CVE-2010-2495
Published: 8 September 2010
The pppol2tp_xmit function in drivers/net/pppol2tp.c in the L2TP implementation in the Linux kernel before 2.6.34 does not properly validate certain values associated with an interface, which allows attackers to cause a denial of service (NULL pointer dereference and OOPS) or possibly have unspecified other impact via vectors related to a routing change.
From the Ubuntu Security Team
James Chapman discovered that L2TP did not correctly evaluate checksum capabilities. If an attacker could make malicious routing changes, they could crash the system, leading to a denial of service.
Priority
Status
| Package | Release | Status |
|---|---|---|
|
linux Launchpad, Ubuntu, Debian |
dapper |
Does not exist
|
| hardy |
Not vulnerable
|
|
| jaunty |
Not vulnerable
|
|
| karmic |
Released
(2.6.31-22.67)
|
|
| lucid |
Not vulnerable
|
|
| maverick |
Not vulnerable
(2.6.35)
|
|
| upstream |
Released
(2.6.34)
|
|
|
Patches: upstream: http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commitdiff;h=3feec9095d12e311b7d4eb7fe7e5dfa75d4a72a5 karmic: http://chinstrap.ubuntu.com/~bradf/CVEs/CVE-2010-2495/patches/karmic/linux/0001-l2tp-Fix-oops-in-pppol2tp_xmit.txt |
||
|
linux-ec2 Launchpad, Ubuntu, Debian |
dapper |
Does not exist
|
| hardy |
Does not exist
|
|
| karmic |
Released
(2.6.31-307.21)
|
|
| lucid |
Released
(2.6.32-309.18)
|
|
| maverick |
Ignored
(end of life)
|
|
| upstream |
Needs triage
|
|
|
linux-fsl-imx51 Launchpad, Ubuntu, Debian |
dapper |
Does not exist
|
| hardy |
Does not exist
|
|
| karmic |
Released
(2.6.31-112.30)
|
|
| lucid |
Released
(2.6.31-608.22)
|
|
| maverick |
Does not exist
|
|
| upstream |
Needs triage
|
|
|
linux-lts-backport-maverick Launchpad, Ubuntu, Debian |
dapper |
Does not exist
|
| hardy |
Does not exist
|
|
| karmic |
Does not exist
|
|
| lucid |
Released
(2.6.35-25.44~lucid1)
|
|
| maverick |
Does not exist
|
|
| upstream |
Needs triage
|
|
|
linux-source-2.6.15 Launchpad, Ubuntu, Debian |
dapper |
Not vulnerable
|
| hardy |
Does not exist
|
|
| jaunty |
Does not exist
|
|
| karmic |
Does not exist
|
|
| lucid |
Does not exist
|
|
| maverick |
Does not exist
|
|
| upstream |
Needs triage
|
|