CVE-2020-4067: Improper Initialization in coturn
First published: Mon Jun 29 2020(Updated: )
In coturn before version 4.5.1.3, there is an issue whereby STUN/TURN response buffer is not initialized properly. There is a leak of information between different client connections. One client (an attacker) could use their connection to intelligently query coturn to get interesting bytes in the padding bytes from the connection of another client. This has been fixed in 4.5.1.3.
Credit: security-advisories@github.com security-advisories@github.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| ubuntu/coturn | <4.5.0.7-1ubuntu2.18.04.2 | 4.5.0.7-1ubuntu2.18.04.2 |
| ubuntu/coturn | <4.5.1.1-1.1ubuntu0.19.10.1 | 4.5.1.1-1.1ubuntu0.19.10.1 |
| ubuntu/coturn | <4.5.1.1-1.1ubuntu0.20.04.1 | 4.5.1.1-1.1ubuntu0.20.04.1 |
| ubuntu/coturn | <4.5.1.3-1 | 4.5.1.3-1 |
| ubuntu/coturn | <4.5.0.3-1ubuntu0.3 | 4.5.0.3-1ubuntu0.3 |
| debian/coturn | 4.5.2-3 4.6.1-1 4.6.1-2 | |
| coturn | <4.5.1.3 | |
| Debian Debian Linux | =8.0 | |
| Debian Debian Linux | =9.0 | |
| Debian Debian Linux | =10.0 | |
| Fedoraproject Fedora | =31 | |
| Fedoraproject Fedora | =32 | |
| Ubuntu Linux | =16.04 | |
| Ubuntu Linux | =18.04 | |
| Ubuntu Linux | =19.10 | |
| Ubuntu Linux | =20.04 | |
| openSUSE | =15.2 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00010.html
- https://github.com/coturn/coturn/blob/aab60340b201d55c007bcdc853230f47aa2dfdf1/ChangeLog#L15
- https://github.com/coturn/coturn/issues/583
- https://github.com/coturn/coturn/security/advisories/GHSA-c8r8-8vp5-6gcm
- https://lists.debian.org/debian-lts-announce/2020/07/msg00002.html
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5G35UBNSRLL6SYRTODYTMBJ65TLQILUM/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TNJJO77ZLGGFJWNUGP6VDG5HPAC5UDBK/
- https://usn.ubuntu.com/4415-1/
- https://www.debian.org/security/2020/dsa-4711
- https://launchpad.net/bugs/cve/CVE-2020-4067
- https://github.com/coturn/coturn/commit/170da1140797748ae85565b5a93a2e35e7b07b6a
- https://security-tracker.debian.org/tracker/CVE-2020-4067
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5G35UBNSRLL6SYRTODYTMBJ65TLQILUM/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TNJJO77ZLGGFJWNUGP6VDG5HPAC5UDBK/
- https://ubuntu.com/security/notices/USN-4415-1
- https://www.cve.org/CVERecord?id=CVE-2020-4067
- https://nvd.nist.gov/vuln/detail/CVE-2020-4067
- https://ubuntu.com/security/CVE-2020-4067
- agent/author
- agent/type
- collector/launchpad-cve
- source/Launchpad
- agent/weakness
- agent/description
- agent/first-publish-date
- collector/mitre-cve
- source/MITRE
- agent/title
- agent/severity
- agent/last-modified-date
- collector/usn-cve
- source/Ubuntu
- agent/software-canonical-lookup
- agent/references
- collector/security-tracker-debian
- source/Debian
- agent/event
- agent/trending
- agent/source
- agent/softwarecombine
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- collector/nvd-cve
- source/NVD
- package-manager/ubuntu
- package-manager/debian
- vendor/coturn project
- canonical/coturn
- vendor/debian
- canonical/debian debian linux
- version/debian debian linux/8.0
- version/debian debian linux/9.0
- version/debian debian linux/10.0
- vendor/fedoraproject
- canonical/fedoraproject fedora
- version/fedoraproject fedora/31
- version/fedoraproject fedora/32
- vendor/canonical
- canonical/ubuntu linux
- version/ubuntu linux/16.04
- version/ubuntu linux/18.04
- version/ubuntu linux/19.10
- version/ubuntu linux/20.04
- vendor/opensuse
- canonical/opensuse
- version/opensuse/15.2