Linux Kernel PPP Server Denial Of Service Vulnerability

Secunia Advisory: SA14570

Ben Martel and Stephen Blackheath have reported a vulnerability in the Linux kernel, which can be exploited by malicious people to cause a DoS (Denial of Service).

The vulnerability is caused due to an error within the LCP (Link Control Protocol) parsing in the “ppp_async.c” driver and can be exploited by pppd clients to cause the server to hang.

Release Date: 2005-03-16
Critical: Moderately critical
Impact: DoS
Where: From remote
Solution Status: Vendor Patch
OS: Linux Kernel 2.6.x

Solution: Update to version 2.6.11.4.
http://kernel.org/

[Secunia Advisory: SA14570]