Hello guys,

The US-CERT has issued an advisory warning users of the new remote code execution (RCE) vulnerability CVE-2020-8597, affecting the PPPD (Point-to-Point Protocol Daemon) installed in almost all flavors of Linux based systems. Other than Linux systems, this vulnerability also affects few other networking applications and devices such as Cisco CallManager, TP-Link products, Synology, and OpenWRT Embedded OS. 

The vulnerability

The vulnerability CVE-2020-8597 exists due to an error in the Extensible Authentication Protocol (EAP) packet parser of the pppd software. If exploited, it could be used by a threat actor to execute arbitrary codes on the affected machines and take full control of them. Since pppd often runs with high privileges along with kernel drivers, this vulnerability could allow attackers to gain system or root-level privileges. 

Affected versions 

Point-to-Point Protocol Daemon version 2.4.2 through 2.4.8 are vulnerable to this flaw. The vulnerability exploits the following Linux distributions as well

• Debian
  

• Ubuntu
  

• SUSE Linux
  

• Fedora
  

• NetBSD
  

• Red Hat Enterprise Linux
  

Patch this vulnerability with Desktop Central

This is a highly critical vulnerability with a CVSS score of 9.8, so we urge users to patch it at the earliest. Search for the following Patch IDs or bulletin IDs, download and deploy the security patches.

Red Hat - https://access.redhat.com/security/cve/cve-2020-8597

• RHSA-2020:0630 - 1076231, 1076232, 1076233
  

• RHSA-2020:0631 - 1076234, 1076235, 1076236, 1076237
  

Debian - https://www.debian.org/security/2020/dsa-4632

• Patch IDs - 802442, 802443, 802444, 802445
  

• Bulletin ID - dsa-4632
  

Ubuntu - https://usn.ubuntu.com/4288-1/

• Patch IDs - 717844, 717845, 717846, 717847, 717848, 717849
  

• Bulletin ID - USN-4288-1
  

Cheers,