Unrated severityNVD Advisory· Published Sep 15, 2009· Updated Apr 23, 2026

CVE-2009-2903

Description

Memory leak in the appletalk subsystem in the Linux kernel 2.4.x through 2.4.37.6 and 2.6.x through 2.6.31, when the appletalk and ipddp modules are loaded but the ipddp"N" device is not found, allows remote attackers to cause a denial of service (memory consumption) via IP-DDP datagrams.

Affected products

Linux/Kernel
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Range: >=2.4.0,<=2.4.37.6
SUSE S.A./Linux Enterprise Debuginfo2 versions
cpe:2.3:a:suse:linux_enterprise_debuginfo:10:sp2:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:suse:linux_enterprise_debuginfo:10:sp2:*:*:*:*:*:*
- cpe:2.3:a:suse:linux_enterprise_debuginfo:10:sp3:*:*:*:*:*:*
SUSE S.A./Linux Enterprise Desktop2 versions
cpe:2.3:o:suse:linux_enterprise_desktop:10:sp2:*:*:*:*:*:*+ 1 more
- cpe:2.3:o:suse:linux_enterprise_desktop:10:sp2:*:*:*:*:*:*
- cpe:2.3:o:suse:linux_enterprise_desktop:10:sp3:*:*:*:*:*:*
SUSE S.A./Linux Enterprise Server3 versions
cpe:2.3:o:suse:linux_enterprise_server:9:*:*:*:*:*:*:*+ 2 more
- cpe:2.3:o:suse:linux_enterprise_server:9:*:*:*:*:*:*:*
- cpe:2.3:o:suse:linux_enterprise_server:10:sp2:*:*:*:*:*:*
- cpe:2.3:o:suse:linux_enterprise_server:10:sp3:*:*:*:*:*:*
SUSE S.A./Linux Enterprise Software Development Kit2 versions
cpe:2.3:o:suse:linux_enterprise_software_development_kit:10:sp2:*:*:*:*:*:*+ 1 more
- cpe:2.3:o:suse:linux_enterprise_software_development_kit:10:sp2:*:*:*:*:*:*
- cpe:2.3:o:suse:linux_enterprise_software_development_kit:10:sp3:*:*:*:*:*:*
Canonical/Ubuntu Linux4 versions
cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:*:*:*:*+ 3 more
- cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:*:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:-:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:8.10:*:*:*:*:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:9.04:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

lists.opensuse.org/opensuse-security-announce/2009-12/msg00002.htmlnvdMailing ListThird Party Advisory
lists.opensuse.org/opensuse-security-announce/2009-12/msg00005.htmlnvdMailing ListThird Party Advisory
lists.opensuse.org/opensuse-security-announce/2010-02/msg00005.htmlnvdMailing ListThird Party Advisory
lists.opensuse.org/opensuse-security-announce/2010-02/msg00007.htmlnvdMailing ListThird Party Advisory
secunia.com/advisories/36707nvdThird Party Advisory
secunia.com/advisories/37105nvdThird Party Advisory
secunia.com/advisories/37909nvdThird Party Advisory
www.mandriva.com/security/advisoriesnvdThird Party Advisory
www.openwall.com/lists/oss-security/2009/09/14/1nvdMailing ListThird Party Advisory
www.openwall.com/lists/oss-security/2009/09/14/2nvdMailing ListThird Party Advisory
www.openwall.com/lists/oss-security/2009/09/17/11nvdMailing ListThird Party Advisory
www.securityfocus.com/bid/36379nvdThird Party AdvisoryVDB Entry
www.ubuntu.com/usn/USN-852-1nvdThird Party Advisory
bugzilla.redhat.com/show_bug.cginvdIssue TrackingThird Party Advisory

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.003
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000