4 matches found
CVE-2024-50035
In the Linux kernel, the following vulnerability has been resolved: ppp: fix pppasyncencode illegal access syzbot reported an issue in pppasyncencode 1 In this case, pppoesendmsg is called with a zero size. Then pppasyncencode is called with an empty skb. BUG: KMSAN: uninit-value in pppasyncencod...
CVE-2024-50035
In the Linux kernel, the following vulnerability has been resolved: ppp: fix pppasyncencode illegal access syzbot reported an issue in pppasyncencode 1 In this case, pppoesendmsg is called with a zero size. Then pppasyncencode is called with an empty skb. BUG: KMSAN: uninit-value in pppasyncencod...
CVE-2024-50035 ppp: fix ppp_async_encode() illegal access
In the Linux kernel, the following vulnerability has been resolved: ppp: fix pppasyncencode illegal access syzbot reported an issue in pppasyncencode 1 In this case, pppoesendmsg is called with a zero size. Then pppasyncencode is called with an empty skb. BUG: KMSAN: uninit-value in pppasyncencod...
CVE-2024-50035
CVE-2024-50035 affects the Linux kernel PPP path, specifically a fault in ppp_async_encode() that can be triggered by a zero-size pppoe_sendmsg() followed by an empty skb, leading to a possible uninitialized access (KMSAN) in drivers/net/ppp/ppp_async.c. The issue was fixed in upstream Linux comm...