High severity7.5NVD Advisory· Published Jan 27, 2010· Updated Apr 29, 2026
CVE-2009-4272
CVE-2009-4272
Description
A certain Red Hat patch for net/ipv4/route.c in the Linux kernel 2.6.18 on Red Hat Enterprise Linux (RHEL) 5 allows remote attackers to cause a denial of service (deadlock) via crafted packets that force collisions in the IPv4 routing hash table, and trigger a routing "emergency" in which a hash chain is too long. NOTE: this is related to an issue in the Linux kernel before 2.6.31, when the kernel routing cache is disabled, involving an uninitialized pointer and a panic.
Affected products
6- cpe:2.3:a:redhat:virtualization:5.0:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_eus:5.4:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
10- bugzilla.redhat.com/show_bug.cginvdExploitIssue Tracking
- support.avaya.com/css/P8/documents/100073666nvdThird Party Advisory
- exchange.xforce.ibmcloud.com/vulnerabilities/55808nvdThird Party AdvisoryVDB Entry
- rhn.redhat.com/errata/RHSA-2010-0046.htmlnvdVendor Advisory
- rhn.redhat.com/errata/RHSA-2010-0095.htmlnvdVendor Advisory
- www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.31nvdBroken Link
- www.openwall.com/lists/oss-security/2010/01/20/1nvdMailing List
- www.openwall.com/lists/oss-security/2010/01/20/6nvdMailing List
- oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11167nvdBroken Link
- oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7026nvdBroken Link
News mentions
0No linked articles in our index yet.