A flaw was found in the HDLCPPP module of the Linux kernel in versions before 5.9-rc7. Memory corruption and a read overflow is caused by improper input validation in the pppcpparsecr function which can cause the system to crash or cause a denial of service. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
{ "vanir_signatures": [ { "digest": { "function_hash": "213294624572536920392536803029728029828", "length": 1272.0 }, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git@66d42ed8b25b64eb63111a2b8582c5afc8bf1105", "signature_type": "Function", "deprecated": false, "signature_version": "v1", "id": "CVE-2020-25643-1fb0653e", "target": { "file": "drivers/net/wan/hdlc_ppp.c", "function": "ppp_cp_parse_cr" } }, { "digest": { "threshold": 0.9, "line_hashes": [ "259852537195315013393840858747628930697", "278064326950345498167966119542143103627", "225442760769613999068185958334139097137", "303495843912445373248117857828241009418", "285971749956729153231624814514476309256", "215817079319689273964601183695418501944", "89188188915558469410071906580326161541", "143897668736729636807870104756978654690", "126785931631720938191469060597106863605", "190660006075574507021613738252878960104", "189278412584685651118477633768551468213", "34848818942520512158216835470050129429", "161275642748748809549394103238029851758", "191801167234308979409144881729143153912", "164481187292329266636743196375784335979", "227906998635128978164303086354101444468", "19543056598568660113214050356875488152", "149431600307294339457962273345594140018", "142709403254741912452167945474108054743", "136200670518602464928917941781255634806" ] }, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git@66d42ed8b25b64eb63111a2b8582c5afc8bf1105", "signature_type": "Line", "deprecated": false, "signature_version": "v1", "id": "CVE-2020-25643-55166bc6", "target": { "file": "drivers/net/wan/hdlc_ppp.c" } } ] }