|Date: (C)2010-01-12 (M)2017-11-18|| |
drivers/net/e1000/e1000_main.c in the e1000 driver in the Linux kernel 126.96.36.199 and earlier handles Ethernet frames that exceed the MTU by processing certain trailing payload data as if it were a complete frame, which allows remote attackers to bypass packet filters via a large packet with a crafted payload. NOTE: this vulnerability exists because of an incorrect fix for CVE-2009-1385.
|CVSS Score: 7.8||Access Vector: NETWORK|
|Exploit Score: 10.0||Access Complexity: LOW|
|Impact Score: 6.9||Authentication: NONE|
| ||Confidentiality: NONE|
| ||Integrity: NONE|
| ||Availability: COMPLETE|