suse · CVE-2015-3310

Quick triage

Priority: medium Published: 2021-05-30 13:29:51 UTC Updated: 2026-04-18 18:19:45 UTC

View at Official suse advisory, NVD, CVE.org · CVE detail

Freshness: upstream tracker timestamp is available; use API updated time as primary recency signal.

Tracker summary

CVE-2015-3310 severity moderate: SUSE including 24 source package names (ppp-2.4.5.git-2.31.7, ppp-2.4.7-150000.5.10.3, …), 53 product×package rows across 42 product lines (SUSE Linux Enterprise Desktop 12 SP1, SUSE Linux Enterprise Desktop 12 SP2, … (42 product lines)): Fixed 53.

Description:

Buffer overflow in the rc_mksid function in plugins/radius/util.c in Paul's PPP Package (ppp) 2.4.6 and earlier, when the PID for pppd is greater than 65535, allows remote attackers to cause a denial of service (crash) via a start accounting message to the RADIUS server.

cvelogic Threat Intelligence