- Vulnerability/
- USN-3810-1
USN-3810-1: ppp vulnerability
First published: Tue Nov 06 2018(Updated: )
Ivan Gotovchits discovered that ppp incorrectly handled the EAP-TLS protocol. A remote attacker could use this issue to cause ppp to crash, resulting in a denial of service, or possibly bypass authentication.
| Affected Software | Affected Version | How to fix |
|---|---|---|
| All of | ||
| ubuntu/ppp | <2.4.7-2+2ubuntu1.1 | 2.4.7-2+2ubuntu1.1 |
| =18.04 | ||
| All of | ||
| ubuntu/ppp | <2.4.7-1+2ubuntu1.16.04.1 | 2.4.7-1+2ubuntu1.16.04.1 |
| =16.04 | ||
| All of | ||
| ubuntu/ppp | <2.4.5-5.1ubuntu2.3 | 2.4.5-5.1ubuntu2.3 |
| =14.04 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of USN-3810-1?
The severity of USN-3810-1 is high.
How does the ppp vulnerability affect Ubuntu 18.04?
The ppp vulnerability affects Ubuntu 18.04 and can cause ppp to crash or possibly bypass authentication.
How does the ppp vulnerability affect Ubuntu 16.04?
The ppp vulnerability affects Ubuntu 16.04 and can cause ppp to crash or possibly bypass authentication.
How does the ppp vulnerability affect Ubuntu 14.04?
The ppp vulnerability affects Ubuntu 14.04 and can cause ppp to crash or possibly bypass authentication.
How do I fix the ppp vulnerability?
To fix the ppp vulnerability, update to version 2.4.7-2+2ubuntu1.1 for Ubuntu 18.04, version 2.4.7-1+2ubuntu1.16.04.1 for Ubuntu 16.04, or version 2.4.5-5.1ubuntu2.3 for Ubuntu 14.04.
- agent/description
- agent/event
- agent/first-publish-date
- agent/last-modified-date
- agent/references
- agent/severity
- agent/softwarecombine
- agent/tags
- agent/title
- agent/type
- collector/usn
- source/Ubuntu
- agent/software-canonical-lookup
- package-manager/ubuntu
- vendor/ubuntu
- canonical/ubuntu ubuntu
- version/ubuntu ubuntu/18.04
- version/ubuntu ubuntu/16.04
- version/ubuntu ubuntu/14.04