hubertf's NetBSD Blog
Send interesting links to hubert at feyrer dot de!
 
[20080826] PPPoE Security Advisory
NetBSD's NetBSD-SA2008-010 security advisory describes a vulnerability where a malicious PPPoE discovery packet can overrun a kernel buffer: ``A bug in range checking allows a malicious packet to make the kernel access memory outside of the allocated buffer and cause a kernel crash. It is currently unclear if this issue could be exploited any further than denial of service.''

See the Security Advisory for more technical details as well as how to fix your kernel.

[Tags: , ]


Disclaimer: All opinion expressed here is purely my own. No responsibility is taken for anything.

Access count: 34976395
Copyright (c) Hubert Feyrer