CVE-2010-2495

Priority
Medium
Description
The pppol2tp_xmit function in drivers/net/pppol2tp.c in the L2TP
implementation in the Linux kernel before 2.6.34 does not properly validate
certain values associated with an interface, which allows attackers to
cause a denial of service (NULL pointer dereference and OOPS) or possibly
have unspecified other impact via vectors related to a routing change.
Ubuntu-Description
James Chapman discovered that L2TP did not correctly evaluate checksum
capabilities. If an attacker could make malicious routing changes, they
could crash the system, leading to a denial of service.
References
Assigned-to
bradf
Package
Upstream:needs-triage
Ubuntu 8.04 LTS (Hardy Heron):DNE
Ubuntu 10.04 LTS (Lucid Lynx):released (2.6.31-608.22)
Ubuntu 11.04 (Natty Narwhal):DNE
Package
Upstream:needs-triage
Ubuntu 8.04 LTS (Hardy Heron):DNE
Ubuntu 10.04 LTS (Lucid Lynx):released (2.6.35-25.44~lucid1)
Ubuntu 11.04 (Natty Narwhal):DNE
Package
Upstream:needs-triage
Ubuntu 8.04 LTS (Hardy Heron):DNE
Ubuntu 10.04 LTS (Lucid Lynx):DNE
Ubuntu 11.04 (Natty Narwhal):DNE
Package
Upstream:needs-triage
Ubuntu 8.04 LTS (Hardy Heron):DNE
Ubuntu 10.04 LTS (Lucid Lynx):released (2.6.32-309.18)
Ubuntu 11.04 (Natty Narwhal):DNE
Package
Source: linux (LP Ubuntu Debian)
Upstream:released (2.6.34)
Ubuntu 8.04 LTS (Hardy Heron):not-affected
Ubuntu 10.04 LTS (Lucid Lynx):not-affected
Ubuntu 11.04 (Natty Narwhal):not-affected (2.6.35)
Patches:
upstream:http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commitdiff;h=3feec9095d12e311b7d4eb7fe7e5dfa75d4a72a5
Karmic:http://chinstrap.ubuntu.com/~bradf/CVEs/CVE-2010-2495/patches/karmic/linux/0001-l2tp-Fix-oops-in-pppol2tp_xmit.txt
More Information

Valid XHTML 1.0 Strict

Updated: 2012-06-01 15:21:09 UTC (commit 5347)