USN-4451-1: ppp vulnerability
4 August 2020
ppp could be made to load arbitrary kernel modules and possibly run programs.
- ppp - Point-to-Point Protocol (PPP)
Thomas Chauchefoin working with Trend Micro´s Zero Day Initiative,
discovered that ppp incorrectly handled module loading. A local attacker
could use this issue to load arbitrary kernel modules and possibly execute
The problem can be corrected by updating your system to the following package versions:
In general, a standard system update will make all the necessary changes.
- USN-4451-2: ppp-dev, ppp-udeb, ppp