CVE-2024-41044

ppp: reject claimed-as-LCP but actually malformed packets

Severity Score

4.9

*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

Track

*SSVC

Descriptions

In the Linux kernel, the following vulnerability has been resolved:

ppp: reject claimed-as-LCP but actually malformed packets

Since 'ppp_async_encode()' assumes valid LCP packets (with code
from 1 to 7 inclusive), add 'ppp_check_packet()' to ensure that
LCP packet has an actual body beyond PPP_LCP header bytes, and
reject claimed-as-LCP but actually malformed data otherwise.

*Credits: N/A

CVSS Scores

Red Hatv3.1 4.9

Attack Vector

Network

Attack Complexity

Low

Privileges Required

High

User Interaction

None

Scope

Unchanged

Confidentiality

None

Integrity

None

Availability

High

* Common Vulnerability Scoring System

SSVC

Decision:Track

Exploitation

None

Automatable

Tech. Impact

Partial

* Organization's Worst-case Scenario

Timeline

2024-07-12 CVE Reserved
2024-07-29 CVE Published
2024-07-30 EPSS Updated
2024-11-05 CVE Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CWE-20: Improper Input Validation

CAPEC

References (11)

URL	Tag	Source
https://git.kernel.org/stable/c/1da177e4c3f41524e886b7f1b8a0c1fc7321cac2	Vuln. Introduced

URL	Date	SRC

URL	Date	SRC
https://git.kernel.org/stable/c/97d1efd8be26615ff680cdde86937d5943138f37	2024-07-18
https://git.kernel.org/stable/c/6e8f1c21174f9482033bbb59f13ce1a8cbe843c3	2024-07-18
https://git.kernel.org/stable/c/3ba12c2afd933fc1bf800f6d3f6c7ec8f602ce56	2024-07-18
https://git.kernel.org/stable/c/ebc5c630457783d17d0c438b0ad70b232a64a82f	2024-07-18
https://git.kernel.org/stable/c/3134bdf7356ed952dcecb480861d2afcc1e40492	2024-07-18
https://git.kernel.org/stable/c/099502ca410922b56353ccef2749bc0de669da78	2024-07-18
https://git.kernel.org/stable/c/d683e7f3fc48f59576af34631b4fb07fd931343e	2024-07-18
https://git.kernel.org/stable/c/f2aeb7306a898e1cbd03963d376f4b6656ca2b55	2024-07-11

URL	Date	SRC
https://access.redhat.com/security/cve/CVE-2024-41044	2024-09-24
https://bugzilla.redhat.com/show_bug.cgi?id=2300414	2024-09-24

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 2.6.12 < 4.19.318 Search vendor "Linux" for product "Linux Kernel" and version " >= 2.6.12 < 4.19.318"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 2.6.12 < 5.4.280 Search vendor "Linux" for product "Linux Kernel" and version " >= 2.6.12 < 5.4.280"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 2.6.12 < 5.10.222 Search vendor "Linux" for product "Linux Kernel" and version " >= 2.6.12 < 5.10.222"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 2.6.12 < 5.15.163 Search vendor "Linux" for product "Linux Kernel" and version " >= 2.6.12 < 5.15.163"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 2.6.12 < 6.1.100 Search vendor "Linux" for product "Linux Kernel" and version " >= 2.6.12 < 6.1.100"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 2.6.12 < 6.6.41 Search vendor "Linux" for product "Linux Kernel" and version " >= 2.6.12 < 6.6.41"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 2.6.12 < 6.9.10 Search vendor "Linux" for product "Linux Kernel" and version " >= 2.6.12 < 6.9.10"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 2.6.12 < 6.10 Search vendor "Linux" for product "Linux Kernel" and version " >= 2.6.12 < 6.10"		en		Affected