Support Center > Search Results > SecureKnowledge Details
Check Point Response to CVE-2020-8597 (PPP buffer overflow vulnerability) Technical Level
Symptoms
  • A buffer overflow flaw was found in the ppp package. Data confidentiality and integrity, as well as system availability, are all at risk with this vulnerability. (CVE-2020-8597)
Cause
The bounds check for the rhostname was improperly constructed in the EAP request and response functions, which could allow a buffer overflow to occur.

Configuring to connect to a malicious server can expose the system to this vulnerability.


Solution
This problem was fixed.

For Gaia OS, the fix is included in:

For Gaia Embedded, this problem was fixed for the 1500 appliance. This fix is included in:

For other appliances and versions, contact Check Point Support to get a Hotfix for this issue.



Applies To:
  • PMTR-50836 , SMB-11853 , PRJ-10805 , PRJ-10197

Give us Feedback
Please rate this document
[1=Worst,5=Best]
Comment