Strix
26.1K

CVE-2009-2187

UnknownEPSS 0.48%

Last modified

CVE-2009-2187 is a vulnerability of currently unknown severity. Multiple memory leaks in the (1) IP and (2) IPv6 multicast implementation in the kernel in Sun Solaris 10, and OpenSolaris snv_67 through snv_93, allow local users to cause a denial of service (memory consumption) via vectors related to the association of (a) DL_ENABMULTI_REQ and (b) DL_DISABMULTI_REQ messages with ARP messages.. EPSS estimates a 0.48% chance of exploitation in the next 30 days.

Description

Multiple memory leaks in the (1) IP and (2) IPv6 multicast implementation in the kernel in Sun Solaris 10, and OpenSolaris snv_67 through snv_93, allow local users to cause a denial of service (memory consumption) via vectors related to the association of (a) DL_ENABMULTI_REQ and (b) DL_DISABMULTI_REQ messages with ARP messages.

Metrics

EPSS Probability
0.48%

37.8th percentile

Probability of exploitation in the next 30 days. Learn more

Weakness Enumeration

Affected Software

VendorProductVersions
SunOpensolarissnv_67
SunOpensolarissnv_68
SunOpensolarissnv_69
SunOpensolarissnv_70
SunOpensolarissnv_71
SunOpensolarissnv_72
SunOpensolarissnv_73
SunOpensolarissnv_74
SunOpensolarissnv_75
SunOpensolarissnv_76
SunOpensolarissnv_77
SunOpensolarissnv_78
SunOpensolarissnv_79
SunOpensolarissnv_80
SunOpensolarissnv_81
SunOpensolarissnv_82
SunOpensolarissnv_83
SunOpensolarissnv_84
SunOpensolarissnv_85
SunOpensolarissnv_86
SunOpensolarissnv_87
SunOpensolarissnv_88
SunOpensolarissnv_89
SunOpensolarissnv_90
SunOpensolarissnv_91
SunOpensolarissnv_92
SunOpensolarissnv_93
SunSolaris10.0

References

Timeline

Published
Last Modified
Status
Modified

Frequently Asked Questions

What is CVE-2009-2187?
Multiple memory leaks in the (1) IP and (2) IPv6 multicast implementation in the kernel in Sun Solaris 10, and OpenSolaris snv_67 through snv_93, allow local users to cause a denial of service (memory consumption) via vectors related to the association of (a) DL_ENABMULTI_REQ and (b) DL_DISABMULTI_REQ messages with ARP messages.
How severe is CVE-2009-2187?
Severity scoring for CVE-2009-2187 is pending analysis. The EPSS model estimates a 0.48% probability of exploitation in the next 30 days.
How do I fix CVE-2009-2187?
Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2009-2187?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST