CVE-2007-2525 — Vulnetix

Try Vulnetix Request Demo

CVE-2007-2525 PUBLISHED CVSS 4.900000095367432 MEDIUM

Memory leak in the PPP over Ethernet (PPPoE) socket implementation in the Linux kernel before 2.6.21-git8 allows local users to cause a denial of service (memory consumption) by creating a socket using connect, and releasing it before the PPPIOCGCHAN ioctl is initialized.

EPSS 0.11% · 30.0th percentile

Risk Scores

CVSS v2.0

4.900000095367432

EPSS Score

0.11%

30.0th percentile

Affected Products

Vendor	Product	Versions
n/a	n/a	*
linux	linux_kernel	0

Timeline

May 8, 2007 CVE Published
Feb 4, 2022 EPSS Score
Mar 28, 2022 EPSS Score
May 19, 2022 EPSS Score
Jul 10, 2022 EPSS Score
Sep 1, 2022 EPSS Score
Oct 23, 2022 EPSS Score
Dec 14, 2022 EPSS Score
Feb 4, 2023 EPSS Score
Mar 7, 2023 EPSS Score
Mar 28, 2023 EPSS Score
May 19, 2023 EPSS Score

References

http://kernel.org/pub/linux/kernel/v2.6/snapshots/patch-2.6.21-git8.log url
ADV-2007-1703 vdb
27227 third-party-advisory
26664 third-party-advisory
SUSE-SA:2007:051 vendor-advisory
SUSE-SA:2007:053 vendor-advisory
26289 third-party-advisory
23870 vdb
oval:org.mitre.oval:def:10594 vdb
25838 third-party-advisory
MDKSA-2007:171 vendor-advisory
USN-510-1 vendor-advisory
DSA-1504 vendor-advisory
DSA-1356 vendor-advisory
MDKSA-2007:216 vendor-advisory
26620 third-party-advisory
USN-489-1 vendor-advisory
kernel-pppoe-dos(34150) vdb
MDKSA-2007:196 vendor-advisory
25163 third-party-advisory

…and 11 more

Open in Interactive Console →