CVE-2020-25643
kernel: improper input validation in ppp_cp_parse_cr function leads to memory corruption and read overflow
Severity Score
7.2
*CVSS v3.1
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
A flaw was found in the HDLC_PPP module of the Linux kernel in versions before 5.9-rc7. Memory corruption and a read overflow is caused by improper input validation in the ppp_cp_parse_cr function which can cause the system to crash or cause a denial of service. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
Se encontró un fallo de corrupción de la memoria en el kernel de Linux en versiones anteriores a 5.9-rc7, en el módulo HDLC_PPP en la manera en que recibe paquetes malformados por el protocolo PPP. Un usuario remoto podría usar este fallo para bloquear el sistema o causar una denegación de servicio
A flaw was found in the HDLC_PPP module of the Linux kernel. Memory corruption and a read overflow is caused by improper input validation in the ppp_cp_parse_cr function which can cause the system to crash or cause a denial of service. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2020-09-16 CVE Reserved
- 2020-10-06 CVE Published
- 2024-08-04 CVE Updated
- 2024-08-27 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-20: Improper Input Validation
CAPEC
References (11)
| URL | Tag | Source |
|---|---|---|
| https://lists.debian.org/debian-lts-announce/2020/10/msg00028.html | Mailing List |
|
| https://lists.debian.org/debian-lts-announce/2020/10/msg00032.html | Mailing List |
|
| https://lists.debian.org/debian-lts-announce/2020/10/msg00034.html | Mailing List |
|
| https://security.netapp.com/advisory/ntap-20201103-0002 | Third Party Advisory |
|
| https://www.starwindsoftware.com/security/sw-20210325-0002 | Third Party Advisory |
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Netapp Search vendor "Netapp" | H410c Firmware Search vendor "Netapp" for product "H410c Firmware" | - | - |
Affected
| in | Netapp Search vendor "Netapp" | H410c Search vendor "Netapp" for product "H410c" | - | - |
Safe
|
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 2.6.29 < 4.4.238 Search vendor "Linux" for product "Linux Kernel" and version " >= 2.6.29 < 4.4.238" | - |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 4.5 < 4.9.238 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.5 < 4.9.238" | - |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 4.10 < 4.14.200 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.10 < 4.14.200" | - |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 4.15 < 4.19.148 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.15 < 4.19.148" | - |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 4.20 < 5.4.68 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.20 < 5.4.68" | - |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 5.5 < 5.8.12 Search vendor "Linux" for product "Linux Kernel" and version " >= 5.5 < 5.8.12" | - |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | 5.9.0 Search vendor "Linux" for product "Linux Kernel" and version "5.9.0" | rc1 |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | 5.9.0 Search vendor "Linux" for product "Linux Kernel" and version "5.9.0" | rc2 |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | 5.9.0 Search vendor "Linux" for product "Linux Kernel" and version "5.9.0" | rc3 |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | 5.9.0 Search vendor "Linux" for product "Linux Kernel" and version "5.9.0" | rc4 |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | 5.9.0 Search vendor "Linux" for product "Linux Kernel" and version "5.9.0" | rc5 |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | 5.9.0 Search vendor "Linux" for product "Linux Kernel" and version "5.9.0" | rc6 |
Affected
| ||||||
| Redhat Search vendor "Redhat" | Enterprise Linux Search vendor "Redhat" for product "Enterprise Linux" | 7.0 Search vendor "Redhat" for product "Enterprise Linux" and version "7.0" | - |
Affected
| ||||||
| Redhat Search vendor "Redhat" | Enterprise Linux Search vendor "Redhat" for product "Enterprise Linux" | 8.0 Search vendor "Redhat" for product "Enterprise Linux" and version "8.0" | - |
Affected
| ||||||
| Opensuse Search vendor "Opensuse" | Leap Search vendor "Opensuse" for product "Leap" | 15.1 Search vendor "Opensuse" for product "Leap" and version "15.1" | - |
Affected
| ||||||
| Debian Search vendor "Debian" | Debian Linux Search vendor "Debian" for product "Debian Linux" | 9.0 Search vendor "Debian" for product "Debian Linux" and version "9.0" | - |
Affected
| ||||||
| Debian Search vendor "Debian" | Debian Linux Search vendor "Debian" for product "Debian Linux" | 10.0 Search vendor "Debian" for product "Debian Linux" and version "10.0" | - |
Affected
| ||||||
| Opensuse Search vendor "Opensuse" | Leap Search vendor "Opensuse" for product "Leap" | 15.2 Search vendor "Opensuse" for product "Leap" and version "15.2" | - |
Affected
| ||||||
| Starwindsoftware Search vendor "Starwindsoftware" | Starwind Virtual San Search vendor "Starwindsoftware" for product "Starwind Virtual San" | v8 Search vendor "Starwindsoftware" for product "Starwind Virtual San" and version "v8" | build12533, vsphere |
Affected
| ||||||
| Starwindsoftware Search vendor "Starwindsoftware" | Starwind Virtual San Search vendor "Starwindsoftware" for product "Starwind Virtual San" | v8 Search vendor "Starwindsoftware" for product "Starwind Virtual San" and version "v8" | build12658, vsphere |
Affected
| ||||||
| Starwindsoftware Search vendor "Starwindsoftware" | Starwind Virtual San Search vendor "Starwindsoftware" for product "Starwind Virtual San" | v8 Search vendor "Starwindsoftware" for product "Starwind Virtual San" and version "v8" | build12859, vsphere |
Affected
| ||||||
| Starwindsoftware Search vendor "Starwindsoftware" | Starwind Virtual San Search vendor "Starwindsoftware" for product "Starwind Virtual San" | v8 Search vendor "Starwindsoftware" for product "Starwind Virtual San" and version "v8" | build13170, vsphere |
Affected
| ||||||
| Starwindsoftware Search vendor "Starwindsoftware" | Starwind Virtual San Search vendor "Starwindsoftware" for product "Starwind Virtual San" | v8 Search vendor "Starwindsoftware" for product "Starwind Virtual San" and version "v8" | build13586, vsphere |
Affected
| ||||||
| Starwindsoftware Search vendor "Starwindsoftware" | Starwind Virtual San Search vendor "Starwindsoftware" for product "Starwind Virtual San" | v8 Search vendor "Starwindsoftware" for product "Starwind Virtual San" and version "v8" | build13861, vsphere |
Affected
| ||||||