CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:L/AC:L/Au:S/C:N/I:N/A:P
AI Score
Confidence
High
EPSS
Percentile
43.2%
The isdn_ppp_ccp_reset_alloc_state function in drivers/isdn/isdn_ppp.c in the Linux 2.4 kernel before 2.4.34-rc4 does not call the init_timer function for the ISDN PPP CCP reset state timer, which has unknown attack vectors and results in a system crash.
Vendor | Product | Version | CPE |
---|---|---|---|
linux | linux_kernel | cpe:/o:linux:linux_kernel::rc3:: |
kernel.org/pub/linux/kernel/v2.4/ChangeLog-2.4.34
secunia.com/advisories/23529
secunia.com/advisories/23609
secunia.com/advisories/23752
secunia.com/advisories/24098
secunia.com/advisories/24100
secunia.com/advisories/24547
secunia.com/advisories/25226
secunia.com/advisories/25683
secunia.com/advisories/25691
www.kernel.org/git/?p=linux/kernel/git/wtarreau/linux-2.4.git%3Ba=commitdiff%3Bh=05dca9b77f99d80cf615075624666106d5b61727
www.mandriva.com/security/advisories?name=MDKSA-2007:012
www.mandriva.com/security/advisories?name=MDKSA-2007:025
www.mandriva.com/security/advisories?name=MDKSA-2007:040
www.novell.com/linux/security/advisories/2007_18_kernel.html
www.novell.com/linux/security/advisories/2007_21_kernel.html
www.novell.com/linux/security/advisories/2007_30_kernel.html
www.novell.com/linux/security/advisories/2007_35_kernel.html
www.securityfocus.com/archive/1/471457
www.securityfocus.com/bid/21835
www.securityfocus.com/bid/21883
www.trustix.org/errata/2007/0002/
www.ubuntu.com/usn/usn-416-1