blob: a89e59e1f1d1189a9859fd4973d8162abaa055fe (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
|
Candidate: CVE-2008-2750
Description:
The pppol2tp_recvmsg function in drivers/net/pppol2tp.c in the Linux
kernel 2.6 before 2.6.26-rc6 allows remote attackers to cause a denial
of service (kernel heap memory corruption and system crash) and possibly
have unspecified other impact via a crafted PPPOL2TP packet that results
in a large value for a certain length variable.
References:
Ubuntu-Description:
Notes:
kees> linux-2.6: 6b6707a50c7598a83820077393f8823ab791abf8
Bugs:
upstream: released (2.6.26-rc6)
linux-2.6: released (2.6.26-1)
2.6.18-etch-security: N/A "code added after 2.6.18"
2.6.24-etch-security: released (2.6.24-6~etchnhalf.4) "bugfix/l2tp-pppol2tp_recvmsg-corruption.patch"
2.6.26-lenny-security: N/A
2.6.15-dapper-security: N/A
2.6.20-feisty-security: N/A
2.6.22-gutsy-security: N/A
2.6.24-hardy-security: released (2.6.24-19.36)
|