VDB
CVE-2007-2525
CVE-2007-2525
PUBLISHED
CVSS 4.900000095367432 MEDIUM
Memory leak in the PPP over Ethernet (PPPoE) socket implementation in the Linux kernel before 2.6.21-git8 allows local users to cause a denial of service (memory consumption) by creating a socket using connect, and releasing it before the PPPIOCGCHAN ioctl is initialized.
EPSS 0.11% · 29.6th percentile
Risk Scores
CVSS 2.0
4.900000095367432
EPSS Score
0.11%
29.6th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| n/a | n/a | * |
| linux | linux_kernel | 0 |
Timeline
- May 8, 2007 CVE Published
- Feb 4, 2022 EPSS Score
- Mar 29, 2022 EPSS Score
- May 1, 2022 CVE Updated
- May 20, 2022 EPSS Score
- Jul 12, 2022 EPSS Score
- Sep 4, 2022 EPSS Score
- Oct 26, 2022 EPSS Score
- Dec 18, 2022 EPSS Score
- Feb 9, 2023 EPSS Score
- Mar 7, 2023 EPSS Score
- Apr 3, 2023 EPSS Score
References
- http://kernel.org/pub/linux/kernel/v2.6/snapshots/patch-2.6.21-git8.log url
- ADV-2007-1703 vdb
- 27227 third-party-advisory
- 26664 third-party-advisory
- SUSE-SA:2007:051 vendor-advisory
- SUSE-SA:2007:053 vendor-advisory
- 26289 third-party-advisory
- 23870 vdb
- oval:org.mitre.oval:def:10594 vdb
- 25838 third-party-advisory
- MDKSA-2007:171 vendor-advisory
- USN-510-1 vendor-advisory
- DSA-1504 vendor-advisory
- DSA-1356 vendor-advisory
- MDKSA-2007:216 vendor-advisory
- 26620 third-party-advisory
- USN-489-1 vendor-advisory
- kernel-pppoe-dos(34150) vdb
- MDKSA-2007:196 vendor-advisory
- 25163 third-party-advisory
…and 11 more