CVE-2010-2495

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 2.6.34

Description The issue is related to the L2TP implementation in the Linux kernel, specifically the pppol2tp xmit function in drivers/net/pppol2tp.c. It does not properly validate certain values associated with an interface. This can be exploited by attackers to cause a denial of service, resulting in a NULL pointer dereference and OOPS, or possibly have other unspecified impacts. The attack vectors are related to a routing change.

Recommendations For Linux kernel versions prior to 2.6.34, update to version 2.6.34 or later to resolve the issue.