CVE-2010-2495

Priority
Medium
Description
The pppol2tp_xmit function in drivers/net/pppol2tp.c in the L2TP
implementation in the Linux kernel before 2.6.34 does not properly validate
certain values associated with an interface, which allows attackers to
cause a denial of service (NULL pointer dereference and OOPS) or possibly
have unspecified other impact via vectors related to a routing change.
Ubuntu-Description
James Chapman discovered that L2TP did not correctly evaluate checksum
capabilities. If an attacker could make malicious routing changes, they
could crash the system, leading to a denial of service.
References
Assigned-to
bradf
Package
Upstream:needs-triage
Package
Upstream:needs-triage
Package
Upstream:needs-triage
Package
Upstream:needs-triage
Package
Source: linux (LP Ubuntu Debian)
Upstream:released (2.6.34)
Patches:
upstream:http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commitdiff;h=3feec9095d12e311b7d4eb7fe7e5dfa75d4a72a5
Karmic:http://chinstrap.ubuntu.com/~bradf/CVEs/CVE-2010-2495/patches/karmic/linux/0001-l2tp-Fix-oops-in-pppol2tp_xmit.txt
More Information

Valid XHTML 1.0 Strict

Updated: 2015-07-29 20:38:44 UTC (commit 9756)