What is the severity of CVE-2009-4272?

CVE-2009-4272 has been classified as a high-severity vulnerability due to its potential to cause denial of service in affected systems.

How do I fix CVE-2009-4272?

To fix CVE-2009-4272, apply the relevant security patches provided by Red Hat for your version of the Linux kernel.

Which systems are affected by CVE-2009-4272?

CVE-2009-4272 affects Red Hat Enterprise Linux 5.0 and systems running the Linux kernel version 2.6.18.

What type of attack does CVE-2009-4272 enable?

CVE-2009-4272 allows remote attackers to execute a denial of service attack by sending specially crafted packets.

Is CVE-2009-4272 exploitable from remote locations?

Yes, CVE-2009-4272 can be exploited by remote attackers to cause a deadlock in the system's routing functionality.

Vulnerability/
CVE-2009-4272

high

7.8

CWE

20 667

8/12/2009

27/1/2010

7/8/2024

CVE-2009-4272: Input Validation

First published: Tue Dec 08 2009(Updated: )

A certain Red Hat patch for net/ipv4/route.c in the Linux kernel 2.6.18 on Red Hat Enterprise Linux (RHEL) 5 allows remote attackers to cause a denial of service (deadlock) via crafted packets that force collisions in the IPv4 routing hash table, and trigger a routing "emergency" in which a hash chain is too long. NOTE: this is related to an issue in the Linux kernel before 2.6.31, when the kernel routing cache is disabled, involving an uninitialized pointer and a panic.

Credit: secalert@redhat.com

Affected Software	Affected Version	How to fix
Linux kernel	=2.6.18
Red Hat Enterprise Linux	=5
All of
Linux Kernel	=2.6.18
Red Hat Enterprise Linux	=5.0
Red Hat Enterprise Virtualization	=5.0
Red Hat Enterprise Linux Desktop	=5.0
Red Hat Enterprise Linux Server EUS	=5.4
Red Hat Enterprise Linux Server	=5.0
Red Hat Enterprise Linux Workstation	=5.0

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2009-4272?
CVE-2009-4272 has been classified as a high-severity vulnerability due to its potential to cause denial of service in affected systems.
How do I fix CVE-2009-4272?
To fix CVE-2009-4272, apply the relevant security patches provided by Red Hat for your version of the Linux kernel.
Which systems are affected by CVE-2009-4272?
CVE-2009-4272 affects Red Hat Enterprise Linux 5.0 and systems running the Linux kernel version 2.6.18.
What type of attack does CVE-2009-4272 enable?
CVE-2009-4272 allows remote attackers to execute a denial of service attack by sending specially crafted packets.
Is CVE-2009-4272 exploitable from remote locations?
Yes, CVE-2009-4272 can be exploited by remote attackers to cause a deadlock in the system's routing functionality.

collector/nvd-historical
agent/references
agent/type
agent/first-publish-date
collector/redhat-bugzilla
source/Red Hat
alias/CVE-2009-4272
agent/severity
agent/weakness
agent/description
collector/mitre-cve
source/MITRE
agent/last-modified-date
agent/event
agent/source
collector/nvd-index
agent/software-canonical-lookup-request
agent/author
agent/softwarecombine
agent/tags
collector/nvd-api
source/NVD
agent/software-canonical-lookup
vendor/linux
canonical/linux kernel
version/linux kernel/2.6.18
vendor/redhat
canonical/red hat enterprise linux
version/red hat enterprise linux/5
version/red hat enterprise linux/5.0
canonical/red hat enterprise virtualization
version/red hat enterprise virtualization/5.0
canonical/red hat enterprise linux desktop
version/red hat enterprise linux desktop/5.0
canonical/red hat enterprise linux server eus
version/red hat enterprise linux server eus/5.4
canonical/red hat enterprise linux server
version/red hat enterprise linux server/5.0
canonical/red hat enterprise linux workstation
version/red hat enterprise linux workstation/5.0