CVE-2020-25643

A flaw was found in the HDLC_PPP module of the Linux kernel in versions before 5.9-rc7. Memory corruption and a read overflow is caused by improper input validation in the ppp_cp_parse_cr function which can cause the system to crash or cause a denial of service. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

OR cpe:2.3:o:linux:linux_kernel:5.9.0:rc1:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:5.9.0:rc2:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:5.9.0:rc3:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:5.9.0:rc4:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:5.9.0:rc5:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:5.9.0:rc6:*:*:*:*:*:*

Configuration 2 (hide)

OR cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*

Configuration 3 (hide)

cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*

Configuration 4 (hide)

OR cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*

Configuration 5 (hide)

cpe:2.3:o:opensuse:leap:15.2:*:*:*:*:*:*:*

Configuration 6 (hide)

AND
cpe:2.3:o:netapp:h410c_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:h410c:-:*:*:*:*:*:*:*

Configuration 7 (hide)

OR cpe:2.3:a:starwindsoftware:starwind_virtual_san:v8:build12533:*:*:*:vsphere:*:*
cpe:2.3:a:starwindsoftware:starwind_virtual_san:v8:build12658:*:*:*:vsphere:*:*
cpe:2.3:a:starwindsoftware:starwind_virtual_san:v8:build12859:*:*:*:vsphere:*:*
cpe:2.3:a:starwindsoftware:starwind_virtual_san:v8:build13170:*:*:*:vsphere:*:*
cpe:2.3:a:starwindsoftware:starwind_virtual_san:v8:build13586:*:*:*:vsphere:*:*
cpe:2.3:a:starwindsoftware:starwind_virtual_san:v8:build13861:*:*:*:vsphere:*:*

Information

Published : 2020-10-06 07:15

Updated : 2022-10-25 09:55


NVD link : CVE-2020-25643

Mitre link : CVE-2020-25643


JSON object : View

CWE
CWE-20

Improper Input Validation

Advertisement

dedicated server usa

Products Affected

netapp

  • h410c_firmware
  • h410c

redhat

  • enterprise_linux

linux

  • linux_kernel

opensuse

  • leap

debian

  • debian_linux

starwindsoftware

  • starwind_virtual_san