CVE-2020-4067 — HIGH (7.0) — White Hats Nepal

Q: How severe is CVE-2020-4067?

CVE-2020-4067 has been rated HIGH with a CVSS base score of 7.0/10. Review the CVSS metrics above for detailed severity breakdown.

Q: Is there a patch for CVE-2020-4067?

Check the references section above for vendor advisories and patch information. Affected products include: Coturn Project Coturn, Debian Debian Linux, Fedoraproject Fedora, Canonical Ubuntu Linux, Opensuse Leap.

Vulnerability Description

In coturn before version 4.5.1.3, there is an issue whereby STUN/TURN response buffer is not initialized properly. There is a leak of information between different client connections. One client (an attacker) could use their connection to intelligently query coturn to get interesting bytes in the padding bytes from the connection of another client. This has been fixed in 4.5.1.3.

CVSS Score

7.0

HIGH

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:L

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality

HIGH

Integrity

LOW

Availability

LOW

Affected Products

Vendor	Product	Versions
Coturn Project	Coturn	< 4.5.1.3
Debian	Debian Linux	8.0
Fedoraproject	Fedora	31
Canonical	Ubuntu Linux	16.04
Opensuse	Leap	15.2

Related Weaknesses (CWE)

CWE-665

References

http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00010.htmlMailing ListThird Party Advisory
https://github.com/coturn/coturn/blob/aab60340b201d55c007bcdc853230f47aa2dfdf1/CRelease Notes
https://github.com/coturn/coturn/issues/583Issue TrackingThird Party Advisory
https://github.com/coturn/coturn/security/advisories/GHSA-c8r8-8vp5-6gcmThird Party Advisory
https://lists.debian.org/debian-lts-announce/2020/07/msg00002.htmlMailing ListThird Party Advisory
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedorapro
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedorapro
https://usn.ubuntu.com/4415-1/Third Party Advisory
https://www.debian.org/security/2020/dsa-4711Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00010.htmlMailing ListThird Party Advisory
https://github.com/coturn/coturn/blob/aab60340b201d55c007bcdc853230f47aa2dfdf1/CRelease Notes
https://github.com/coturn/coturn/issues/583Issue TrackingThird Party Advisory
https://github.com/coturn/coturn/security/advisories/GHSA-c8r8-8vp5-6gcmThird Party Advisory
https://lists.debian.org/debian-lts-announce/2020/07/msg00002.htmlMailing ListThird Party Advisory
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedorapro

FAQ

What is CVE-2020-4067?

CVE-2020-4067 is a vulnerability with a CVSS score of 7.0 (HIGH). In coturn before version 4.5.1.3, there is an issue whereby STUN/TURN response buffer is not initialized properly. There is a leak of information between different client connections. One client (an a...

How severe is CVE-2020-4067?

CVE-2020-4067 has been rated HIGH with a CVSS base score of 7.0/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2020-4067?

Check the references section above for vendor advisories and patch information. Affected products include: Coturn Project Coturn, Debian Debian Linux, Fedoraproject Fedora, Canonical Ubuntu Linux, Opensuse Leap.