CVE-2020-27638

Published: 22 October 2020

receive.c in fastd before v21 allows denial of service (assertion failure) when receiving packets with an invalid type code.

Priority

Medium

CVSS 3 base score: 7.5

Status

References

• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27638
• https://github.com/NeoRaider/fastd/commit/737925113363b6130879729cdff9ccc46c33eaea
• https://bugs.debian.org/972521
• https://fastd.readthedocs.io/en/stable/releases/v21.html
• https://ubuntu.com/security/notices/USN-4610-1
• https://ubuntu.com/security/notices/USN-4718-1
• NVD
• Launchpad
• Debian

Bugs

• http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=972521