Lucene search

MitreCVE-2007-2525

HistoryMay 08, 2007 - 11:19 p.m.

CVE-2007-2525

2007-05-0823:19:00

mitre

web.nvd.nist.gov

cve-2007-2525

memory leak

pppoe

linux kernel

denial of service

nvd

CVSS2

4.9

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:N/I:N/A:C

AI Score

6.9

Confidence

High

EPSS

0.001

Percentile

28.2%

JSON

Memory leak in the PPP over Ethernet (PPPoE) socket implementation in the Linux kernel before 2.6.21-git8 allows local users to cause a denial of service (memory consumption) by creating a socket using connect, and releasing it before the PPPIOCGCHAN ioctl is initialized.

Affected configurations

Nvd

Node

linuxlinux_kernelRange≤2.6.21git7

VendorProductVersionCPE
linuxlinux_kernelcpe:/o:linux:linux_kernel::git7::

Vendor	Product	Version	CPE
linux	linux_kernel		cpe:/o:linux:linux_kernel::git7::

References

kernel.org/pub/linux/kernel/v2.6/snapshots/patch-2.6.21-git8.log

rhn.redhat.com/errata/RHSA-2007-0488.html

secunia.com/advisories/25163

secunia.com/advisories/25700

secunia.com/advisories/25838

secunia.com/advisories/26133

secunia.com/advisories/26139

secunia.com/advisories/26289

secunia.com/advisories/26450

secunia.com/advisories/26620

secunia.com/advisories/26664

secunia.com/advisories/27227

secunia.com/advisories/29058

support.avaya.com/elmodocs2/security/ASA-2007-287.htm

www.debian.org/security/2007/dsa-1356

www.debian.org/security/2008/dsa-1503

www.debian.org/security/2008/dsa-1504

www.mandriva.com/security/advisories?name=MDKSA-2007:171

www.mandriva.com/security/advisories?name=MDKSA-2007:196

www.mandriva.com/security/advisories?name=MDKSA-2007:216

www.novell.com/linux/security/advisories/2007_51_kernel.html

www.novell.com/linux/security/advisories/2007_53_kernel.html

www.securityfocus.com/bid/23870

www.ubuntu.com/usn/usn-486-1

www.ubuntu.com/usn/usn-489-1

www.ubuntu.com/usn/usn-510-1

www.vupen.com/english/advisories/2007/1703

exchange.xforce.ibmcloud.com/vulnerabilities/34150

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10594

rhn.redhat.com/errata/RHSA-2007-0376.html

Social References

CVSS2

4.9

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:N/I:N/A:C

AI Score

6.9

Confidence

High

EPSS

0.001

Percentile

28.2%

JSON

Related for CVE-2007-2525