tech-security archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

Re: NetBSD Security Advisory 2008-010: Malicious PPPoE discovery packet can overrun a kernel buffer

NetBSD Security-Officer <> writes:
> Solutions and Workarounds
> =========================
> The pseudo-device pppoe is present in GENERIC kernels.  The system must
> be configured with a pppoe(4) instance.
> For all NetBSD versions, you need to obtain fixed kernel sources,
> rebuild and install the new kernel, and reboot the system.

This text is ambiguous -- a naive reader might not understand that if
there are no pppoe instances the kernel cannot be attacked.

Perry E. Metzger      

Home | Main Index | Thread Index | Old Index