Critical severity9.8OSV Advisory· Published Jun 14, 2018· Updated Jun 17, 2026
CVE-2018-11574
CVE-2018-11574
Description
Improper input validation together with an integer overflow in the EAP-TLS protocol implementation in PPPD may cause a crash, information disclosure, or authentication bypass. This implementation is distributed as a patch for PPPD 0.91, and includes the affected eap.c and eap-tls.c files. Configurations that use the refuse-app option are unaffected.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Range: ppp-2.0.4, ppp-2.1.1, ppp-2.1.2, …
Patches
Vulnerability mechanics
References
2- www.openwall.com/lists/oss-security/2018/06/11/1nvdMailing ListPatchThird Party Advisory
- usn.ubuntu.com/3810-1/nvdThird Party Advisory
News mentions
0No linked articles in our index yet.