CVE-2020-8597: Buffer Overflow
First published: Mon Feb 03 2020(Updated: )
eap.c in pppd in ppp 2.4.2 through 2.4.8 has an rhostname buffer overflow in the eap_request and eap_response functions.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| debian/ppp | <=2.4.7-2+4.1<=2.4.7-1+4 | 2.4.8-1+1~exp1 2.4.7-2+4.1+deb10u1 2.4.7-1+4+deb9u1 |
| ubuntu/ppp | <2.4.7-2+2ubuntu1.2 | 2.4.7-2+2ubuntu1.2 |
| ubuntu/ppp | <2.4.7-2+4.1ubuntu4.1 | 2.4.7-2+4.1ubuntu4.1 |
| ubuntu/ppp | <2.4.7-2+4.1ubuntu5 | 2.4.7-2+4.1ubuntu5 |
| ubuntu/ppp | <2.4.7-2+4.1ubuntu5 | 2.4.7-2+4.1ubuntu5 |
| ubuntu/ppp | <2.4.7-2+4.1ubuntu5 | 2.4.7-2+4.1ubuntu5 |
| ubuntu/ppp | <2.4.7-2+4.1ubuntu5 | 2.4.7-2+4.1ubuntu5 |
| ubuntu/ppp | <2.4.7-2+4.1ubuntu5 | 2.4.7-2+4.1ubuntu5 |
| ubuntu/ppp | <2.4.7-2+4.1ubuntu5 | 2.4.7-2+4.1ubuntu5 |
| ubuntu/ppp | <2.4.7-2+4.1ubuntu5 | 2.4.7-2+4.1ubuntu5 |
| ubuntu/ppp | <2.4.7-2+4.1ubuntu5 | 2.4.7-2+4.1ubuntu5 |
| ubuntu/ppp | <2.4.7-2+4.1ubuntu5 | 2.4.7-2+4.1ubuntu5 |
| ubuntu/ppp | <2.4.5-5.1ubuntu2.3+ | 2.4.5-5.1ubuntu2.3+ |
| ubuntu/ppp | <2.4.7-1+2ubuntu1.16.04.2 | 2.4.7-1+2ubuntu1.16.04.2 |
| debian/lwip | 2.1.2+dfsg1-8+deb11u1 2.1.3+dfsg1-2 2.2.0+dfsg1-7 | |
| debian/ppp | 2.4.9-1+1 2.4.9-1+1.1 2.5.0-1+2 | |
| Siemens RUGGEDCOM RM1224 (6GK6108-4AM00) | <6.3 | 6.3 |
| Siemens SCALANCE S615 firmware | <6.3 | 6.3 |
| Android | ||
| Point-to-Point Protocol (PPP) | >=2.4.2<=2.4.8 | |
| All of | ||
| WAGO PFC Firmware | <03.04.10\(16\) | |
| Any of | ||
| WAGO PFC 100 | ||
| WAGO PFC 200 | ||
| Debian | =9.0 | |
| Debian | =10.0 | |
| Ubuntu | =12.04 | |
| Ubuntu | =14.04 | |
| Ubuntu | =16.04 | |
| Ubuntu | =18.04 | |
| Ubuntu | =19.04 | |
| WAGO PFC Firmware | <03.04.10\(16\) | |
| WAGO PFC 100 | ||
| WAGO PFC 200 |
Remedy
http://git.savannah.nongnu.org/cgit/lwip.git/commit/?id=2ee3cbe69c6d2805e64e7cac2a1c1706e49ffd86
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://security-tracker.debian.org/tracker/CVE-2020-8597
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8597
- https://github.com/paulusmack/ppp/commit/8d7970b8f3db727fe798b65f3377fe6787575426
- https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=950618
- http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00006.html
- http://packetstormsecurity.com/files/156662/pppd-2.4.8-Buffer-Overflow.html
- http://packetstormsecurity.com/files/156802/pppd-2.4.8-Buffer-Overflow.html
- http://seclists.org/fulldisclosure/2020/Mar/6
- https://access.redhat.com/errata/RHSA-2020:0630
- https://access.redhat.com/errata/RHSA-2020:0631
- https://access.redhat.com/errata/RHSA-2020:0633
- https://access.redhat.com/errata/RHSA-2020:0634
- https://cert-portal.siemens.com/productcert/pdf/ssa-809841.pdf
- https://kb.netgear.com/000061806/Security-Advisory-for-Unauthenticated-Remote-Buffer-Overflow-Attack-in-PPPD-on-WAC510-PSV-2020-0136
- https://lists.debian.org/debian-lts-announce/2020/02/msg00005.html
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UNJNHWOO4XF73M2W56ILZUY4JQG3JXIR/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YOFDAIOWSWPG732ASYUZNINMXDHY4APE/
- https://security.gentoo.org/glsa/202003-19
- https://security.netapp.com/advisory/ntap-20200313-0004/
- https://us-cert.cisa.gov/ics/advisories/icsa-20-224-04
- https://usn.ubuntu.com/4288-1/
- https://usn.ubuntu.com/4288-2/
- https://www.debian.org/security/2020/dsa-4632
- https://www.kb.cert.org/vuls/id/782301
- https://www.synology.com/security/advisory/Synology_SA_20_02
- https://launchpad.net/bugs/cve/CVE-2020-8597
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=1800734
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=1800727#c8
- https://access.redhat.com/security/cve/cve-2020-8597
- https://bugzilla.redhat.com/show_bug.cgi?id=1800727
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UNJNHWOO4XF73M2W56ILZUY4JQG3JXIR/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YOFDAIOWSWPG732ASYUZNINMXDHY4APE/
- http://git.savannah.nongnu.org/cgit/lwip.git/commit/?id=2ee3cbe69c6d2805e64e7cac2a1c1706e49ffd86
- https://android.googlesource.com/platform/external/ppp/+/f9fec5c36952301e585a420f31e96d35a60d0498
- https://source.android.com/docs/security/bulletin/2020-06-01 (Advisory)
- https://www.cisa.gov/news-events/ics-advisories/icsa-20-224-04 (Advisory)
- https://ubuntu.com/security/notices/USN-4288-1
- https://ubuntu.com/security/notices/USN-4288-2
- https://www.cve.org/CVERecord?id=CVE-2020-8597
- https://nvd.nist.gov/vuln/detail/CVE-2020-8597
- https://ubuntu.com/security/CVE-2020-8597
Frequently Asked Questions
What is the vulnerability ID?
The vulnerability ID is CVE-2020-8597.
What is the severity of CVE-2020-8597?
The severity of CVE-2020-8597 is critical with a severity value of 9.8.
What is the affected software?
The affected software includes ppp versions 2.4.2 through 2.4.8 on Debian and Ubuntu systems, lwip on Debian systems, and Android devices.
How can I fix the vulnerability in pppd?
To fix the vulnerability in pppd, update to version 2.4.9-1+1 or later on Debian systems, and follow the recommended updates for Ubuntu and Android devices.
Where can I find more information about CVE-2020-8597?
You can find more information about CVE-2020-8597 at the following references: [Link 1](https://android.googlesource.com/platform/external/ppp/+/f9fec5c36952301e585a420f31e96d35a60d0498), [Link 2](https://source.android.com/docs/security/bulletin/2020-06-01), [Link 3](https://github.com/paulusmack/ppp/commit/8d7970b8f3db727fe798b65f3377fe6787575426).
- collector/debian-bugs
- alias/CVE-2020-8597
- agent/type
- collector/launchpad-cve
- source/Launchpad
- collector/redhat-bugzilla
- source/Red Hat
- agent/first-publish-date
- agent/remedy
- agent/weakness
- agent/description
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/severity
- agent/references
- agent/event
- collector/usn-cve
- source/Ubuntu
- agent/software-canonical-lookup
- collector/security-tracker-debian
- source/Debian
- agent/trending
- agent/source
- agent/author
- collector/ics-cert-advisory
- source/ICS
- agent/software-canonical-lookup-request
- agent/tags
- agent/softwarecombine
- collector/android-source
- source/Android
- collector/nvd-cve
- source/NVD
- collector/nvd-index
- package-manager/debian
- package-manager/ubuntu
- vendor/siemens
- canonical/siemens ruggedcom rm1224 (6gk6108-4am00)
- canonical/siemens scalance s615 firmware
- vendor/google
- canonical/android
- vendor/point-to-point protocol project
- canonical/point-to-point protocol (ppp)
- version/point-to-point protocol (ppp)/2.4.2
- version/point-to-point protocol (ppp)/2.4.8
- vendor/wago
- canonical/wago pfc firmware
- canonical/wago pfc 100
- canonical/wago pfc 200
- vendor/debian
- canonical/debian
- version/debian/9.0
- version/debian/10.0
- vendor/canonical
- canonical/ubuntu
- version/ubuntu/12.04
- version/ubuntu/14.04
- version/ubuntu/16.04
- version/ubuntu/18.04
- version/ubuntu/19.04