CVE-2009-4138

Publication date 16 December 2009

Last updated 24 July 2024

drivers/firewire/ohci.c in the Linux kernel before 2.6.32-git9, when packet-per-buffer mode is used, allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unknown other impact via an unspecified ioctl associated with receiving an ISO packet that contains zero in the payload-length field.

Status

Show unmaintained releases

Package	Ubuntu Release	Status
linux	9.10 karmic	Fixed 2.6.31-19.56
	9.04 jaunty	Fixed 2.6.28-18.59
	8.10 intrepid	Fixed 2.6.27-17.45
	8.04 LTS hardy	Fixed 2.6.24-27.65
	6.06 LTS dapper	Not in release
linux-source-2.6.15	9.10 karmic	Not in release
	9.04 jaunty	Not in release
	8.10 intrepid	Not in release
	8.04 LTS hardy	Not in release
	6.06 LTS dapper	Not affected

How can I get the fixes?
What do statuses mean?

References

MITRE
NVD
Launchpad
Debian

Related Ubuntu Security Notices (USN)

USN-894-1
Linux kernel vulnerabilities
5 February 2010

Other references

https://www.cve.org/CVERecord?id=CVE-2009-4138