Vulnerability Database

289,599

Total vulnerabilities in the database

CVE-2020-25643

A flaw was found in the HDLC_PPP module of the Linux kernel in versions before 5.9-rc7. Memory corruption and a read overflow is caused by improper input validation in the ppp_cp_parse_cr function which can cause the system to crash or cause a denial of service. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.

  • Published: Oct 6, 2020
  • Updated: Apr 14, 2023
  • CVE: CVE-2020-25643
  • Severity: High
  • Exploit:

CVSS v3:

  • Severity: High
  • Score: 7.2
  • AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

CVSS v2:

  • Severity: High
  • Score: 7.5
  • AV:N/AC:M/Au:S/C:P/I:P/A:C

CWEs:

Software From Fixed in
linux / linux_kernel 5.9.0-rc1 5.9.0-rc1.x
linux / linux_kernel 5.9.0-rc2 5.9.0-rc2.x
linux / linux_kernel 5.9.0-rc3 5.9.0-rc3.x
linux / linux_kernel 5.9.0-rc4 5.9.0-rc4.x
linux / linux_kernel 5.9.0-rc5 5.9.0-rc5.x
linux / linux_kernel 5.9.0-rc6 5.9.0-rc6.x
redhat / enterprise_linux 7.0 7.0.x
redhat / enterprise_linux 8.0 8.0.x
opensuse / leap 15.1 15.1.x
debian / debian_linux 9.0 9.0.x
debian / debian_linux 10.0 10.0.x
opensuse / leap 15.2 15.2.x
starwindsoftware / starwind_virtual_san 8-build12533 8-build12533.x
starwindsoftware / starwind_virtual_san 8-build12658 8-build12658.x
starwindsoftware / starwind_virtual_san 8-build12859 8-build12859.x
starwindsoftware / starwind_virtual_san 8-build13170 8-build13170.x
starwindsoftware / starwind_virtual_san 8-build13586 8-build13586.x
starwindsoftware / starwind_virtual_san 8-build13861 8-build13861.x
linux / linux_kernel 2.6.29 4.4.238
linux / linux_kernel 4.5 4.9.238
linux / linux_kernel 4.10 4.14.200
linux / linux_kernel 4.15 4.19.148
linux / linux_kernel 4.20 5.4.68
linux / linux_kernel 5.5 5.8.12