mirror of
https://github.com/0xMarcio/cve.git
synced 2026-03-28 01:50:39 +01:00
833 B
833 B
CVE-2015-8569
Description
The (1) pptp_bind and (2) pptp_connect functions in drivers/net/ppp/pptp.c in the Linux kernel through 4.3.3 do not verify an address length, which allows local users to obtain sensitive information from kernel memory and bypass the KASLR protection mechanism via a crafted application.