CVE - CVE-2007-2525

CVE-ID
CVE-2007-2525	Learn more at National Vulnerability Database (NVD) • CVSS Severity Rating • Fix Information • Vulnerable Software Versions • SCAP Mappings • CPE Information
Description
Memory leak in the PPP over Ethernet (PPPoE) socket implementation in the Linux kernel before 2.6.21-git8 allows local users to cause a denial of service (memory consumption) by creating a socket using connect, and releasing it before the PPPIOCGCHAN ioctl is initialized.
References
Note: References are provided for the convenience of the reader to help distinguish between vulnerabilities. The list is not intended to be complete.
BID:23870 URL:http://www.securityfocus.com/bid/23870 CONFIRM:http://kernel.org/pub/linux/kernel/v2.6/snapshots/patch-2.6.21-git8.log CONFIRM:http://support.avaya.com/elmodocs2/security/ASA-2007-287.htm DEBIAN:DSA-1356 URL:http://www.debian.org/security/2007/dsa-1356 DEBIAN:DSA-1503 URL:http://www.debian.org/security/2008/dsa-1503 DEBIAN:DSA-1504 URL:http://www.debian.org/security/2008/dsa-1504 MANDRIVA:MDKSA-2007:171 URL:~~http://www.mandriva.com/security/advisories?name=MDKSA-2007:171~~ (Obsolete source) MANDRIVA:MDKSA-2007:196 URL:~~http://www.mandriva.com/security/advisories?name=MDKSA-2007:196~~ (Obsolete source) MANDRIVA:MDKSA-2007:216 URL:~~http://www.mandriva.com/security/advisories?name=MDKSA-2007:216~~ (Obsolete source) OVAL:oval:org.mitre.oval:def:10594 URL:https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10594 REDHAT:RHSA-2007:0376 URL:https://rhn.redhat.com/errata/RHSA-2007-0376.html REDHAT:RHSA-2007:0488 URL:http://rhn.redhat.com/errata/RHSA-2007-0488.html SECUNIA:25163 URL:http://secunia.com/advisories/25163 SECUNIA:25700 URL:http://secunia.com/advisories/25700 SECUNIA:25838 URL:http://secunia.com/advisories/25838 SECUNIA:26133 URL:http://secunia.com/advisories/26133 SECUNIA:26139 URL:http://secunia.com/advisories/26139 SECUNIA:26289 URL:http://secunia.com/advisories/26289 SECUNIA:26450 URL:http://secunia.com/advisories/26450 SECUNIA:26620 URL:http://secunia.com/advisories/26620 SECUNIA:26664 URL:http://secunia.com/advisories/26664 SECUNIA:27227 URL:http://secunia.com/advisories/27227 SECUNIA:29058 URL:http://secunia.com/advisories/29058 SUSE:SUSE-SA:2007:051 URL:http://www.novell.com/linux/security/advisories/2007_51_kernel.html SUSE:SUSE-SA:2007:053 URL:http://www.novell.com/linux/security/advisories/2007_53_kernel.html UBUNTU:USN-486-1 URL:http://www.ubuntu.com/usn/usn-486-1 UBUNTU:USN-489-1 URL:http://www.ubuntu.com/usn/usn-489-1 UBUNTU:USN-510-1 URL:http://www.ubuntu.com/usn/usn-510-1 VUPEN:ADV-2007-1703 URL:~~http://www.vupen.com/english/advisories/2007/1703~~ (Obsolete source) XF:kernel-pppoe-dos(34150) URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/34150
Assigning CNA
MITRE Corporation
Date Record Created
20070508	Disclaimer: The record creation date may reflect when the CVE ID was allocated or reserved, and does not necessarily indicate when this vulnerability was discovered, shared with the affected vendor, publicly disclosed, or updated in CVE.
Phase (Legacy)
Assigned (20070508)
Votes (Legacy)

Comments (Legacy)

Proposed (Legacy)
N/A
This is an record on the CVE List, which provides common identifiers for publicly known cybersecurity vulnerabilities.
Search CVE Using Keywords: You can also search by reference using the CVE Reference Maps.
For More Information: CVE Request Web Form (select "Other" from dropdown)