An update for ppp is now available for openEuler-24.03-LTS-SP1,openEuler-20.03-LTS-SP4,openEuler-22.03-LTS-SP3,openEuler-22.03-LTS-SP4,openEuler-24.03-LTS Security Advisory openeuler-security@openeuler.org openEuler security committee openEuler-SA-2025-1479 Final 1.0 1.0 2025-05-09 Initial 2025-05-09 2025-05-09 openEuler SA Tool V1.0 2025-05-09 ppp security update An update for ppp is now available for openEuler-24.03-LTS-SP1,openEuler-20.03-LTS-SP4,openEuler-22.03-LTS-SP3,openEuler-22.03-LTS-SP4,openEuler-24.03-LTS The Point-to-Point Protocol (PPP) provides a standard way to establish a network connection over a serial link. At present, this package supports IP and IPV6 and the protocols layered above them, such as TCP and UDP. The Linux port of this package also has support for IPX. Security Fix(es): The passprompt plugin in pppd in ppp before 2.5.2 mishandles privileges.(CVE-2024-58250) An update for ppp is now available for openEuler-24.03-LTS-SP1,openEuler-20.03-LTS-SP4,openEuler-22.03-LTS-SP3,openEuler-22.03-LTS-SP4,openEuler-24.03-LTS. openEuler Security has rated this update as having a security impact of critical. A Common Vunlnerability Scoring System(CVSS)base score,which gives a detailed severity rating, is available for each vulnerability from the CVElink(s) in the References section. Critical ppp https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1479 https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2024-58250 https://nvd.nist.gov/vuln/detail/CVE-2024-58250 openEuler-24.03-LTS-SP1 openEuler-20.03-LTS-SP4 openEuler-22.03-LTS-SP3 openEuler-22.03-LTS-SP4 openEuler-24.03-LTS ppp-2.5.0-5.oe2403sp1.aarch64.rpm ppp-debuginfo-2.5.0-5.oe2403sp1.aarch64.rpm ppp-debugsource-2.5.0-5.oe2403sp1.aarch64.rpm ppp-devel-2.5.0-5.oe2403sp1.aarch64.rpm ppp-2.4.8-8.oe2003sp4.aarch64.rpm ppp-debuginfo-2.4.8-8.oe2003sp4.aarch64.rpm ppp-debugsource-2.4.8-8.oe2003sp4.aarch64.rpm ppp-devel-2.4.8-8.oe2003sp4.aarch64.rpm ppp-2.4.9-8.oe2203sp3.aarch64.rpm ppp-debuginfo-2.4.9-8.oe2203sp3.aarch64.rpm ppp-debugsource-2.4.9-8.oe2203sp3.aarch64.rpm ppp-devel-2.4.9-8.oe2203sp3.aarch64.rpm ppp-2.4.9-8.oe2203sp4.aarch64.rpm ppp-debuginfo-2.4.9-8.oe2203sp4.aarch64.rpm ppp-debugsource-2.4.9-8.oe2203sp4.aarch64.rpm ppp-devel-2.4.9-8.oe2203sp4.aarch64.rpm ppp-2.5.0-5.oe2403.aarch64.rpm ppp-debuginfo-2.5.0-5.oe2403.aarch64.rpm ppp-debugsource-2.5.0-5.oe2403.aarch64.rpm ppp-devel-2.5.0-5.oe2403.aarch64.rpm ppp-2.5.0-5.oe2403sp1.src.rpm ppp-2.4.8-8.oe2003sp4.src.rpm ppp-2.4.9-8.oe2203sp3.src.rpm ppp-2.4.9-8.oe2203sp4.src.rpm ppp-2.5.0-5.oe2403.src.rpm ppp-2.5.0-5.oe2403sp1.x86_64.rpm ppp-debuginfo-2.5.0-5.oe2403sp1.x86_64.rpm ppp-debugsource-2.5.0-5.oe2403sp1.x86_64.rpm ppp-devel-2.5.0-5.oe2403sp1.x86_64.rpm ppp-2.4.8-8.oe2003sp4.x86_64.rpm ppp-debuginfo-2.4.8-8.oe2003sp4.x86_64.rpm ppp-debugsource-2.4.8-8.oe2003sp4.x86_64.rpm ppp-devel-2.4.8-8.oe2003sp4.x86_64.rpm ppp-2.4.9-8.oe2203sp3.x86_64.rpm ppp-debuginfo-2.4.9-8.oe2203sp3.x86_64.rpm ppp-debugsource-2.4.9-8.oe2203sp3.x86_64.rpm ppp-devel-2.4.9-8.oe2203sp3.x86_64.rpm ppp-2.4.9-8.oe2203sp4.x86_64.rpm ppp-debuginfo-2.4.9-8.oe2203sp4.x86_64.rpm ppp-debugsource-2.4.9-8.oe2203sp4.x86_64.rpm ppp-devel-2.4.9-8.oe2203sp4.x86_64.rpm ppp-2.5.0-5.oe2403.x86_64.rpm ppp-debuginfo-2.5.0-5.oe2403.x86_64.rpm ppp-debugsource-2.5.0-5.oe2403.x86_64.rpm ppp-devel-2.5.0-5.oe2403.x86_64.rpm ppp-help-2.5.0-5.oe2403sp1.noarch.rpm ppp-help-2.4.8-8.oe2003sp4.noarch.rpm ppp-help-2.4.9-8.oe2203sp3.noarch.rpm ppp-help-2.4.9-8.oe2203sp4.noarch.rpm ppp-help-2.5.0-5.oe2403.noarch.rpm The passprompt plugin in pppd in ppp before 2.5.2 mishandles privileges. 2025-05-09 CVE-2024-58250 openEuler-24.03-LTS-SP1 openEuler-20.03-LTS-SP4 openEuler-22.03-LTS-SP3 openEuler-22.03-LTS-SP4 openEuler-24.03-LTS Critical 9.3 AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H ppp security update 2025-05-09 https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1479