[manjaro-security] [ASA-202003-3] ppp: arbitrary code execution

Morten Linderud foxboron at archlinux.org
Thu Mar 12 19:31:04 CET 2020


Arch Linux Security Advisory ASA-202003-3
=========================================

Severity: Medium
Date    : 2020-03-07
CVE-ID  : CVE-2020-8597
Package : ppp
Type    : arbitrary code execution
Remote  : Yes
Link    : https://security.archlinux.org/AVG-1101

Summary
=======

The package ppp before version 2.4.7-7 is vulnerable to arbitrary code
execution.

Resolution
==========

Upgrade to 2.4.7-7.

# pacman -Syu "ppp>=2.4.7-7"

The problem has been fixed upstream but no release is available yet.

Workaround
==========

None.

Description
===========

A buffer overflow flaw was found in the ppp package in versions 2.4.2
through 2.4.8. The bounds check for the rhostname was improperly
constructed in the EAP request and response functions which could allow
a buffer overflow to occur. Data confidentiality and integrity, as well
as system availability, are all at risk with this vulnerability.

Impact
======

A remote unauthenticated user can crash or possibly execute code on the
host by sending malicious authentication data.

References
==========

https://lists.debian.org/debian-lts-announce/2020/02/msg00005.html
https://github.com/paulusmack/ppp/commit/8d7970b8f3db727fe798b65f3377fe6787575426
https://seclists.org/fulldisclosure/2020/Mar/6
https://security.archlinux.org/CVE-2020-8597
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: not available
URL: <http://lists.manjaro.org/pipermail/manjaro-security/attachments/20200312/3c139519/attachment.sig>


More information about the manjaro-security mailing list