CVE-2024-41044

Source
https://nvd.nist.gov/vuln/detail/CVE-2024-41044
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-41044.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2024-41044
Downstream
Related
Published
2024-07-29T15:15:12Z
Modified
2025-08-09T20:01:26Z
Summary
[none]
Details

In the Linux kernel, the following vulnerability has been resolved:

ppp: reject claimed-as-LCP but actually malformed packets

Since 'pppasyncencode()' assumes valid LCP packets (with code from 1 to 7 inclusive), add 'pppcheckpacket()' to ensure that LCP packet has an actual body beyond PPP_LCP header bytes, and reject claimed-as-LCP but actually malformed data otherwise.

References

Affected packages