Azure Linux 3.0 Security Update: ppp (CVE-2022-4603)

🗓️ 22 Jan 2026 00:00:00Reported by TenableType

Azure Linux 3.0 ppp vulnerability CVE-2022-4603 due to dumpppp index validation; patch recommended.

Reporter	Title	Published	Views	Family All 74
ATTACKERKB	CVE-2022-4603	18 Dec 202211:15	–	attackerkb
AlpineLinux	CVE-2022-4603	18 Dec 202200:00	–	alpinelinux
AstraLinux	Astra Linux - уязвимость в ppp	20 May 202605:53	–	astralinux
BDU FSTEC	The vulnerability of the dumpppp function in the pppdump/pppdump.c component of the Point-to-Point Ppp protocol allows a hacker to gain access to confidential data, compromise its integrity, and cause service failure.	21 Aug 202300:00	–	bdu_fstec
CBLMariner	CVE-2022-4603 affecting package ppp 2.4.7-36	12 Jan 202509:15	–	cbl_mariner
CBLMariner	CVE-2022-4603 affecting package ppp for versions less than 2.5.0-1	7 Aug 202515:08	–	cbl_mariner
Circl	CVE-2022-4603	31 Mar 202320:15	–	circl
CNNVD	ppp 缓冲区错误漏洞	18 Dec 202200:00	–	cnnvd
CVE	CVE-2022-4603	18 Dec 202200:00	–	cve
Cvelist	CVE-2022-4603 ppp pppdump pppdump.c dumpppp array index	18 Dec 202200:00	–	cvelist

Source	Link
nvd	www.nvd.nist.gov/vuln/detail/CVE-2022-4603
cve	www.cve.mitre.org/cgi-bin/cvename.cgi

#%NASL_MIN_LEVEL 80900
##
# (C) Tenable, Inc.
##

include('compat.inc');

if (description)
{
  script_id(295467);
  script_version("1.1");
  script_set_attribute(attribute:"plugin_modification_date", value:"2026/01/22");

  script_cve_id("CVE-2022-4603");

  script_name(english:"Azure Linux 3.0 Security Update: ppp (CVE-2022-4603)");

  script_set_attribute(attribute:"synopsis", value:
"The remote Azure Linux host is missing one or more security updates.");
  script_set_attribute(attribute:"description", value:
"The version of ppp installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected
by a vulnerability as referenced in the CVE-2022-4603 advisory.

  - A vulnerability classified as problematic has been found in ppp. Affected is the function dumpppp of the
    file pppdump/pppdump.c of the component pppdump. The manipulation of the argument spkt.buf/rpkt.buf leads
    to improper validation of array index. The real existence of this vulnerability is still doubted at the
    moment. The name of the patch is a75fb7b198eed50d769c80c36629f38346882cbf. It is recommended to apply a
    patch to fix this issue. VDB-216198 is the identifier assigned to this vulnerability. NOTE: pppdump is not
    used in normal process of setting up a PPP connection, is not installed setuid-root, and is not invoked
    automatically in any scenario. (CVE-2022-4603)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version
number.");
  script_set_attribute(attribute:"see_also", value:"https://nvd.nist.gov/vuln/detail/CVE-2022-4603");
  script_set_attribute(attribute:"solution", value:
"Update the affected packages.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C");
  script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2022-4603");

  script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"false");

  script_set_attribute(attribute:"vuln_publication_date", value:"2022/12/18");
  script_set_attribute(attribute:"patch_publication_date", value:"2025/08/12");
  script_set_attribute(attribute:"plugin_publication_date", value:"2026/01/22");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:microsoft:azure_linux:ppp");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:microsoft:azure_linux:ppp-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:microsoft:azure_linux:ppp-devel");
  script_set_attribute(attribute:"cpe", value:"x-cpe:/o:microsoft:azure_linux");
  script_set_attribute(attribute:"generated_plugin", value:"current");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"Azure Linux Local Security Checks");

  script_copyright(english:"This script is Copyright (C) 2026 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("ssh_get_info2.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/AzureLinux/release", "Host/AzureLinux/rpm-list", "Host/cpu");

  exit(0);
}
include('rpm.inc');

if (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
var release = get_kb_item('Host/AzureLinux/release');
if (isnull(release) || 'Azure Linux' >!< release) audit(AUDIT_OS_NOT, 'Azure Linux');
var os_ver = pregmatch(pattern: "Azure Linux ([0-9]+(\.[0-9]+)?)", string:release);
if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Azure Linux');
os_ver = os_ver[1];
if (! preg(pattern:"^3([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, 'Azure Linux 3.0', 'Azure Linux ' + os_ver);

if (!get_kb_item('Host/AzureLinux/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);

var cpu = get_kb_item('Host/cpu');
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ('x86_64' >!< cpu && cpu !~ "^i[3-6]86$" && 'aarch64' >!< cpu)
  audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Azure Linux', cpu);

var pkgs = [
    {'reference':'ppp-2.5.0-1.azl3', 'cpu':'aarch64', 'release':'3.0', 'rpm_spec_vers_cmp':TRUE},
    {'reference':'ppp-2.5.0-1.azl3', 'cpu':'x86_64', 'release':'3.0', 'rpm_spec_vers_cmp':TRUE},
    {'reference':'ppp-debuginfo-2.5.0-1.azl3', 'cpu':'aarch64', 'release':'3.0', 'rpm_spec_vers_cmp':TRUE},
    {'reference':'ppp-debuginfo-2.5.0-1.azl3', 'cpu':'x86_64', 'release':'3.0', 'rpm_spec_vers_cmp':TRUE},
    {'reference':'ppp-devel-2.5.0-1.azl3', 'cpu':'aarch64', 'release':'3.0', 'rpm_spec_vers_cmp':TRUE},
    {'reference':'ppp-devel-2.5.0-1.azl3', 'cpu':'x86_64', 'release':'3.0', 'rpm_spec_vers_cmp':TRUE}
];

var flag = 0;
foreach var package_array ( pkgs ) {
  var reference = NULL;
  var _release = NULL;
  var sp = NULL;
  var _cpu = NULL;
  var el_string = NULL;
  var rpm_spec_vers_cmp = NULL;
  var epoch = NULL;
  var allowmaj = NULL;
  var exists_check = NULL;
  var cves = NULL;
  if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];
  if (!empty_or_null(package_array['release'])) _release = 'Azure Linux ' + package_array['release'];
  if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];
  if (!empty_or_null(package_array['cpu'])) _cpu = package_array['cpu'];
  if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];
  if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];
  if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];
  if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];
  if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];
  if (!empty_or_null(package_array['cves'])) cves = package_array['cves'];
  if (reference && _release && (!exists_check || rpm_exists(release:_release, rpm:exists_check))) {
    if (rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj, cves:cves)) flag++;
  }
}

if (flag)
{
  security_report_v4(
      port       : 0,
      severity   : SECURITY_HOLE,
      extra      : rpm_report_get()
  );
  exit(0);
}
else
{
  var tested = pkg_tests_get();
  if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
  else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'ppp / ppp-debuginfo / ppp-devel');
}

22 Jan 2026 00:00Current

4.5Medium risk

Vulners AI Score4.5

CVSS 3.14.3 - 6.5

EPSS0.00156