CVE-2020-6019
First published: Fri Nov 13 2020(Updated: )
Valve's Game Networking Sockets prior to version v1.2.0 improperly handles inlined statistics messages in function CConnectionTransportUDPBase::Received_Data(), leading to an exception thrown from libprotobuf and resulting in a crash.
Credit: cve@checkpoint.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Valvesoftware Game Networking Sockets | <1.2.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is CVE-2020-6019?
CVE-2020-6019 is a vulnerability in Valve's Game Networking Sockets prior to version v1.2.0 that improperly handles inlined statistics messages, leading to a crash.
How severe is CVE-2020-6019?
CVE-2020-6019 has a severity value of 7.5, which is considered high.
How does CVE-2020-6019 impact the affected software?
CVE-2020-6019 can result in a crash of Valve's Game Networking Sockets prior to version v1.2.0 when inlined statistics messages are improperly handled.
How can I fix CVE-2020-6019?
To fix CVE-2020-6019, upgrade to version v1.2.0 or newer of Valve's Game Networking Sockets.
Are there any references for CVE-2020-6019?
Yes, you can find references for CVE-2020-6019 at the following links: [link1](https://github.com/ValveSoftware/GameNetworkingSockets/commit/d944a10808891d202bb1d5e1998de6e0423af678), [link2](https://research.checkpoint.com/2020/game-on-finding-vulnerabilities-in-valves-steam-sockets/).
- collector/nvd-index
- agent/references
- agent/type
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/remedy
- agent/weakness
- agent/author
- agent/severity
- agent/tags
- agent/description
- agent/first-publish-date
- agent/event
- agent/source
- vendor/valvesoftware
- canonical/valvesoftware game networking sockets