Linux Kernel "pppol2tp_recvmsg()" Memory Corruption Vulnerability

Posted June 16th, 2008 by Fusili

Description:
A vulnerability has been reported in the Linux Kernel, which potentially can be exploited by malicious people to cause a DoS (Denial of Service).

The vulnerability is caused due to a boundary error in the "pppol2tp_recvmsg()" function and can potentially be exploited to corrupt kernel memory via a specially crafted PPP over L2TP packet.

The vulnerability is reported in 2.6.x versions prior to 2.6.26-rc6.

Solution:
Use PPP over L2TP in trusted networks only.

Fixed in version 2.6.26-rc6.

Navigation

User login

Consulting Fair is a free online job board for freelance workers. Check them out! There's no cost to register, post your profile, bid on jobs or post jobs. Absolutely zero cost!

Recent blog posts

Arch Linux 2008.06(Overlord) Released!
Hello everyone. Glad to be here.
Something is afoot at the Circle-K
Is the Open Source Community too rude or abrasive to outsiders?
Back
A new start
New logo!
GNOME/openSUSE meeting
[Info-gplv3] Compliance Lab IRC Meeting October 24, 2007
Open Addict banners and forum signature graphics

Linux Kernel "pppol2tp_recvmsg()" Memory Corruption Vulnerability

Navigation

User login

Recent blog posts

Poll

Who's online

Linux.com

Distrowatch

KDE News

Slashdot :: Linux

FreeBSD.org News Flash

The GNOME Journal

IBM Developerworks :: Linux

Syndicate