CVE-2010-2495
published 2010-09-08CVE-2010-2495: The pppol2tp_xmit function in drivers/net/pppol2tp.c in the L2TP implementation in the Linux kernel before 2.6.34 does not properly validate certain values…
critical10CVSS 3.1
AVNACLAuNCCICAC
The pppol2tp_xmit function in drivers/net/pppol2tp.c in the L2TP implementation in the Linux kernel before 2.6.34 does not properly validate certain values associated with an interface, which allows attackers to cause a denial of service (NULL pointer dereference and OOPS) or possibly have unspecified other impact via vectors related to a routing change.
Affected
10 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| canonical | ubuntu_linux | — | — |
| canonical | ubuntu_linux | — | — |
| canonical | ubuntu_linux | — | — |
| canonical | ubuntu_linux | — | — |
| canonical | ubuntu_linux | — | — |
| canonical | ubuntu_linux | — | — |
| linux | linux_kernel | < 2.6.34 | 2.6.34 |
| suse | suse_linux_enterprise_desktop | — | — |
| suse | suse_linux_enterprise_high_availability_extension | — | — |
| suse | suse_linux_enterprise_server | — | — |