Candidate: CVE-2009-4537
Description:
 regression in r8169 driver
References:
 http://www.openwall.com/lists/oss-security/2009/12/31/1
 http://marc.info/?t=126202986900002&r=1&w=2 
Notes:
 the patch for this issue is partial; in the sense that any deviation from the
 default settings opens the hole right back up.  Ben Hutchings has volunteered
 to work on a comprehensive fix if someone provides him the hardware.  see:
 http://lkml.org/lkml/2010/3/29/448
Bugs:
upstream: released (2.6.34-rc3) [c0cd884a]
2.6.32-upstream-stable: released (2.6.32.12)
linux-2.6: released (2.6.32-11) [bugfix/all/net-r8169-improved-rx-length-check-errors.patch]
2.6.26-lenny-security: released (2.6.26-22lenny1) [bugfix/all/net-r8169-improved-rx-length-check-errors.patch, bugfix/all/r8169-offical-fix-for-cve-2009-4537-overlength-frame-dmas.patch]
2.6.32-squeeze-security: released (2.6.32-11) [bugfix/all/net-r8169-improved-rx-length-check-errors.patch]