Privacy and Legal Notice

DOE-CIRC TECHNICAL BULLETIN

T-172: Linux Kernel 'e1000/e1000_main.c' Remote Denial of Service Vulnerability

June 29, 2009 21:00 GMT
PROBLEM: The Linux kernel is vulnerable to a denial of service attack.
PLATFORM: RedHat Fedora 9 0 RedHat Fedora 11 RedHat Fedora 10 MandrakeSoft Linux Mandrake 2009.0 x86_64 MandrakeSoft Linux Mandrake 2009.0 Linux Kernel 2.6.1 through 2.6.29 + Trustix Secure Enterprise Linux 2.0 + Trustix Secure Linux 2.2 + Trustix Secure Linux 2.1 + Trustix Secure Linux 2.0 + Ubuntu Ubuntu Linux 4.1 ppc + Ubuntu Ubuntu Linux 4.1 ia64 + Ubuntu Ubuntu Linux 4.1 ia32 + S.u.S.E. Linux Personal 9.2 x86_64 + S.u.S.E. Linux Personal 9.2 Intel e1000 Driver 7.4.35
ABSTRACT: The Linux kernel is prone to a remote denial-of-service vulnerability due to a design flaw in a kernel network interface driver.
LINKS:  
  DOE-CIRC BULLETIN: http://www.doecirc.energy.gov/bulletins/t-172.shtml
  OTHER LINKS: Security Focus
http://www.securityfocus.com/bid/35185/
SourceForge
http://sourceforge.net
Git.Kernel
http://git.kernel.org
Kernel.org
http://www.kernel.org
Intel
http://www.intel.com/support/network/sb/CS-030543.htm

  CVE: CVE-2009-1385
IMPACT ASSESSMENT: This risk is medium. Denial of Service, widely used throughout DOE complex. 
Discussion:
The Linux kernel is prone to a remote denial-of-service vulnerability due to a design flaw in a kernel network interface driver. 

Attackers can exploit this issue via crafted packets to cause a kernel panic, denying service to legitimate users.

Currently we are not aware of any working exploits.

Updates to correct the design flaw now are available.
DOE-CIRC wishes to acknowledge the contributions of Neil Horman for the information contained in this bulletin.
DOE-CIRC services are available to DOE, DOE Contractors, and the NIH. DOE-CIRC can be contacted at: 
    Voice:          866-941-2472
    E-mail:          doecirc@doecirc.energy.gov
    World Wide Web:  http://www.doecirc.energy.gov
UCRL-MI-119788