CVE-2026-53075

A flaw was found in the Linux kernel's Point-to-Point Protocol PPP subsystem. A local unprivileged user can exploit this vulnerability by creating a new user namespace and bypassing authorization checks for unattached administrative input/output controls ioctls. This allows the user to perform...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: - In pptp: ensure that the minimum skb length is properly set in pptpxmit. - Commit aabc6596ffb3 “net: ppp: Add bound checking for skb data in pppsynctxmung” fixed pppsynctxmunge. We need a similar fix in pptpxmit; otherwise, ...

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1

In the Linux kernel, the following vulnerabilities have been resolved: pppasync: Limited MRU to 64K. The syzbot triggered a warning 1 in allocpages: WARNONONCEGFP order MAXPAGEORDER, gfp. Willem fixed a similar issue in the commit c0a2a1b0d631 “ppp: limited MRU to 64K”. Apply the same sanity chec...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: netfilter: flowtable – incorrect pppoe tuple PPPoE traffic that reaches the ingress path does not match the flowtable entry because the pppoe header is expected to be at the network header offset. This bug causes a mismatch in th...

Astra Linux – Vulnerability found in Linux 5.15, Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: ppp: Associating skb with a device at tx. Syzkaller triggered a flow dissector warning with the following code: c r0 = openat$ppp0xffffffffffffff9c, &0x7f0000000000, 0xc0802, 0x0 ioctl$PPPIOCNEWUNITr0, 0xc004743e,...

Security Bulletin: Vulnerabilities in OpenSSL affect IBM Aspera Enterprise Server, IBM Aspera Connect Server, IBM Aspera Point to Point Client, IBM A

Question Security Bulletin: Vulnerabilities in OpenSSL affect IBM Aspera Enterprise Server, IBM Aspera Connect Server, IBM Aspera Point to Point Client, IBM Aspera Desktop Client and IBM Aspera Connect Browser Plugin CVE-2016-2106, CVE-2016-2109, CVE-2016-2176 "Business...

CVE-2026-11409 OS Command Injection in IPv6 PPPoE Configuration in TP-Link TL-WR940N

An authenticated OS command injection vulnerability exists in the IPv6 PPPoE configuration handler in TL-WR940N v6 due to improper sanitization of user input. An attacker with administrative access may exploit this issue to execute arbitrary system commands with elevated privileges...

SUSE CVE-2026-46306

In the Linux kernel, the following vulnerability has been resolved: flowdissector: do not dissect PPPoE PFC frames RFC 2516 Section 7 states that Protocol Field Compression PFC is NOT RECOMMENDED for PPPoE. In practice, pppd does not support negotiating PFC for PPPoE sessions, and the flow...

CVE-2026-46306

A flaw was found in the Linux kernel's flow dissector. This vulnerability allows a remote attacker to cause a Denial of Service DoS by sending a specially crafted Point-to-Point Protocol over Ethernet PPPoE Protocol Field Compression PFC frame to an affected system. The incorrect processing of...

CVE-2026-46306

In the Linux kernel, the following vulnerability has been resolved: flowdissector: do not dissect PPPoE PFC frames RFC 2516 Section 7 states that Protocol Field Compression PFC is NOT RECOMMENDED for PPPoE. In practice, pppd does not support negotiating PFC for PPPoE sessions, and the flow...

UBUNTU-CVE-2026-46306

In the Linux kernel, the following vulnerability has been resolved: flowdissector: do not dissect PPPoE PFC frames RFC 2516 Section 7 states that Protocol Field Compression PFC is NOT RECOMMENDED for PPPoE. In practice, pppd does not support negotiating PFC for PPPoE sessions, and the flow...

CVE-2026-45842

A flaw was found in the Linux kernel's SLIP Serial Line Internet Protocol and PPP Point-to-Point Protocol components. An unprivileged local user can exploit this vulnerability by manipulating the PPPIOCSMAXCID ioctl to configure the SLIP Compressed Header SLHC state incorrectly. This...

UBUNTU-CVE-2026-45842

In the Linux kernel, the following vulnerability has been resolved: slip: reject VJ receive packets on instances with no rstate array slhcinit accepts rslots == 0 as a valid configuration, with the documented meaning of 'no receive compression'. In that case the allocation loop in slhcinit is...

CVE-2026-45842

In the Linux kernel, the following vulnerability has been resolved: slip: reject VJ receive packets on instances with no rstate array slhcinit accepts rslots == 0 as a valid configuration, with the documented meaning of 'no receive compression'. In that case the allocation loop in slhcinit is...

CVE-2026-45842

The CVE-2026-45842 issue affects the Linux kernel’s SLIP/Slip+PPP path. When rslots == 0 (no receive compression), comp->rstate remains NULL and rslot_limit becomes 0, but the receive helpers do not guard against this. As a result, slhc_uncompress() can dereference comp->rstate[x] and slhc_...

CVE-2026-6644 A command injection vulnerability was found in the PPTP VPN Clients on the ADM

A command injection vulnerability was found in the PPTP VPN Clients on the ADM. The vulnerability allows an administrative user to break out of the restricted web environment and execute arbitrary code on the underlying operating system. This occurs due to insufficient validation of user-supplied...

CVE-2026-6644

The CVE-2026-6644 entry describes a command-injection vulnerability in ADM PPTP VPN Clients that allows an administrative user to escape the restricted web environment and execute arbitrary OS commands, enabling Remote Code Execution and full system compromise. Affected are ADM versions 4.1.0–4.3...

ROS-20260407-73-0024

A vulnerability in the Linux operating system kernel ppp driver is related to simultaneous execution using a shared resource with improper synchronization. Exploitation of the vulnerability allows an attacker to cause a denial of service...

(Pwn2Own) QNAP QHora-322 ip6_wanifset Improper Restriction of Communication Channel to Intended Endpoints Firewall Bypass Vulnerability

This vulnerability allows network-adjacent attackers to bypass firewall rules on affected installations of QNAP QHora-322 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the implementation of firewall rules. The issue results from failing to...

ROS-20260324-73-0007

A vulnerability in the pptp component of the Linux operating system kernel is related to errors in variable initialization. Exploitation of the vulnerability allows an intruder to affect confidentiality, integrity and availability of protected information...