CVE-2020-25643

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2020-25643
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2020-25643.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2020-25643
Downstream
Related
Published
2020-10-06T14:15:12.683Z
Modified
2026-04-16T00:07:11.738149117Z
Severity
  • 7.2 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
Summary
[none]
Details

A flaw was found in the HDLCPPP module of the Linux kernel in versions before 5.9-rc7. Memory corruption and a read overflow is caused by improper input validation in the pppcpparsecr function which can cause the system to crash or cause a denial of service. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.

Database specific 
{
    "unresolved_ranges": [
        {
            "extracted_events": [
                {
                    "last_affected": "v8-build12533"
                }
            ],
            "cpe": "cpe:2.3:a:starwindsoftware:starwind_virtual_san:v8:build12533:*:*:*:vsphere:*:*",
            "source": "CPE_FIELD"
        },
        {
            "extracted_events": [
                {
                    "last_affected": "v8-build12658"
                }
            ],
            "cpe": "cpe:2.3:a:starwindsoftware:starwind_virtual_san:v8:build12658:*:*:*:vsphere:*:*",
            "source": "CPE_FIELD"
        },
        {
            "extracted_events": [
                {
                    "last_affected": "v8-build12859"
                }
            ],
            "cpe": "cpe:2.3:a:starwindsoftware:starwind_virtual_san:v8:build12859:*:*:*:vsphere:*:*",
            "source": "CPE_FIELD"
        },
        {
            "extracted_events": [
                {
                    "last_affected": "v8-build13170"
                }
            ],
            "cpe": "cpe:2.3:a:starwindsoftware:starwind_virtual_san:v8:build13170:*:*:*:vsphere:*:*",
            "source": "CPE_FIELD"
        },
        {
            "extracted_events": [
                {
                    "last_affected": "v8-build13586"
                }
            ],
            "cpe": "cpe:2.3:a:starwindsoftware:starwind_virtual_san:v8:build13586:*:*:*:vsphere:*:*",
            "source": "CPE_FIELD"
        },
        {
            "extracted_events": [
                {
                    "last_affected": "v8-build13861"
                }
            ],
            "cpe": "cpe:2.3:a:starwindsoftware:starwind_virtual_san:v8:build13861:*:*:*:vsphere:*:*",
            "source": "CPE_FIELD"
        },
        {
            "extracted_events": [
                {
                    "last_affected": "10.0"
                }
            ],
            "cpe": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*",
            "source": "CPE_FIELD"
        },
        {
            "extracted_events": [
                {
                    "last_affected": "9.0"
                }
            ],
            "cpe": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
            "source": "CPE_FIELD"
        },
        {
            "extracted_events": [
                {
                    "introduced": "2.6.29"
                },
                {
                    "fixed": "4.4.238"
                },
                {
                    "introduced": "4.5"
                },
                {
                    "fixed": "4.9.238"
                },
                {
                    "introduced": "4.10"
                },
                {
                    "fixed": "4.14.200"
                },
                {
                    "introduced": "4.15"
                },
                {
                    "fixed": "4.19.148"
                },
                {
                    "introduced": "4.20"
                },
                {
                    "fixed": "5.4.68"
                },
                {
                    "introduced": "5.5"
                },
                {
                    "fixed": "5.8.12"
                }
            ],
            "cpe": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
            "source": "CPE_FIELD"
        },
        {
            "extracted_events": [
                {
                    "last_affected": "5.9.0-rc1"
                }
            ],
            "cpe": "cpe:2.3:o:linux:linux_kernel:5.9.0:rc1:*:*:*:*:*:*",
            "source": "CPE_FIELD"
        },
        {
            "extracted_events": [
                {
                    "last_affected": "5.9.0-rc2"
                }
            ],
            "cpe": "cpe:2.3:o:linux:linux_kernel:5.9.0:rc2:*:*:*:*:*:*",
            "source": "CPE_FIELD"
        },
        {
            "extracted_events": [
                {
                    "last_affected": "5.9.0-rc3"
                }
            ],
            "cpe": "cpe:2.3:o:linux:linux_kernel:5.9.0:rc3:*:*:*:*:*:*",
            "source": "CPE_FIELD"
        },
        {
            "extracted_events": [
                {
                    "last_affected": "5.9.0-rc4"
                }
            ],
            "cpe": "cpe:2.3:o:linux:linux_kernel:5.9.0:rc4:*:*:*:*:*:*",
            "source": "CPE_FIELD"
        },
        {
            "extracted_events": [
                {
                    "last_affected": "5.9.0-rc5"
                }
            ],
            "cpe": "cpe:2.3:o:linux:linux_kernel:5.9.0:rc5:*:*:*:*:*:*",
            "source": "CPE_FIELD"
        },
        {
            "extracted_events": [
                {
                    "last_affected": "5.9.0-rc6"
                }
            ],
            "cpe": "cpe:2.3:o:linux:linux_kernel:5.9.0:rc6:*:*:*:*:*:*",
            "source": "CPE_FIELD"
        },
        {
            "extracted_events": [
                {
                    "last_affected": "15.1"
                }
            ],
            "cpe": "cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*",
            "source": "CPE_FIELD"
        },
        {
            "extracted_events": [
                {
                    "last_affected": "15.2"
                }
            ],
            "cpe": "cpe:2.3:o:opensuse:leap:15.2:*:*:*:*:*:*:*",
            "source": "CPE_FIELD"
        },
        {
            "extracted_events": [
                {
                    "last_affected": "7.0"
                }
            ],
            "cpe": "cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*",
            "source": "CPE_FIELD"
        },
        {
            "extracted_events": [
                {
                    "last_affected": "8.0"
                }
            ],
            "cpe": "cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*",
            "source": "CPE_FIELD"
        }
    ]
}
References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git

Affected ranges

Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed
a1b8638ba1320e6684aa98233c15255eb803fac7
Fixed
66d42ed8b25b64eb63111a2b8582c5afc8bf1105
Database specific 
{
    "extracted_events": [
        {
            "introduced": "0"
        },
        {
            "fixed": "5.9-rc7"
        }
    ],
    "source": [
        "DESCRIPTION",
        "REFERENCES"
    ]
}

Database specific

source 
"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2020-25643.json"