Check Point Response to CVE-2020-8597 (PPP buffer overflow vulnerability)

Support Center > Search Results > SecureKnowledge Details

Technical Level

Solution ID	sk165875
Technical Level
Severity	Low
Product	All
Version	R80.40, R80.30 (EOL), R80.20 (EOL), R80.10 (EOL), R77.30 (EOL), R80.20.x, R81.10.x
OS	Gaia, Gaia Embedded
Platform / Model	All
Date Created	19-Mar-2020
Last Modified	20-Jul-2022

Symptoms

A buffer overflow flaw was found in the ppp package. Data confidentiality and integrity, as well as system availability, are all at risk with this vulnerability. (CVE-2020-8597)

Cause

The bounds check for the rhostname was improperly constructed in the EAP request and response functions, which could allow a buffer overflow to occur.

Configuring to connect to a malicious server can expose the system to this vulnerability.

Solution

This problem was fixed.

For Gaia OS, the fix is included in:

Jumbo Hotfix Accumulator for R80.40 since Take 25
Jumbo Hotfix Accumulator for R80.30 since Take 195
Jumbo Hotfix Accumulator for R80.20 since Take 149
Jumbo Hotfix Accumulator for R80.10 since Take 278

For Gaia Embedded, this problem was fixed for the 1500 appliance. This fix is included in:

R80.20.02 for Small and Medium Business Appliances

For other appliances and versions:

Applies To:

PMTR-50836 , SMB-11853 , PRJ-10805 , PRJ-10197

Give us Feedback

Please rate this document

[1=Worst,5=Best]

Comment
	Submitting rating