Linux Kernel PPP Subsystem Out-of-Bounds Read Vulnerability

Vulnerability

A vulnerability in the Linux kernel's PPP (Point-to-Point Protocol) subsystem can lead to out-of-bounds read errors. This issue arises in the 'ppp_sync_txmung' function, where incoming packets with empty payloads can be processed without proper bounds checking. As a result, the function may access invalid memory regions, potentially leading to memory corruption or information disclosure.

Impact

Exploitation of this vulnerability can cause out-of-bounds read errors, which may lead to memory corruption or information disclosure.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

5.3

remediation

0.0

relevance

0.0

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

5.3

remediation

0.0

relevance

0.0

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Linux Kernel PPP Subsystem Out-of-Bounds Read Vulnerability

Vulnerability

Impact

Affected Products

Linux kernel

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating