CVE-2010-2495 (retired)

Priority
Description
The pppol2tp_xmit function in drivers/net/pppol2tp.c in the L2TP
implementation in the Linux kernel before 2.6.34 does not properly validate
certain values associated with an interface, which allows attackers to
cause a denial of service (NULL pointer dereference and OOPS) or possibly
have unspecified other impact via vectors related to a routing change.
Ubuntu-Description
James Chapman discovered that L2TP did not correctly evaluate checksum
capabilities. If an attacker could make malicious routing changes, they
could crash the system, leading to a denial of service.
Assigned-to
bradf
Package
Upstream:needs-triage
Package
Upstream:needs-triage
Package
Upstream:needs-triage
Package
Upstream:needs-triage
More Information

Updated: 2019-03-26 11:52:17 UTC (commit ccdecfcf0fead22bd291e5f4ea745a46872dcb15)