linux linux kernel/2.6.16.17
- version/linux linux kernel/2.6.16.12
- version/linux linux kernel/2.6.16.31--rc1
- version/linux linux kernel/2.6.16.27
- version/linux linux kernel/2.6.12.6
- version/linux linux kernel/2.6.11.7
- version/linux linux kernel/2.6.16.2
- version/linux linux kernel/2.6.15
- version/linux kernel/2.6.25.15
- version/linux linux kernel/2.6.14.2
- version/linux linux kernel/2.6.11.4
- version/linux linux kernel/2.6.16.19
- version/linux linux kernel/2.6.11.12
- version/linux linux kernel/2.6.16.20
- version/linux linux kernel/2.6.15.5
- version/linux linux kernel/2.6.11.1
- version/linux linux kernel/2.6.16.31--rc4
- version/linux linux kernel/2.6.13.1
- version/linux linux kernel/2.6
- version/linux linux kernel/2.6.12