A buffer overflow could occur when parsing and validating SCTP chunks in WebRTC. This could have led to memory corruption and a potentially exploitable crash. External Reference: https://www.mozilla.org/en-US/security/advisories/mfsa2020-17/#CVE-2020-6831
Acknowledgments: Name: the Mozilla project Upstream: Natalie Silvanovich (Google Project Zero)
This issue has been addressed in the following products: Red Hat Enterprise Linux 8.0 Update Services for SAP Solutions Via RHSA-2020:2033 https://access.redhat.com/errata/RHSA-2020:2033
This issue has been addressed in the following products: Red Hat Enterprise Linux 8.1 Extended Update Support Via RHSA-2020:2032 https://access.redhat.com/errata/RHSA-2020:2032
This issue has been addressed in the following products: Red Hat Enterprise Linux 8 Via RHSA-2020:2031 https://access.redhat.com/errata/RHSA-2020:2031
This bug is now closed. Further updates for individual products will be reflected on the CVE page(s): https://access.redhat.com/security/cve/cve-2020-6831
This issue has been addressed in the following products: Red Hat Enterprise Linux 7 Via RHSA-2020:2037 https://access.redhat.com/errata/RHSA-2020:2037
This issue has been addressed in the following products: Red Hat Enterprise Linux 6 Via RHSA-2020:2036 https://access.redhat.com/errata/RHSA-2020:2036
This issue was also fixed in Google Chrome 81.0.4044.138: https://chromereleases.googleblog.com/2020/05/stable-channel-update-for-desktop.html https://bugs.chromium.org/p/chromium/issues/detail?id=1073602 Related fixes as applied to Mozilla mercurial repo: https://hg.mozilla.org/releases/mozilla-release/rev/35616be71c33a7a4707b3a2f42af9b67d8ddcdb9 https://hg.mozilla.org/releases/mozilla-release/rev/e3b02434661ad795beea1baccce52f589bdc0269 The fix in usrsctp upstream git repo: https://github.com/sctplab/usrsctp/commit/858d2f73019f73bd2c1691bab75c2022640b82e7
This issue has been addressed in the following products: Red Hat Enterprise Linux 8.0 Update Services for SAP Solutions Via RHSA-2020:2048 https://access.redhat.com/errata/RHSA-2020:2048
This issue has been addressed in the following products: Red Hat Enterprise Linux 8.1 Extended Update Support Via RHSA-2020:2047 https://access.redhat.com/errata/RHSA-2020:2047
This issue has been addressed in the following products: Red Hat Enterprise Linux 8 Via RHSA-2020:2046 https://access.redhat.com/errata/RHSA-2020:2046
This issue has been addressed in the following products: Red Hat Enterprise Linux 6 Via RHSA-2020:2049 https://access.redhat.com/errata/RHSA-2020:2049
This issue has been addressed in the following products: Red Hat Enterprise Linux 7 Via RHSA-2020:2050 https://access.redhat.com/errata/RHSA-2020:2050
This issue has been addressed in the following products: Red Hat Enterprise Linux 6 Supplementary Via RHSA-2020:2064 https://access.redhat.com/errata/RHSA-2020:2064