A flaw was found in the Linux Kernel in the HDLC_PPP module. Improper input validation in the ppp_cp_parse_cr function in hdlc_ppp.c leads to memory corruption and read overflow. Reference and upstream patch: https://git.kernel.org/pub/scm/linux/kernel/git/netdev/net.git/commit/?id=66d42ed8b25b64eb63111a2b8582c5afc8bf1105
Mitigation: To mitigate this issue, prevent modules hdlc_ppp, syncppp from being loaded. Please see https://access.redhat.com/solutions/41278 for how to blacklist a kernel module to prevent it from loading automatically.
Created kernel tracking bugs for this issue: Affects: fedora-all [bug 1883886]
This was fixed for Fedora with the 5.8.12 stable kernel updates.
External References: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=66d42ed8b25b64eb63111a2b8582c5afc8bf1105
Acknowledgments: Name: ChenNan Of Chaitin (Security Research Lab)
Statement: This flaw is rated as a having Moderate impact, because the bug can be triggered only if PPP protocol enabled.
This issue has been addressed in the following products: Red Hat Enterprise Linux 7 Via RHSA-2020:5437 https://access.redhat.com/errata/RHSA-2020:5437
This issue has been addressed in the following products: Red Hat Enterprise Linux 7 Via RHSA-2020:5441 https://access.redhat.com/errata/RHSA-2020:5441
This bug is now closed. Further updates for individual products will be reflected on the CVE page(s): https://access.redhat.com/security/cve/cve-2020-25643
This issue has been addressed in the following products: Red Hat Enterprise Linux 8 Via RHSA-2021:1578 https://access.redhat.com/errata/RHSA-2021:1578
This issue has been addressed in the following products: Red Hat Enterprise Linux 8 Via RHSA-2021:1739 https://access.redhat.com/errata/RHSA-2021:1739