On tiisdei 9 Juny 2009, Ben Hutchings wrote: > Package: linux-2.6 > Version: 2.6.29-5 > Severity: critical > Tags: security patch > > Some or all NICs supported by r8169 seem to ignore the buffer sizes in > RX descriptors, and will write up to the global maximum frame size. > This means a remote attacker can overflow RX buffers, probably > allowing for code injection. This should be fixed by the patch posted > in: > > http://article.gmane.org/gmane.linux.network/130114
This is CVE-2009-1389. The severity of this issue is still debated. Thijs
signature.asc
Description: This is a digitally signed message part.
