CVE-2009-4138

Medium CVSS 4.7

Overview

drivers/firewire/ohci.c in the Linux kernel before 2.6.32-git9, when packet-per-buffer mode is used, allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unknown other impact via an unspecified ioctl associated with receiving an ISO packet that contains zero in the payload-length field.

CWE: CWE-399 Published: 2009-12-16T19:30:01.157

Risk analysis

This vulnerability is rated 🟡 MEDIUM.

CVSS: 4.7 (MEDIUM)
Detected tags: none (tag impact: LOW)

Recommended actions:

Prioritize remediation based on business criticality and exposure.
Limit exposure and increase monitoring until fixed.

Overview

Recommended tools

Tags