Unrated severityNVD Advisory· Published Mar 16, 2022· Updated Sep 17, 2024

Buffer Overflow via crafted client request in Accel-PPP v1.12

CVE-2022-0982

Description

The telnet_input_char function in opt/src/accel-pppd/cli/telnet.c suffers from a memory corruption vulnerability, whereby user input cmdline_len is copied into a fixed buffer b->buf without any bound checks. If the server connects with a malicious client, crafted client requests can remotely trigger this vulnerability.

Affected products

accel-ppp/accel-pppllm-create
https://accel-ppp.org//Accel-PPPv5
Range: 1.12

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

github.com/xebd/accel-ppp/issues/164mitrex_refsource_MISC

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000