CVE-2024-41044

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2024-41044
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-41044.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2024-41044
Downstream
Related
Published
2024-07-29T14:32:02.126Z
Modified
2026-03-13T07:57:16.001843Z
Summary
ppp: reject claimed-as-LCP but actually malformed packets
Details

In the Linux kernel, the following vulnerability has been resolved:

ppp: reject claimed-as-LCP but actually malformed packets

Since 'pppasyncencode()' assumes valid LCP packets (with code from 1 to 7 inclusive), add 'pppcheckpacket()' to ensure that LCP packet has an actual body beyond PPP_LCP header bytes, and reject claimed-as-LCP but actually malformed data otherwise.

Database specific 
{
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2024/41xxx/CVE-2024-41044.json",
    "cna_assigner": "Linux"
}
References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
1da177e4c3f41524e886b7f1b8a0c1fc7321cac2
Fixed
97d1efd8be26615ff680cdde86937d5943138f37
Fixed
6e8f1c21174f9482033bbb59f13ce1a8cbe843c3
Fixed
3ba12c2afd933fc1bf800f6d3f6c7ec8f602ce56
Fixed
ebc5c630457783d17d0c438b0ad70b232a64a82f
Fixed
3134bdf7356ed952dcecb480861d2afcc1e40492
Fixed
099502ca410922b56353ccef2749bc0de669da78
Fixed
d683e7f3fc48f59576af34631b4fb07fd931343e
Fixed
f2aeb7306a898e1cbd03963d376f4b6656ca2b55

Database specific

source 
"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-41044.json"