CVE-2009-2844 : cfg80211 in net/wireless/scan.c in the Linux kernel 2.6.30-rc1 and other version

cfg80211 in net/wireless/scan.c in the Linux kernel 2.6.30-rc1 and other versions before 2.6.31-rc6 allows remote attackers to cause a denial of service (crash) via a sequence of beacon frames in which one frame omits an SSID Information Element (IE) and the subsequent frame contains an SSID IE, which triggers a NULL pointer dereference in the cmp_ies function. NOTE: a potential weakness in the is_mesh function was also addressed, but the relevant condition did not exist in the code, so it is not a vulnerability.

Published 2009-08-18 21:00:00

Updated 2025-04-09 00:30:58

Source MITRE

View at NVD, CVE.org

Vulnerability category: Memory CorruptionDenial of service

Products affected by CVE-2009-2844

Linux » Linux Kernel » Update -rc5
Versions up to, including, (<=) 2.6.16.31
cpe:2.3:o:linux:linux_kernel:*:-rc5:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 2.6.0
cpe:2.3:o:linux:linux_kernel:2.6.0:*:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 2.6.1
cpe:2.3:o:linux:linux_kernel:2.6.1:*:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 2.6.10
cpe:2.3:o:linux:linux_kernel:2.6.10:*:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 2.6.11.7
cpe:2.3:o:linux:linux_kernel:2.6.11.7:*:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 2.6.11.8
cpe:2.3:o:linux:linux_kernel:2.6.11.8:*:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 2.6.11.5
cpe:2.3:o:linux:linux_kernel:2.6.11.5:*:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 2.6.11.6
cpe:2.3:o:linux:linux_kernel:2.6.11.6:*:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 2.6.11
cpe:2.3:o:linux:linux_kernel:2.6.11:*:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 2.6.11.1
cpe:2.3:o:linux:linux_kernel:2.6.11.1:*:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 2.6.11.2
cpe:2.3:o:linux:linux_kernel:2.6.11.2:*:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 2.6.11.3
cpe:2.3:o:linux:linux_kernel:2.6.11.3:*:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 2.6.11.4
cpe:2.3:o:linux:linux_kernel:2.6.11.4:*:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 2.6.11.11
cpe:2.3:o:linux:linux_kernel:2.6.11.11:*:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 2.6.13.4
cpe:2.3:o:linux:linux_kernel:2.6.13.4:*:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 2.6.13.3
cpe:2.3:o:linux:linux_kernel:2.6.13.3:*:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 2.6.12.3
cpe:2.3:o:linux:linux_kernel:2.6.12.3:*:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 2.6.12.2
cpe:2.3:o:linux:linux_kernel:2.6.12.2:*:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 2.6.13.5
cpe:2.3:o:linux:linux_kernel:2.6.13.5:*:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 2.6.12.5
cpe:2.3:o:linux:linux_kernel:2.6.12.5:*:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 2.6.12.4
cpe:2.3:o:linux:linux_kernel:2.6.12.4:*:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 2.6.13.2
cpe:2.3:o:linux:linux_kernel:2.6.13.2:*:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 2.6.13.1
cpe:2.3:o:linux:linux_kernel:2.6.13.1:*:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 2.6.12.1
cpe:2.3:o:linux:linux_kernel:2.6.12.1:*:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 2.6.12
cpe:2.3:o:linux:linux_kernel:2.6.12:*:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 2.6.11.12
cpe:2.3:o:linux:linux_kernel:2.6.11.12:*:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 2.6.13
cpe:2.3:o:linux:linux_kernel:2.6.13:*:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 2.6.12.6
cpe:2.3:o:linux:linux_kernel:2.6.12.6:*:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 2.6.11.9
cpe:2.3:o:linux:linux_kernel:2.6.11.9:*:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 2.6.11.10
cpe:2.3:o:linux:linux_kernel:2.6.11.10:*:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 2.6.14.4
cpe:2.3:o:linux:linux_kernel:2.6.14.4:*:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 2.6.14.2
cpe:2.3:o:linux:linux_kernel:2.6.14.2:*:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 2.6.14.5
cpe:2.3:o:linux:linux_kernel:2.6.14.5:*:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 2.6.14.3
cpe:2.3:o:linux:linux_kernel:2.6.14.3:*:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 2.6.14.1
cpe:2.3:o:linux:linux_kernel:2.6.14.1:*:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 2.6.14.6
cpe:2.3:o:linux:linux_kernel:2.6.14.6:*:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 2.6.14
cpe:2.3:o:linux:linux_kernel:2.6.14:*:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 2.6.14.7
cpe:2.3:o:linux:linux_kernel:2.6.14.7:*:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 2.6.15
cpe:2.3:o:linux:linux_kernel:2.6.15:*:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 2.6.15.5
cpe:2.3:o:linux:linux_kernel:2.6.15.5:*:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 2.6.15.2
cpe:2.3:o:linux:linux_kernel:2.6.15.2:*:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 2.6.15.3
cpe:2.3:o:linux:linux_kernel:2.6.15.3:*:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 2.6.15.4
cpe:2.3:o:linux:linux_kernel:2.6.15.4:*:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 2.6.15.1
cpe:2.3:o:linux:linux_kernel:2.6.15.1:*:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 2.6.16
cpe:2.3:o:linux:linux_kernel:2.6.16:*:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 2.6.15.7
cpe:2.3:o:linux:linux_kernel:2.6.15.7:*:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 2.6.15.6
cpe:2.3:o:linux:linux_kernel:2.6.15.6:*:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 2.6.16.1
cpe:2.3:o:linux:linux_kernel:2.6.16.1:*:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 2.6.16.3
cpe:2.3:o:linux:linux_kernel:2.6.16.3:*:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 2.6.16.2
cpe:2.3:o:linux:linux_kernel:2.6.16.2:*:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 2.6.16.12
cpe:2.3:o:linux:linux_kernel:2.6.16.12:*:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 2.6.16.13
cpe:2.3:o:linux:linux_kernel:2.6.16.13:*:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 2.6.16.14
cpe:2.3:o:linux:linux_kernel:2.6.16.14:*:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 2.6.16.15
cpe:2.3:o:linux:linux_kernel:2.6.16.15:*:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 2.6.16.10
cpe:2.3:o:linux:linux_kernel:2.6.16.10:*:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 2.6.16.11
cpe:2.3:o:linux:linux_kernel:2.6.16.11:*:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 2.6.16.16
cpe:2.3:o:linux:linux_kernel:2.6.16.16:*:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 2.6.16.20
cpe:2.3:o:linux:linux_kernel:2.6.16.20:*:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 2.6.16.19
cpe:2.3:o:linux:linux_kernel:2.6.16.19:*:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 2.6.16.17
cpe:2.3:o:linux:linux_kernel:2.6.16.17:*:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 2.6.16.18
cpe:2.3:o:linux:linux_kernel:2.6.16.18:*:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 2.6.16.22
cpe:2.3:o:linux:linux_kernel:2.6.16.22:*:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 2.6.16.21
cpe:2.3:o:linux:linux_kernel:2.6.16.21:*:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 2.6.16.23
cpe:2.3:o:linux:linux_kernel:2.6.16.23:*:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 2.6.16.30
cpe:2.3:o:linux:linux_kernel:2.6.16.30:*:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 2.6.16.31
cpe:2.3:o:linux:linux_kernel:2.6.16.31:*:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 2.6.16.26
cpe:2.3:o:linux:linux_kernel:2.6.16.26:*:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 2.6.16.27
cpe:2.3:o:linux:linux_kernel:2.6.16.27:*:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 2.6.16.29
cpe:2.3:o:linux:linux_kernel:2.6.16.29:*:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 2.6.16.24
cpe:2.3:o:linux:linux_kernel:2.6.16.24:*:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 2.6.16.25
cpe:2.3:o:linux:linux_kernel:2.6.16.25:*:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 2.6.16.28
cpe:2.3:o:linux:linux_kernel:2.6.16.28:*:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 2.6
cpe:2.3:o:linux:linux_kernel:2.6:*:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 2.6.16.31 Update -rc4
cpe:2.3:o:linux:linux_kernel:2.6.16.31:-rc4:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 2.6.16.31 Update -rc2
cpe:2.3:o:linux:linux_kernel:2.6.16.31:-rc2:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 2.6.16.31 Update -rc1
cpe:2.3:o:linux:linux_kernel:2.6.16.31:-rc1:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 2.6.16.31 Update -rc3
cpe:2.3:o:linux:linux_kernel:2.6.16.31:-rc3:*:*:*:*:*:*
Matching versions
Linux » Kernel » Version: 2.6.24.7
cpe:2.3:a:linux:kernel:2.6.24.7:*:*:*:*:*:*:*
Matching versions
Linux » Kernel » Version: 2.6.25.15
cpe:2.3:a:linux:kernel:2.6.25.15:*:*:*:*:*:*:*
Matching versions

Threat overview for CVE-2009-2844

Top countries where our scanners detected CVE-2009-2844

Top open port discovered on systems with this issue 80

IPs affected by CVE-2009-2844 112,906

Threat actors abusing to this issue? Yes

Find out if you^* are affected by CVE-2009-2844!

^*Directly or indirectly through your vendors, service providers and 3rd parties. Powered by attack surface intelligence from SecurityScorecard.

Exploit prediction scoring system (EPSS) score for CVE-2009-2844

EPSS FAQ

1.50%

Probability of exploitation activity in the next 30 days EPSS Score History

~ 79 %

Percentile, the proportion of vulnerabilities that are scored at or less

CVSS scores for CVE-2009-2844

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source	First Seen
7.8	HIGH	AV:N/AC:L/Au:N/C:N/I:N/A:C	10.0	6.9	NIST
Access Vector: Network Access Complexity: Low Authentication: None Confidentiality Impact: None Integrity Impact: None Availability Impact: Complete

CWE ids for CVE-2009-2844

CWE-399

Assigned by: nvd@nist.gov (Primary)

Vendor statements for CVE-2009-2844

Red Hat 2009-08-19

Not vulnerable. This issue did not affect the versions of Linux kernel as shipped with Red Hat Enterprise Linux 3, 4, 5 or Red Hat Enterprise MRG. Please note this issue only affected Linux kernel versions after v2.6.30-rc1 and was fixed in v2.6.31-rc6.

References for CVE-2009-2844

Jump to