Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 177634 - Kernel: PPPoE Socket "PPPIOCGCHAN" Denial of Service (CVE-2007-2525)
Summary: Kernel: PPPoE Socket "PPPIOCGCHAN" Denial of Service (CVE-2007-2525)
Status: RESOLVED FIXED
Alias: None
Product: Gentoo Security
Classification: Unclassified
Component: Kernel (show other bugs)
Hardware: All Linux
: High normal (vote)
Assignee: Gentoo Security
URL: http://git.kernel.org/?p=linux/kernel...
Whiteboard: [linux <2.6.16.58] [linux >=2.6.17 <2...
Keywords:
Depends on:
Blocks:
 
Reported: 2007-05-08 13:56 UTC by Lars Hartmann
Modified: 2009-07-13 15:12 UTC (History)
1 user (show)

See Also:
Package list:
Runtime testing required: ---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Lars Hartmann 2007-05-08 13:56:49 UTC 
Description:
A vulnerability has been reported in the Linux Kernel, which potentially can be exploited by malicious, local users to cause a DoS (Denial of Service).

The vulnerability is caused due to a memory leak when releasing PPPoE sockets after they are connected, but before the "PPPIOCGCHAN" ioctl is called. This can be exploited to cause a DoS due to memory exhaustion.

The vulnerability is reported in versions prior to 2.6.21-git8. Other versions may also be affected.

Solution:
Update to version 2.6.21-git8.

Provided and/or discovered by:
Reported by the vendor.

Original Advisory:
http://kernel.org/pub/linux/kernel/v2.6/snapshots/patch-2.6.21-git8.log

Reproducible: Always
Comment 1 Lars Hartmann 2007-05-15 13:27:07 UTC 
maintainers - please provide an updated ebuild
Comment 2 Lars Hartmann 2007-06-07 01:51:21 UTC 
maintainers - please advise and bump as necessary
Comment 3 Lars Hartmann 2007-07-04 06:50:05 UTC 
fixed in the new version which is in portage
Comment 4 Bjoern Tropf (RETIRED) gentoo-dev 2009-07-13 15:12:17 UTC 
CVE-2007-2480:
https://bugs.gentoo.org/show_bug.cgi?id=176940

CVE-2007-2525: (this bug)
Memory leak in the PPP over Ethernet (PPPoE) socket implementation in the Linux kernel before 2.6.21-git8 allows local users to cause a denial of service (memory consumption) by creating a socket using connect, and releasing it before the PPPIOCGCHAN ioctl is initialized.