Endpoint Vulnerability

CVE-2020-8597ppp: Buffer overflow in the eap_request and eap_response functions in eap.c

Description

A buffer overflow flaw was found in the ppp package in versions 2.4.2 through 2.4.8. The bounds check for the rhostname was improperly constructed in the EAP request and response functions which could allow a buffer overflow to occur. Data confidentiality and integrity, as well as system availability, are all at risk with this vulnerability.

Affected Products

ppp

References

CVE-2020-8597,