134 matches found
EUVD-2023-25849
Malicious code in bioql PyPI...
DEBIAN-CVE-2025-39847
In the Linux kernel, the following vulnerability has been resolved: ppp: fix memory leak in padcompressskb If allocskb fails in padcompressskb, it returns NULL without releasing the old skb. The caller does: skb = padcompressskbppp, skb; if !skb goto drop; drop: kfreeskbskb; When padcompressskb...
ppp: fix race conditions in ppp_fill_forward_path
...
Linux Distros Unpatched Vulnerability : CVE-2025-39673
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ppp: fix race conditions in pppfillforwardpath pppfillforwardpath has two race conditions: 1. The ppp-channels list can change between listempty and...
EulerOS 2.0 SP11 : ppp (EulerOS-SA-2025-1939)
According to the versions of the ppp package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : The passprompt plugin in pppd in ppp before 2.5.2 mishandles privileges.CVE-2024-58250 Tenable has extracted the preceding description block directly...
EulerOS 2.0 SP11 : ppp (EulerOS-SA-2025-1965)
According to the versions of the ppp package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : The passprompt plugin in pppd in ppp before 2.5.2 mishandles privileges.CVE-2024-58250 Tenable has extracted the preceding description block directly...
PT-2025-32782 · Unknown +1 · Ppp Eap-Tls +1
Name of the Vulnerable Software and Affected Versions: Remote Access Point-to-Point Protocol PPP EAP-TLS affected versions not specified Description: A use after free issue exists in Remote Access Point-to-Point Protocol PPP EAP-TLS. This allows a locally authorized attacker to elevate privileges...
CVE-2001-1565
Point to Point Protocol daemon pppd in MacOS x 10.0 and 10.1 through 10.1.5 provides the username and password on the command line, which allows local users to obtain authentication information via the ps command...
ROS-2-643
2.643 Vulnerability in PPPD CVE-2020-8597 1. Vulnerability Description: The issue CVE-2020-8597 is a stack buffer overflow vulnerability resulting from a logic error in the EAP Extensible Authentication Protocol packet parser in PPPD eaprequest and eapresponse functions in eap.c. The vulnerabilit...
DEBIAN-CVE-2025-37749
In the Linux kernel, the following vulnerability has been resolved: net: ppp: Add bound checking for skb data on pppsynctxmung Ensure we have enough data in linear buffer from skb before accessing initial bytes. This prevents potential out-of-bounds accesses when processing short packets. When...
UBUNTU-CVE-2025-21922
In the Linux kernel, the following vulnerability has been resolved: ppp: Fix KMSAN uninit-value warning with bpf Syzbot caught an "KMSAN: uninit-value" warning 1, which is caused by the ppp driver not initializing a 2-byte header when using socket filter. The following code can generate a PPP...
The vulnerability of the ppp_read() and ppp_write() functions (drivers/net/ppp/ppp_generic.c) in the Linux operating system’s PPP kernel driver allows a hacker to cause a service failure.
The vulnerability of the pppread and pppwrite functions drivers/net/ppp/pppgeneric.c in the Linux kernel-based PPP driver is related to insufficient input data validation. Exploiting this vulnerability could allow an attacker to cause a service failure...
ppp: do not assume bh is held in ppp_channel_bridge_input()
...
kernel: ppp_async: limit MRU to 64K
In the Linux kernel, the following vulnerability has been resolved: pppasync: limit MRU to 64K syzbot triggered a warning 1 in allocpages: WARNONONCEGFPorder MAXPAGEORDER, gfp Willem fixed a similar issue in commit c0a2a1b0d631 "ppp: limit MRU to 64K" Adopt the same sanity check for...
ppp: fix ppp_async_encode() illegal access
...
AZL-51111 CVE-2024-50035 affecting package kernel for versions less than 5.15.173.1-1
In the Linux kernel, the following vulnerability has been resolved: ppp: fix pppasyncencode illegal access syzbot reported an issue in pppasyncencode 1 In this case, pppoesendmsg is called with a zero size. Then pppasyncencode is called with an empty skb. BUG: KMSAN: uninit-value in pppasyncencod...
DEBIAN-CVE-2024-49946
In the Linux kernel, the following vulnerability has been resolved: ppp: do not assume bh is held in pppchannelbridgeinput Networking receive path is usually handled from BH handler. However, some protocols need to acquire the socket lock, and packets might be stored in the socket backlog is the...
kernel: ppp: reject claimed-as-LCP but actually malformed packets
The vulnerability was found in the Linux kernel's ppp pppgeneric.c driver, in the pppread and pppwrite functions where malformed packets were erroneously identified as LCP packets, leading to potential issues with packet handling. This flaw could potentially lead to system instability...
kernel: ppp: reject claimed-as-LCP but actually malformed packets
The vulnerability was found in the Linux kernel's ppp pppgeneric.c driver, in the pppread and pppwrite functions where malformed packets were erroneously identified as LCP packets, leading to potential issues with packet handling. This flaw could potentially lead to system instability...
UBUNTU-CVE-2024-26675
In the Linux kernel, the following vulnerability has been resolved: pppasync: limit MRU to 64K syzbot triggered a warning 1 in allocpages: WARNONONCEGFPorder MAXPAGEORDER, gfp Willem fixed a similar issue in commit c0a2a1b0d631 "ppp: limit MRU to 64K" Adopt the same sanity check for...