CVE-2014-3158 — Improper Restriction of Operations within the Bounds of a Memory Buffer in PPP

CWE-119 — Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-190 — Integer Overflow or Wraparound8 documents7 sources

Severity

7.5HIGHNVD

EPSS

1.5%

top 18.95%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Samba PPP Debian PPP Point-to-point Protocol Project Point-to-point Protocol

Timeline

PublishedNov 15

Latest updateMay 13

Description

Integer overflow in the getword function in options.c in pppd in Paul's PPP Package (ppp) before 2.4.7 allows attackers to "access privileged options" via a long word in an options file, which triggers a heap-based buffer overflow that "[corrupts] security-relevant variables."

CVSS vector

AV:N/AC:L/C:P/I:P/A:PExploitability: 10.0 | Impact: 6.4

Affected Packages3 packages

▶debiandebian/ppp< ppp 2.4.6-3 (bookworm)

▶Debiansamba/ppp< 2.4.6-3+3

▶NVDpoint-to-point_protocol_project/point-to-point_protocol2.4.6

🔴Vulnerability Details

GHSA

GHSA-4rmp-xhjh-jrfr: Integer overflow in the getword function in options↗2022-05-13

▶

OSV

CVE-2014-3158: Integer overflow in the getword function in options↗2014-11-15

▶

📋Vendor Advisories

Ubuntu

ppp vulnerability↗2014-12-01

▶

Red Hat

ppp: integer overflow in option parsing↗2014-08-10

▶

Debian

CVE-2014-3158: ppp - Integer overflow in the getword function in options.c in pppd in Paul's PPP Pack...↗2014

▶

💬Community

Bugzilla

CVE-2014-3158 ppp: integer overflow in option parsing↗2014-08-11

▶

Bugzilla

CVE-2014-3158 ppp: potential security vulnerability [fedora-all]↗2014-08-11

▶