CVE-2020-8597: Buffer Overflow
First published: Mon Feb 03 2020(Updated: )
eap.c in pppd in ppp 2.4.2 through 2.4.8 has an rhostname buffer overflow in the eap_request and eap_response functions.
Credit: cve@mitre.org cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| debian/ppp | <=2.4.7-2+4.1<=2.4.7-1+4 | 2.4.8-1+1~exp1 2.4.7-2+4.1+deb10u1 2.4.7-1+4+deb9u1 |
| Point-to-point Protocol Project Point-to-point Protocol | >=2.4.2<=2.4.8 | |
| Wago Pfc Firmware | <03.04.10\(16\) | |
| WAGO PFC100 | ||
| WAGO PFC200 | ||
| Debian Debian Linux | =9.0 | |
| Debian Debian Linux | =10.0 | |
| Canonical Ubuntu Linux | =12.04 | |
| Canonical Ubuntu Linux | =14.04 | |
| Canonical Ubuntu Linux | =16.04 | |
| Canonical Ubuntu Linux | =18.04 | |
| Canonical Ubuntu Linux | =19.04 | |
| All of | ||
| Wago Pfc Firmware | <03.04.10\(16\) | |
| Any of | ||
| WAGO PFC100 | ||
| WAGO PFC200 | ||
| Google Android | ||
| Siemens RUGGEDCOM RM1224 | <6.3 | 6.3 |
| Siemens SCALANCE M-800 / S615 | <6.3 | 6.3 |
| ubuntu/ppp | <2.4.7-2+2ubuntu1.2 | 2.4.7-2+2ubuntu1.2 |
| ubuntu/ppp | <2.4.7-2+4.1ubuntu4.1 | 2.4.7-2+4.1ubuntu4.1 |
| ubuntu/ppp | <2.4.7-2+4.1ubuntu5 | 2.4.7-2+4.1ubuntu5 |
| ubuntu/ppp | <2.4.7-2+4.1ubuntu5 | 2.4.7-2+4.1ubuntu5 |
| ubuntu/ppp | <2.4.7-2+4.1ubuntu5 | 2.4.7-2+4.1ubuntu5 |
| ubuntu/ppp | <2.4.7-2+4.1ubuntu5 | 2.4.7-2+4.1ubuntu5 |
| ubuntu/ppp | <2.4.7-2+4.1ubuntu5 | 2.4.7-2+4.1ubuntu5 |
| ubuntu/ppp | <2.4.7-2+4.1ubuntu5 | 2.4.7-2+4.1ubuntu5 |
| ubuntu/ppp | <2.4.7-2+4.1ubuntu5 | 2.4.7-2+4.1ubuntu5 |
| ubuntu/ppp | <2.4.7-2+4.1ubuntu5 | 2.4.7-2+4.1ubuntu5 |
| ubuntu/ppp | <2.4.7-2+4.1ubuntu5 | 2.4.7-2+4.1ubuntu5 |
| ubuntu/ppp | <2.4.5-5.1ubuntu2.3+ | 2.4.5-5.1ubuntu2.3+ |
| ubuntu/ppp | <2.4.7-1+2ubuntu1.16.04.2 | 2.4.7-1+2ubuntu1.16.04.2 |
| debian/lwip | 2.1.2+dfsg1-8+deb11u1 2.1.3+dfsg1-2 2.2.0+dfsg1-7 | |
| debian/ppp | 2.4.9-1+1 2.4.9-1+1.1 2.5.0-1+2 |
Remedy
http://git.savannah.nongnu.org/cgit/lwip.git/commit/?id=2ee3cbe69c6d2805e64e7cac2a1c1706e49ffd86
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://security-tracker.debian.org/tracker/CVE-2020-8597
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8597
- https://github.com/paulusmack/ppp/commit/8d7970b8f3db727fe798b65f3377fe6787575426
- https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=950618
- http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00006.html
- http://packetstormsecurity.com/files/156662/pppd-2.4.8-Buffer-Overflow.html
- http://packetstormsecurity.com/files/156802/pppd-2.4.8-Buffer-Overflow.html
- http://seclists.org/fulldisclosure/2020/Mar/6
- https://access.redhat.com/errata/RHSA-2020:0630
- https://access.redhat.com/errata/RHSA-2020:0631
- https://access.redhat.com/errata/RHSA-2020:0633
- https://access.redhat.com/errata/RHSA-2020:0634
- https://cert-portal.siemens.com/productcert/pdf/ssa-809841.pdf
- https://kb.netgear.com/000061806/Security-Advisory-for-Unauthenticated-Remote-Buffer-Overflow-Attack-in-PPPD-on-WAC510-PSV-2020-0136
- https://lists.debian.org/debian-lts-announce/2020/02/msg00005.html
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UNJNHWOO4XF73M2W56ILZUY4JQG3JXIR/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YOFDAIOWSWPG732ASYUZNINMXDHY4APE/
- https://security.gentoo.org/glsa/202003-19
- https://security.netapp.com/advisory/ntap-20200313-0004/
- https://us-cert.cisa.gov/ics/advisories/icsa-20-224-04
- https://usn.ubuntu.com/4288-1/
- https://usn.ubuntu.com/4288-2/
- https://www.debian.org/security/2020/dsa-4632
- https://www.kb.cert.org/vuls/id/782301
- https://www.synology.com/security/advisory/Synology_SA_20_02
- https://launchpad.net/bugs/cve/CVE-2020-8597
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=1800734
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=1800727#c8
- https://access.redhat.com/security/cve/cve-2020-8597
- https://bugzilla.redhat.com/show_bug.cgi?id=1800727
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UNJNHWOO4XF73M2W56ILZUY4JQG3JXIR/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YOFDAIOWSWPG732ASYUZNINMXDHY4APE/
- http://git.savannah.nongnu.org/cgit/lwip.git/commit/?id=2ee3cbe69c6d2805e64e7cac2a1c1706e49ffd86
- https://android.googlesource.com/platform/external/ppp/+/f9fec5c36952301e585a420f31e96d35a60d0498
- https://source.android.com/docs/security/bulletin/2020-06-01 (Advisory)
- https://www.cisa.gov/news-events/ics-advisories/icsa-20-224-04 (Advisory)
- https://ubuntu.com/security/notices/USN-4288-1
- https://ubuntu.com/security/notices/USN-4288-2
- https://www.cve.org/CVERecord?id=CVE-2020-8597
- https://nvd.nist.gov/vuln/detail/CVE-2020-8597
- https://ubuntu.com/security/CVE-2020-8597
Frequently Asked Questions
What is the vulnerability ID?
The vulnerability ID is CVE-2020-8597.
What is the severity of CVE-2020-8597?
The severity of CVE-2020-8597 is critical with a severity value of 9.8.
What is the affected software?
The affected software includes ppp versions 2.4.2 through 2.4.8 on Debian and Ubuntu systems, lwip on Debian systems, and Android devices.
How can I fix the vulnerability in pppd?
To fix the vulnerability in pppd, update to version 2.4.9-1+1 or later on Debian systems, and follow the recommended updates for Ubuntu and Android devices.
Where can I find more information about CVE-2020-8597?
You can find more information about CVE-2020-8597 at the following references: [Link 1](https://android.googlesource.com/platform/external/ppp/+/f9fec5c36952301e585a420f31e96d35a60d0498), [Link 2](https://source.android.com/docs/security/bulletin/2020-06-01), [Link 3](https://github.com/paulusmack/ppp/commit/8d7970b8f3db727fe798b65f3377fe6787575426).
- collector/debian-bugs
- alias/CVE-2020-8597
- collector/nvd-index
- agent/type
- collector/launchpad-cve
- source/Launchpad
- collector/redhat-bugzilla
- source/Red Hat
- agent/first-publish-date
- agent/author
- collector/nvd-cve
- source/NVD
- agent/software-canonical-lookup
- agent/remedy
- agent/weakness
- agent/description
- collector/security-tracker-debian
- source/Debian
- collector/android-source
- source/Android
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/severity
- collector/ics-cert-advisory
- source/ICS
- agent/software-canonical-lookup-request
- agent/references
- agent/softwarecombine
- agent/tags
- agent/event
- collector/usn-cve
- source/Ubuntu
- package-manager/debian
- vendor/point-to-point protocol project
- canonical/point-to-point protocol project point-to-point protocol
- version/point-to-point protocol project point-to-point protocol/2.4.2
- version/point-to-point protocol project point-to-point protocol/2.4.8
- vendor/wago
- canonical/wago pfc firmware
- canonical/wago pfc100
- canonical/wago pfc200
- vendor/debian
- canonical/debian debian linux
- version/debian debian linux/9.0
- version/debian debian linux/10.0
- vendor/canonical
- canonical/canonical ubuntu linux
- version/canonical ubuntu linux/12.04
- version/canonical ubuntu linux/14.04
- version/canonical ubuntu linux/16.04
- version/canonical ubuntu linux/18.04
- version/canonical ubuntu linux/19.04
- vendor/google
- canonical/google android
- vendor/siemens
- canonical/siemens ruggedcom rm1224
- canonical/siemens scalance m-800 / s615
- package-manager/ubuntu