7.5
CVE-2026-53003
- EPSS 0.51%
- Veröffentlicht 24.06.2026 16:29:15
- Zuletzt bearbeitet 10.07.2026 19:24:19
- Quelle 416baaa9-dc9f-4396-8d5f-8c081f
- CVE-Watchlists
- Unerledigt
pppoe: drop PFC frames
In the Linux kernel, the following vulnerability has been resolved: pppoe: drop PFC frames RFC 2516 Section 7 states that Protocol Field Compression (PFC) is NOT RECOMMENDED for PPPoE. In practice, pppd does not support negotiating PFC for PPPoE sessions, and the current PPPoE driver assumes an uncompressed (2-byte) protocol field. However, the generic PPP layer function ppp_input() is not aware of the negotiation result, and still accepts PFC frames. If a peer with a broken implementation or an attacker sends a frame with a compressed (1-byte) protocol field, the subsequent PPP payload is shifted by one byte. This causes the network header to be 4-byte misaligned, which may trigger unaligned access exceptions on some architectures. To reduce the attack surface, drop PPPoE PFC frames. Introduce ppp_skb_is_compressed_proto() helper function to be used in both ppp_generic.c and pppoe.c to avoid open-coding.
Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).
HerstellerLinux
≫
Produkt
Linux
Default Statusunaffected
Version
7fb1b8ca8fa1ee34ffc328f17f78da68c7cc04e6
Version <
cb3beef35ab5e0c1afca9fd7648c6ae499786377
Status
affected
Version
7fb1b8ca8fa1ee34ffc328f17f78da68c7cc04e6
Version <
ba758fdf1399f310b30098b6faa3fd043de47dd2
Status
affected
Version
7fb1b8ca8fa1ee34ffc328f17f78da68c7cc04e6
Version <
fcca1df05322bb04e344dd1178b54b76a08eb7c3
Status
affected
Version
7fb1b8ca8fa1ee34ffc328f17f78da68c7cc04e6
Version <
8a5e840babc5c0fbd10c73728a13192347771ec6
Status
affected
Version
7fb1b8ca8fa1ee34ffc328f17f78da68c7cc04e6
Version <
49e41b60ccd1bdbe9e218420f716dd5f9a2f9c71
Status
affected
Version
7fb1b8ca8fa1ee34ffc328f17f78da68c7cc04e6
Version <
0cab5d077dd1efd2bd1a47271acc35894f945b4f
Status
affected
Version
7fb1b8ca8fa1ee34ffc328f17f78da68c7cc04e6
Version <
2b5c3c040d020e3ab3b9a8887031202d96843b1e
Status
affected
Version
7fb1b8ca8fa1ee34ffc328f17f78da68c7cc04e6
Version <
cc1ff87bce1ccd38410ab10960f576dcd17db679
Status
affected
HerstellerLinux
≫
Produkt
Linux
Default Statusaffected
Version
5.0
Status
affected
Version
0
Version <
5.0
Status
unaffected
Version <=
5.10.*
Version
5.10.258
Status
unaffected
Version <=
5.15.*
Version
5.15.209
Status
unaffected
Version <=
6.1.*
Version
6.1.175
Status
unaffected
Version <=
6.6.*
Version
6.6.141
Status
unaffected
Version <=
6.12.*
Version
6.12.91
Status
unaffected
Version <=
6.18.*
Version
6.18.33
Status
unaffected
Version <=
7.0.*
Version
7.0.10
Status
unaffected
Version <=
*
Version
7.1
Status
unaffected
VulnDex Vulnerability Enrichment
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.51% | 0.395 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| 416baaa9-dc9f-4396-8d5f-8c081fb06d67 | 7.5 | 3.9 | 3.6 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
|
https://git.kernel.org/stable/c/cb3beef35ab5e0c1afca9fd7648c6ae499786377
https://git.kernel.org/stable/c/ba758fdf1399f310b30098b6faa3fd043de47dd2
https://git.kernel.org/stable/c/fcca1df05322bb04e344dd1178b54b76a08eb7c3
https://git.kernel.org/stable/c/8a5e840babc5c0fbd10c73728a13192347771ec6
https://git.kernel.org/stable/c/49e41b60ccd1bdbe9e218420f716dd5f9a2f9c71
https://git.kernel.org/stable/c/0cab5d077dd1efd2bd1a47271acc35894f945b4f
https://git.kernel.org/stable/c/2b5c3c040d020e3ab3b9a8887031202d96843b1e
https://git.kernel.org/stable/c/cc1ff87bce1ccd38410ab10960f576dcd17db679