CVE-2024-58250

EUVD-2025-12338
The passprompt plugin in pppd in ppp before 2.5.2 mishandles privileges.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
mitreCNA
9.3 CRITICAL
LOCAL
LOW
NONE
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: 11%
Early Detection
Affected products identified ahead of NVD analysis through intelligence sources.
VendorProductVersionSource
sambappp
𝑥
< 2.5.2
CNA
Debian logo
Debian Releases
Debian Product
Codename
ppp
bookworm
ignored
bullseye
ignored
forky
2.5.2-1+1.1
fixed
sid
2.5.2-1+1.1
fixed
trixie
2.5.2-1+1
fixed
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
ppp
bionic
ignored
focal
ignored
jammy
ignored
noble
ignored
oracular
ignored
plucky
not-affected
trusty
ignored
xenial
ignored
Amazon Linux logo
Amazon Linux Releases
Amazon Package
Release
ppp
Amazon Linux 1
0:2.4.5-11.10.amzn1
fixed
Amazon Linux 2
0:2.4.5-33.amzn2.0.4
fixed
ppp-debuginfo
Amazon Linux 1
0:2.4.5-11.10.amzn1
fixed
Amazon Linux 2
0:2.4.5-33.amzn2.0.4
fixed
ppp-devel
Amazon Linux 1
0:2.4.5-11.10.amzn1
fixed
Amazon Linux 2
0:2.4.5-33.amzn2.0.4
fixed