USN-4451-2: ppp vulnerability
6 August 2020
ppp could be made to load arbitrary kernel modules and possibly run programs.
- ppp - Point-to-Point Protocol (PPP)
USN-4451-1 fixed a vulnerability in ppp. This update provides
the corresponding update for Ubuntu 12.04 ESM and Ubuntu 14.04 ESM.
Original advisory details:
Thomas Chauchefoin working with Trend Micro´s Zero Day Initiative,
discovered that ppp incorrectly handled module loading. A local attacker
could use this issue to load arbitrary kernel modules and possibly execute
- USN-4451-1: ppp-dev, ppp, ppp-udeb