Several Linux-based operating systems have been affected by a 17-year old remote code execution (RCE) flaw which affects Point-to-Point Protocol daemon (pppd) software. Pppd software not only comes pre-installed in most of the Linux systems but also powers the firmware of popular networking devices.
The RCE flaw has been discovered by Ija Van Sprundel, an IOActive security researcher. The critical flaw is a stack buffer overflow vulnerability that arises due to a logical error in the Extensible Authentication Protocol (EAP) packet parser of the daemon software.
A hacker can exploit the flaw and execute arbitrary code on an affected system remotely thus taking over the full control of the system. The flaw can be exploited by sending a crooked EAP packer to the target pppd client or server.
What makes the vulnerability highly severe is the fact that point-to-point protocol daemon often has high privileges. Thus, if a hacker takes control over a server by exploiting the flaw, he could gain access to root-level privileges.
Affected Linux Operating Systems & Devices
As per Mr. Sprundel, the flaw persists through pppd versions 2.4.2 through 2.4.8 or all the versions released in the last 17 years. He has confirmed that the following Linux distributions have been affected by the pppd flaw:
- SUSE Linux
- Red Hat Enterprise Linux
Additionally, the following devices also ship the affected versions of pppd and are vulnerable to attack:
- TP-LINK products
- Synology products
- Cisco CallManager
- OpenWRT Embedded OS
We advise our readers to update their systems as soon as the patch is available to evade a potential attack.