CVE-2008-2750

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 2.6.26-rc6

Description The issue allows remote attackers to cause a denial of service, resulting in kernel heap memory corruption and system crash, via a crafted PPPOL2TP packet. This packet causes a large value for a certain length variable in the pppol2tp recvmsg function.

Recommendations For Linux kernel versions prior to 2.6.26-rc6, update to version 2.6.26-rc6 or later to resolve the issue. As a temporary workaround, consider restricting access to the pppol2tp recvmsg function in drivers/net/pppol2tp.c to minimize the risk of exploitation.