CVE-2007-2525

Memory leak in the PPP over Ethernet (PPPoE) socket implementation in the Linux kernel before 2.6.21-git8 allows local users to cause a denial of service (memory consumption) by creating a socket using connect, and releasing it before the PPPIOCGCHAN ioctl is initialized.

🔗 References (60)

• cve@mitrehttp://kernel.org/pub/linux/kernel/v2.6/snapshots/patch-2.6.21-git8.log
• cve@mitrehttp://rhn.redhat.com/errata/RHSA-2007-0488.html
• cve@mitrehttp://secunia.com/advisories/25163
• cve@mitrehttp://secunia.com/advisories/25700
• cve@mitrehttp://secunia.com/advisories/25838
• cve@mitrehttp://secunia.com/advisories/26133
• cve@mitrehttp://secunia.com/advisories/26139
• cve@mitrehttp://secunia.com/advisories/26289
• cve@mitrehttp://secunia.com/advisories/26450
• cve@mitrehttp://secunia.com/advisories/26620
• cve@mitrehttp://secunia.com/advisories/26664
• cve@mitrehttp://secunia.com/advisories/27227
• cve@mitrehttp://secunia.com/advisories/29058
• cve@mitrehttp://support.avaya.com/elmodocs2/security/ASA-2007-287.htm
• cve@mitrehttp://www.debian.org/security/2007/dsa-1356