CVE-2007-2525 - Secunia Advisories - Vulnerability Information

CVE Reference: CVE-2007-2525
NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE.

Original Page at CVE MITRE: CVE-2007-2525

Description: Memory leak in the PPP over Ethernet (PPPoE) socket implementation in the Linux kernel before 2.6.21-git8 allows local users to cause a denial of service (memory consumption) by creating a socket using connect, and releasing it before the PPPIOCGCHAN ioctl is initialized.

CVE Status: Candidate

References: XF http://xforce.iss.net/xforce/xfdb/34150 UBUNTU http://www.ubuntu.com/usn/usn-510-1 http://www.ubuntu.com/usn/usn-489-1 http://www.ubuntu.com/usn/usn-486-1 SUSE http://www.novell.com/linux/security/advisories/2007_51_kernel.html http://www.novell.com/linux/security/advisories/2007_53_kernel.html SAID Secunia Advisory: SA26139 Secunia Advisory: SA26133 Secunia Advisory: SA25838 Secunia Advisory: SA25700 Secunia Advisory: SA25163 Secunia Advisory: SA26289 Secunia Advisory: SA26450 Secunia Advisory: SA26620 Secunia Advisory: SA26664 Secunia Advisory: SA27227 Secunia Advisory: SA29058 REDHAT http://rhn.redhat.com/errata/RHSA-2007-0488.html MANDRIVA http://www.mandriva.com/security/advisories?name=MDKSA-2007:171 http://www.mandriva.com/security/advisories?name=MDKSA-2007:196 http://www.mandriva.com/security/advisories?name=MDKSA-2007:216 DEBIAN http://www.debian.org/security/2008/dsa-1503 http://www.debian.org/security/2008/dsa-1504 http://www.debian.org/security/2007/dsa-1356 CONFIRM http://support.avaya.com/elmodocs2/security/ASA-2007-287.htm http://kernel.org/pub/linux/kernel/v2.6/snapshots/patch-2.6.21-git8.log BID 23870

Return to the previous page.