VYPR
Unrated severityNVD Advisory· Published Jul 29, 2024· Updated Nov 3, 2025

ppp: reject claimed-as-LCP but actually malformed packets

CVE-2024-41044

Description

In the Linux kernel, the following vulnerability has been resolved:

ppp: reject claimed-as-LCP but actually malformed packets

Since 'ppp_async_encode()' assumes valid LCP packets (with code from 1 to 7 inclusive), add 'ppp_check_packet()' to ensure that LCP packet has an actual body beyond PPP_LCP header bytes, and reject claimed-as-LCP but actually malformed data otherwise.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

185

Patches

Vulnerability mechanics

References

8

News mentions

0

No linked articles in our index yet.