NetBSD In-Kernel PPP Multiple Buffer Overflow Vulnerabilities

NetBSD In-Kernel PPP Multiple Buffer Overflow Vulnerabilities

NetBSD's PPP implementation is prone to multiple remote buffer-overflow vulnerabilities because the software fails to properly bounds-check user-supplied data before copying it to an insufficiently sized memory buffer.

A remote attacker can exploit these issues to crash the affected computer, denying service to legitimate users. Arbitrary code execution is possible, but this has not been confirmed.