[Forgot Password]
Login  Register Subscribe

30479

 
 

423868

 
 

249982

 
 

909

 
 

195748

 
 

282

 
Paid content will be excluded from the download.


Download | Alert*
CVE
view JSON

CVE-2007-2525Date: (C)2007-05-08   (M)2023-12-22


Memory leak in the PPP over Ethernet (PPPoE) socket implementation in the Linux kernel before 2.6.21-git8 allows local users to cause a denial of service (memory consumption) by creating a socket using connect, and releasing it before the PPPIOCGCHAN ioctl is initialized.

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V2 Severity:
CVSS Score : 4.9
Exploit Score: 3.9
Impact Score: 6.9
 
CVSS V2 Metrics:
Access Vector: LOCAL
Access Complexity: LOW
Authentication: NONE
Confidentiality: NONE
Integrity: NONE
Availability: COMPLETE
  
Reference:
BID-23870
SECUNIA-25163
SECUNIA-25700
SECUNIA-25838
SECUNIA-26133
SECUNIA-26139
SECUNIA-26289
SECUNIA-26450
SECUNIA-26620
SECUNIA-26664
SECUNIA-27227
SECUNIA-29058
ADV-2007-1703
DSA-1356
DSA-1503
DSA-1504
MDKSA-2007:171
MDKSA-2007:196
MDKSA-2007:216
RHSA-2007:0376
RHSA-2007:0488
SUSE-SA:2007:051
SUSE-SA:2007:053
USN-486-1
USN-489-1
USN-510-1
http://kernel.org/pub/linux/kernel/v2.6/snapshots/patch-2.6.21-git8.log
http://support.avaya.com/elmodocs2/security/ASA-2007-287.htm
kernel-pppoe-dos(34150)
oval:org.mitre.oval:def:10594

OVAL    2
oval:org.mitre.oval:def:8130
oval:org.mitre.oval:def:8063

© SecPod Technologies