Vulnerability - CVE-2024-58250

Name

CVE-2024-58250

Source

NVD ( link)Debian ( link)

Description

The passprompt plugin in pppd in ppp before 2.5.2 mishandles privileges.

CWEs

CWE-426

Published Date

Apr 22, 2025

Updated Date

Jun 17, 2026

Workaround

Advisories

Analysis#

Affected Component

Analysis

ppp

Patched

Vulnerability Ratings#

9.3

CVSSv31

NaN

other

Others affected components#

Name

Project

Project Version

Version

Status

ppp

yocto

kirkstone

2.4.9

Patched

ppp

yocto

master

2.5.3

Not Affected

Resolved with patches#

ppp (yocto:kirkstone)

Title

Author

Resolve

pppd: Remove passprompt plugin

Paul Mackerras <paulus@ozlabs.org>

CVE-2024-58250

ppp (yocto:scarthgap)

Title

Author

Resolve

pppd: Remove passprompt plugin

Paul Mackerras <paulus@ozlabs.org>

CVE-2024-58250