CVE-2023-52557
7.5HIGHIn OpenBSD 7.3 before errata 016, npppd(8) could crash by a l2tp message which has an AVP (Attribute-Value Pair) with wrong length.
Publicado: 3/1/2024Actualizado: 10/10/2025
Descripción
In OpenBSD 7.3 before errata 016, npppd(8) could crash by a l2tp message which has an AVP (Attribute-Value Pair) with wrong length.
Análisis IAImpulsado por IA
Productos Afectados
openbsdopenbsd
openbsdopenbsd
7.3
openbsdopenbsd
7.3
openbsdopenbsd
7.3
openbsdopenbsd
7.3
openbsdopenbsd
7.3
openbsdopenbsd
7.3
openbsdopenbsd
7.3
openbsdopenbsd
7.3
openbsdopenbsd
7.3
openbsdopenbsd
7.3
openbsdopenbsd
7.3
openbsdopenbsd
7.3
openbsdopenbsd
7.3
openbsdopenbsd
7.3
openbsdopenbsd
7.3
openbsdopenbsd
7.3
Referencias
- https://ftp.openbsd.org/pub/OpenBSD/patches/7.3/common/016_npppd.patch.sigPatch
- https://github.com/openbsd/src/commit/abf3a29384c582c807a621e7fc6e7c68d0cafe9bPatch
- https://ftp.openbsd.org/pub/OpenBSD/patches/7.3/common/016_npppd.patch.sigPatch
- https://github.com/openbsd/src/commit/abf3a29384c582c807a621e7fc6e7c68d0cafe9bPatch