Linux Kernel e1000 Ethernet Card Driver Buffer Overflow Vulnerability

SecurityFocus.com ^ | May 14, 2004 | SecurityFocus.com

[Bush2000]

Linux Kernel e1000 Ethernet Card Driver Buffer Overflow Vulnerability

Reportedly the Linux kernel e1000 Ethernet card driver is affected by a buffer overflow vulnerability. This issue is due to a failure of the application to validate user input lengths before processing them.

This issue might allow an attacker to corrupt kernel memory space. It might be possible to leverage this issue to execute arbitrary code on the affected system, although this has not been verified.

bugtraq id 10352
object
class Boundary Condition Error
cve CVE-MAP-NOMATCH

remote Unknown
local Yes
published May 14, 2004
updated May 14, 2004
vulnerable
Linux kernel 2.4 .0-test9
Linux kernel 2.4 .0-test8
Linux kernel 2.4 .0-test7
Linux kernel 2.4 .0-test6
Linux kernel 2.4 .0-test5
Linux kernel 2.4 .0-test4
Linux kernel 2.4 .0-test3
Linux kernel 2.4 .0-test2
Linux kernel 2.4 .0-test12
Linux kernel 2.4 .0-test11
Linux kernel 2.4 .0-test10
Linux kernel 2.4 .0-test1
Linux kernel 2.4
Linux kernel 2.4.1
Linux kernel 2.4.2
+ Caldera OpenLinux Server 3.1
+ Caldera OpenLinux Workstation 3.1
+ RedHat Linux 7.1 alpha
+ RedHat Linux 7.1 i386
Linux kernel 2.4.3
+ MandrakeSoft Linux Mandrake 8.0
+ MandrakeSoft Linux Mandrake 8.0 ppc
Linux kernel 2.4.4
+ S.u.S.E. Linux 7.2
Linux kernel 2.4.5
+ Slackware Linux 8.0
Linux kernel 2.4.6
Linux kernel 2.4.7
+ RedHat Linux 7.2
+ S.u.S.E. Linux 7.1
+ S.u.S.E. Linux 7.2
Linux kernel 2.4.8
+ MandrakeSoft Linux Mandrake 8.0
+ MandrakeSoft Linux Mandrake 8.1
+ MandrakeSoft Linux Mandrake 8.2
Linux kernel 2.4.9
+ RedHat Enterprise Linux AS 2.1
+ RedHat Enterprise Linux AS 2.1 IA64
+ RedHat Enterprise Linux ES 2.1
+ RedHat Enterprise Linux ES 2.1 IA64
+ RedHat Enterprise Linux WS 2.1
+ RedHat Enterprise Linux WS 2.1 IA64
+ RedHat Linux 7.1 alpha
+ RedHat Linux 7.1 i386
+ RedHat Linux 7.1 ia64
+ RedHat Linux 7.2 alpha
+ RedHat Linux 7.2 i386
+ RedHat Linux 7.2 ia64
+ Sun Linux 5.0
+ Sun Linux 5.0.3
+ Sun Linux 5.0.5
Linux kernel 2.4.10
+ S.u.S.E. Linux 7.3
Linux kernel 2.4.11
Linux kernel 2.4.12
+ Conectiva Linux 7.0
Linux kernel 2.4.13
+ Caldera OpenLinux Server 3.1.1
+ Caldera OpenLinux Workstation 3.1.1
Linux kernel 2.4.14
Linux kernel 2.4.15
Linux kernel 2.4.16
+ Sun Cobalt RaQ 550
Linux kernel 2.4.17
Linux kernel 2.4.18 pre-8
Linux kernel 2.4.18 pre-7
Linux kernel 2.4.18 pre-6
Linux kernel 2.4.18 pre-5
Linux kernel 2.4.18 pre-4
Linux kernel 2.4.18 pre-3
Linux kernel 2.4.18 pre-2
Linux kernel 2.4.18 pre-1
Linux kernel 2.4.18 x86
+ Debian Linux 3.0 ia-32
Linux kernel 2.4.18
+ Astaro Security Linux 2.0 16
+ Astaro Security Linux 2.0 23
+ Debian Linux 3.0 alpha
+ Debian Linux 3.0 arm
+ Debian Linux 3.0 hppa
+ Debian Linux 3.0 ia-32
+ Debian Linux 3.0 ia-64
+ Debian Linux 3.0 m68k
+ Debian Linux 3.0 mips
+ Debian Linux 3.0 mipsel
+ Debian Linux 3.0 ppc
+ Debian Linux 3.0 s/390
+ Debian Linux 3.0 sparc
+ MandrakeSoft Linux Mandrake 8.0
+ MandrakeSoft Linux Mandrake 8.1
+ MandrakeSoft Linux Mandrake 8.2
+ RedHat Advanced Workstation for the Itanium Processor 2.1 IA64
+ RedHat Enterprise Linux AS 2.1 IA64
+ RedHat Linux 7.3
+ RedHat Linux 8.0
+ S.u.S.E. Linux 7.1
+ S.u.S.E. Linux 7.2
+ S.u.S.E. Linux 7.3
+ S.u.S.E. Linux 8.0
+ S.u.S.E. Linux 8.1
+ S.u.S.E. Linux 8.2
+ S.u.S.E. Linux Connectivity Server
+ S.u.S.E. Linux Database Server
+ S.u.S.E. Linux Enterprise Server 7
+ S.u.S.E. Linux Enterprise Server 8
+ S.u.S.E. Linux Firewall on CD
+ S.u.S.E. Linux Office Server
+ S.u.S.E. Linux Openexchange Server
+ S.u.S.E. SuSE eMail Server 3.1
+ S.u.S.E. SuSE eMail Server III
+ Turbolinux Turbolinux Server 7.0
+ Turbolinux Turbolinux Server 8.0
+ Turbolinux Turbolinux Workstation 7.0
+ Turbolinux Turbolinux Workstation 8.0
Linux kernel 2.4.19 -pre6
Linux kernel 2.4.19 -pre5
Linux kernel 2.4.19 -pre4
Linux kernel 2.4.19 -pre3
Linux kernel 2.4.19 -pre2
Linux kernel 2.4.19 -pre1
Linux kernel 2.4.19
+ Conectiva Linux 8.0
+ Conectiva Linux Enterprise Edition 1.0
+ MandrakeSoft Corporate Server 2.1
+ MandrakeSoft Corporate Server 2.1 x86_64
+ MandrakeSoft Linux Mandrake 9.0
+ MandrakeSoft Multi Network Firewall 8.2
+ S.u.S.E. Linux 8.1
+ Slackware Linux -current
Linux kernel 2.4.20
+ CRUX CRUX Linux 1.0
+ Gentoo Linux 1.2
+ RedHat Linux 9.0 i386
+ Slackware Linux 9.0
+ WOLK WOLK 4.4 s
Linux kernel 2.4.21 pre7
Linux kernel 2.4.21 pre4
+ MandrakeSoft Linux Mandrake 9.1
+ MandrakeSoft Linux Mandrake 9.1 ppc
Linux kernel 2.4.21 pre1
Linux kernel 2.4.21
+ Conectiva Linux 9.0
+ MandrakeSoft Linux Mandrake 9.1
+ MandrakeSoft Linux Mandrake 9.1 ppc
+ S.u.S.E. Linux 9.0
+ S.u.S.E. Linux 9.0 x86_64
+ S.u.S.E. Linux Enterprise Server 8
Linux kernel 2.4.22
+ Devil-Linux Devil-Linux 1.0.4
+ Devil-Linux Devil-Linux 1.0.5
+ MandrakeSoft Linux Mandrake 9.2
+ MandrakeSoft Linux Mandrake 9.2 amd64
+ RedHat Fedora Core1
+ Slackware Linux 9.1
Linux kernel 2.4.23 -pre9
Linux kernel 2.4.23 -ow2
Linux kernel 2.4.23
+ Trustix Secure Linux 2.0
Linux kernel 2.4.24 -ow1
Linux kernel 2.4.24
Linux kernel 2.4.25
Linux kernel 2.4.26
Linux kernel 2.4.27 -pre1

not vulnerable Linux kernel 2.4.27 -pre2

[N3WBI3]

http://www.cert.org/advisories/CA-2003-16.html

Yea there is not way Windows would ever have a buffer overflow problem on its NIC...

[inflation]

Them is lies. The truth can only come from those messages originating from microsoft or from those orgs that are paid from the holy coffers of microsoft.

;->

[Bush2000]

The only biggot on this thread is you

It's "bigot", you dolt.

I am content to use windows and Linux, OSS and Closed source... Just because you ignore the problems of your fan boy os does not mean I do..

You're the one trying to change the subject to Windows, fan boy. /SARCASM

So let me ask you do have to be a chicom to see the windows kernel?

Try to stay on topic. It's not that difficult.

[N3WBI3]

Again the CVS vulnerability is found and fixed on the same day..

Boy OSS is having a crappy day showing its source control and code checking procedures.

BTW if I cant be sure if linux is fixed (even though I can see the source) how can I be sure a windows patch actually ever fixes anything??

[Bush2000]

Yea there is not way Windows would ever have a buffer overflow problem on its NIC...

Sheezus, what a dim bulb. RPC ain't the NIC driver.

[inflation]

That isn't an overflow in a driver, that is a security issue with a windows subsystem that, while not directly related to the NIC drivers, uses the network subsystems to do it's work.

For windows NIC driver bugs you may have to search the microsoft knowledge base (for drivers supported by microsoft) or the 3rd party vendors themselves.

[Bush2000]

Again the CVS vulnerability is found and fixed on the same day..

Thank God every CVS server on the planet has been simultaneously upgraded with this patch -- and no single CVS server exists that hasn't upgraded. /SARCASM

[Golden Eagle]

A freaking driver bug causes a kernel meltdown? Must be a benefit of that space age monolithic design, LOL.

[Golden Eagle]

80 freaking different patches for one bug. When you're working for free, there goes the weekend I rekon.

[Bush2000]

"Hey, it's the last Linux bug. I swear. This time!"

[inflation]

Remind me again where the video drivers for W2K and up execute?

[BlazingArizona]

Does Linux causes the heartbreak of psoriasis, too?

[aynrandfreak]

I believe from your past posts that you are a troll. I hope the admin moderator watches your posts, because you seem to be more interested in causing trouble here than having a serious talk about ideas. Before you get into the free speech stuff, this site is Jim Robinson's property, which I respect, and I hope he or the admin moderator eventually sees you for who you are and exercises their right to boot you off of here.

Some of my ideas are very different from many conservatives here, but I had enough respect for what I get out of this site to not start picking fights with several people my first few days posting.

[inflation]

Mr. or Mrs. Admin Moderator, which ever one it may be, Am I being a troll? While my husband says I can be a very hardheaded person at times I fail to see how my posting rises to the level of being a troll. If I am, please accept my appoligize and let me know what I am doing wrong and it will not happen again. I appoligize if I am wasting your time, just let me know.

[inflation]

My comment that you responded to was a comment on a technical point, what in it (or my other comments) did you identify as trollish behavior.

Thank You.

[inflation]

If I may have a few momemnts of your time, what exactly did you find so offensive about my posts that you felt the need to have me removed from this site?

Thanks!

[adam_az]

"Typical change-the-subject-behavior. /SARCASM"

Beats the F out of making a point, being proven wrong, then abandoning a thread.... like you do, Bush Zero-Thousand, charter member of the Microsoft Dope Tokerville Institution, or is it Society, or whatever. ;)

[adam_az]

"Not a good day for OSS bigots."

With you, there are 2 classes of people...

Microsoft using Paladins

OSS Bigots.

Why can't you fathom that there are legions of happy OSS *USERS* out there?

[N3WBI3]

Find one post where anyone ever said this is the last bug which will appear in Linux...

[N3WBI3]

Umm out of 20 Production Boxes I have one CVS server. That CVS server is not using the e1000 chipset.. One bug, one patch, done..