Описание
eap.c in pppd in ppp 2.4.2 through 2.4.8 has an rhostname buffer overflow in the eap_request and eap_response functions.
A buffer overflow flaw was found in the ppp package in versions 2.4.2 through 2.4.8. The bounds check for the rhostname was improperly constructed in the EAP request and response functions which could allow a buffer overflow to occur. Data confidentiality and integrity, as well as system availability, are all at risk with this vulnerability.
Отчет
The ppp packages distributed with Red Hat Enterprise Linux versions are compiled using gcc's stack-protector feature. The "Stack Smashing Protection" may help mitigate code execution attacks for this flaw and limit its impact to crash only.
Меры по смягчению последствий
Red Hat is working on providing updates packages which patches this flaw. This flaw can only be mitigated by updating to these package versions. The "Stack Smashing Protection" may help mitigate code execution attacks for this flaw and limit its impact to crash only.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 5 | ppp | Out of support scope | ||
| Red Hat Enterprise Linux 5 | rp-pppoe | Not affected | ||
| Red Hat Enterprise Linux 6 | rp-pppoe | Not affected | ||
| Red Hat Enterprise Linux 7 | rp-pppoe | Not affected | ||
| Red Hat Enterprise Linux 6 | ppp | Fixed | RHSA-2020:0631 | 27.02.2020 |
| Red Hat Enterprise Linux 7 | ppp | Fixed | RHSA-2020:0630 | 27.02.2020 |
| Red Hat Enterprise Linux 8 | ppp | Fixed | RHSA-2020:0633 | 27.02.2020 |
| Red Hat Enterprise Linux 8 | ppp | Fixed | RHSA-2020:0633 | 27.02.2020 |
| Red Hat Enterprise Linux 8.0 Update Services for SAP Solutions | ppp | Fixed | RHSA-2020:0634 | 27.02.2020 |
Показывать по
Дополнительная информация
Статус:
9.8 Critical
CVSS3
Связанные уязвимости
eap.c in pppd in ppp 2.4.2 through 2.4.8 has an rhostname buffer overflow in the eap_request and eap_response functions.
eap.c in pppd in ppp 2.4.2 through 2.4.8 has an rhostname buffer overflow in the eap_request and eap_response functions.
eap.c in pppd in ppp 2.4.2 through 2.4.8 has an rhostname buffer overf ...
9.8 Critical
CVSS3