CVE

CVE-2006-5749

Date: (C)2006-12-31   (M)2023-12-22

The isdn_ppp_ccp_reset_alloc_state function in drivers/isdn/isdn_ppp.c in the Linux 2.4 kernel before 2.4.34-rc4 does not call the init_timer function for the ISDN PPP CCP reset state timer, which has unknown attack vectors and results in a system crash.

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V2 Severity:
CVSS Score : 1.7
Exploit Score: 3.1
Impact Score: 2.9
CVSS V2 Metrics:
Access Vector: LOCAL
Access Complexity: LOW
Authentication: SINGLE
Confidentiality: NONE
Integrity: NONE
Availability: PARTIAL

Reference:

2007-0002

http://www.securityfocus.com/archive/1/471457

BID-21835

BID-21883

SECUNIA-23529

SECUNIA-23609

SECUNIA-23752

SECUNIA-24098

SECUNIA-24100

SECUNIA-24547

SECUNIA-25226

SECUNIA-25683

SECUNIA-25691

MDKSA-2007:012

MDKSA-2007:025

MDKSA-2007:040

SUSE-SA:2007:018

SUSE-SA:2007:021

SUSE-SA:2007:030

SUSE-SA:2007:035

USN-416-1

http://kernel.org/pub/linux/kernel/v2.4/ChangeLog-2.4.34

http://www.kernel.org/git/?p=linux/kernel/git/wtarreau/linux-2.4.git%3Ba=commitdiff%3Bh=05dca9b77f99d80cf615075624666106d5b61727