CVE-2019-20503
published 2020-03-06CVE-2019-20503: usrsctp before 2019-12-20 has out-of-bounds reads in sctp_load_addresses_from_init.
PriorityP430medium6.5CVSS 3.1
AVNACLPRNUIRSUCNINAH
EPSS
3.16%
86.4th percentile
usrsctp before 2019-12-20 has out-of-bounds reads in sctp_load_addresses_from_init.
Affected
32 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| canonical | ubuntu_linux | — | — |
| canonical | ubuntu_linux | — | — |
| canonical | ubuntu_linux | — | — |
| chromium | chromium | >= 0 < 80.0.3987.149-1 | 80.0.3987.149-1 |
| chromium | chromium | >= 0 < 80.0.3987.149-1 | 80.0.3987.149-1 |
| chromium | chromium | >= 0 < 80.0.3987.149-1 | 80.0.3987.149-1 |
| chromium | chromium | >= 0 < 80.0.3987.149-1 | 80.0.3987.149-1 |
| debian | chromium | < chromium 80.0.3987.149-1 (bookworm) | chromium 80.0.3987.149-1 (bookworm) |
| debian | debian_linux | — | — |
| debian | debian_linux | — | — |
| debian | debian_linux | — | — |
| debian | firefox | < chromium 80.0.3987.149-1 (bookworm) | chromium 80.0.3987.149-1 (bookworm) |
| debian | firefox-esr | < chromium 80.0.3987.149-1 (bookworm) | chromium 80.0.3987.149-1 (bookworm) |
| debian | libusrsctp | < chromium 80.0.3987.149-1 (bookworm) | chromium 80.0.3987.149-1 (bookworm) |
| debian | thunderbird | < chromium 80.0.3987.149-1 (bookworm) | chromium 80.0.3987.149-1 (bookworm) |
| chrome_chrome | — | — | |
| mozilla | firefox | — | — |
| mozilla | firefox | >= 0 < 74.0+build3-0ubuntu0.16.04.1 | 74.0+build3-0ubuntu0.16.04.1 |
| mozilla | firefox | >= 0 < 74.0+build3-0ubuntu0.18.04.1 | 74.0+build3-0ubuntu0.18.04.1 |
| mozilla | thunderbird | >= 0 < 1:68.6.0-1 | 1:68.6.0-1 |
| mozilla | thunderbird | >= 0 < 1:68.6.0-1 | 1:68.6.0-1 |
| mozilla | thunderbird | >= 0 < 1:68.6.0-1 | 1:68.6.0-1 |
| mozilla | thunderbird | >= 0 < 1:68.6.0-1 | 1:68.6.0-1 |
| mozilla | thunderbird | >= 0 < 1:68.7.0+build1-0ubuntu0.16.04.2 | 1:68.7.0+build1-0ubuntu0.16.04.2 |
| mozilla | thunderbird | >= 0 < 1:68.7.0+build1-0ubuntu0.18.04.1 | 1:68.7.0+build1-0ubuntu0.18.04.1 |
CVSS provenance
nvdv3.16.5MEDIUMCVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
nvdv2.04.3MEDIUMAV:N/AC:M/Au:N/C:N/I:N/A:P
osv8.8HIGH
vendor_ubuntu8.8HIGH
vendor_debian6.5MEDIUM
vendor_msrc6.5MEDIUM
vendor_redhat6.5MEDIUM
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Ubuntu
Thunderbird vulnerabilities
vendor_ubuntu·2020-04-21·CVSS 8.8
CVE-2019-11745 [HIGH] Thunderbird vulnerabilities
Title: Thunderbird vulnerabilities
Summary: Several security issues were fixed in Thunderbird.
Multiple security issues were discovered in Thunderbird. If a user were
tricked in to opening a specially crafted website in a browsing context,
an attacker could potentially exploit these to cause a denial of service,
obtain sensitive information, bypass security restrictions, bypass
same-origin restrictions, conduct cross-site scripting (XSS) attacks, or
execute arbitrary code. (CVE-2019-11757, CVE-2019-11758, CVE-2019-11759,
CVE-2019-11760, CVE-2019-11761, CVE-2019-11762, CVE-2019-11763,
CVE-2019-11764, CVE-2019-17005, CVE-2019-17008, CVE-2019-17010,
CVE-2019-17011, CVE-2019-17012, CVE-2019-17016, CVE-2019-17017,
CVE-2019-17022, CVE-2019-17024, CVE-2019-17026, CVE-2019-20503,
CVE-2020-6798,
Ubuntu
Thunderbird vulnerabilities
vendor_ubuntu·2020-04-13·CVSS 6.5
CVE-2020-6792 [MEDIUM] Thunderbird vulnerabilities
Title: Thunderbird vulnerabilities
Summary: Several security issues were fixed in Thunderbird.
It was discovered that Message ID calculation was based on uninitialized
data. An attacker could potentially exploit this to obtain sensitive
information. (CVE-2020-6792)
Mutiple security issues were discovered in Thunderbird. If a user were
tricked in to opening a specially crafted message, an attacker could
potentially exploit these to cause a denial of service, obtain sensitive
information, or execute arbitrary code. (CVE-2020-6793, CVE-2020-6795,
CVE-2020-6822)
It was discovered that if a user saved passwords before Thunderbird 60
and then later set a master password, an unencrypted copy of these
passwords would still be accessible. A local user could exploit this to
obtain sensitive info
Chrome
Stable Channel Update for Desktop: CVE-2020-6429
vendor_chrome·2020-03-18·CVSS 6.5
CVE-2020-6429 [HIGH] Stable Channel Update for Desktop: CVE-2020-6429
Stable Channel Update for Desktop
CVE-2020-6429: Use after free in audio. Reported by Man Yue Mo of GitHub Security Lab on 2020-03-02
[$NA][ 1059349 ] High CVE-2019-20503: Out of bounds read in usersctplib
Reported by Natalie Silvanovich of Google Project Zero on 2020-03-06
Severity: high
Ubuntu
Firefox vulnerabilities
vendor_ubuntu·2020-03-11·CVSS 6.5
CVE-2019-20503 [MEDIUM] Firefox vulnerabilities
Title: Firefox vulnerabilities
Summary: Firefox could be made to crash or run programs as your login if it
opened a malicious website.
Multiple security issues were discovered in Firefox. If a user were
tricked in to opening a specially crafted website, an attacker could
potentially exploit these to cause a denial of service, spoof the URL or
other browser chrome, obtain sensitive information, bypass Content
Security Policy (CSP) protections, or execute arbitrary code.
(CVE-2019-20503, CVE-2020-6805, CVE-2020-6806, CVE-2020-6807,
CVE-2020-6808, CVE-2020-6810, CVE-2020-6812, CVE-2020-6813, CVE-2020-6814,
CVE-2020-6815)
It was discovered that Web Extensions with the all-url permission could
access local files. If a user were tricked in to installing a specially
crafted extension, an attac
Microsoft
usrsctp before 2019-12-20 has out-of-bounds reads in sctp_load_addresses_from_init.
vendor_msrc·2020-03-10·CVSS 6.5
CVE-2019-20503 [MEDIUM] CWE-125 usrsctp before 2019-12-20 has out-of-bounds reads in sctp_load_addresses_from_init.
usrsctp before 2019-12-20 has out-of-bounds reads in sctp_load_addresses_from_init.
FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability?
One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed. Microsoft is committed to transparency in this work which is why we began publishing CSAF/VEX in October 2025. See this blog post for more information. If impact to additional products is identified, we will update the CVE to reflect this.
Mariner: Mariner
mitre: mitre
Customer Action Required: Yes
Remediation: CBL-Mariner Releas
Red Hat
usrsctp: Out of bounds reads in sctp_load_addresses_from_init()
vendor_redhat·2020-03-10·CVSS 6.5
CVE-2019-20503 [MEDIUM] CWE-125 usrsctp: Out of bounds reads in sctp_load_addresses_from_init()
usrsctp: Out of bounds reads in sctp_load_addresses_from_init()
usrsctp before 2019-12-20 has out-of-bounds reads in sctp_load_addresses_from_init.
The Mozilla Foundation Security Advisory describes this flaw as:
The inputs to `sctp_load_addresses_from_init` are verified by `sctp_arethere_unrecognized_parameters`; however, the two functions handled parameter bounds differently, resulting in out of bounds reads when parameters are partially outside a chunk.
Package: firefox (Red Hat Enterprise Linux 5) - Out of support scope
Package: thunderbird (Red Hat Enterprise Linux 5) - Out of support scope
Debian
CVE-2019-20503: chromium - usrsctp before 2019-12-20 has out-of-bounds reads in sctp_load_addresses_from_in...
vendor_debian·2019·CVSS 6.5
CVE-2019-20503 [MEDIUM] CVE-2019-20503: chromium - usrsctp before 2019-12-20 has out-of-bounds reads in sctp_load_addresses_from_in...
usrsctp before 2019-12-20 has out-of-bounds reads in sctp_load_addresses_from_init.
Scope: local
bookworm: resolved (fixed in 80.0.3987.149-1)
bullseye: resolved (fixed in 80.0.3987.149-1)
forky: resolved (fixed in 80.0.3987.149-1)
sid: resolved (fixed in 80.0.3987.149-1)
trixie: resolved (fixed in 80.0.3987.149-1)
Mozilla
Mozilla Foundation Security Advisory 2020-10: CVE-2019-20503
vendor_mozilla·CVSS 6.5
CVE-2019-20503 [MEDIUM] Mozilla Foundation Security Advisory 2020-10: CVE-2019-20503
Mozilla Foundation Security Advisory 2020-10
CVE: CVE-2019-20503
Product: Thunderbird
Impact: high
Fixed in: Thunderbird 68.6
Mozilla
Mozilla Foundation Security Advisory 2020-08: CVE-2019-20503
vendor_mozilla·CVSS 6.5
CVE-2019-20503 [MEDIUM] Mozilla Foundation Security Advisory 2020-08: CVE-2019-20503
Mozilla Foundation Security Advisory 2020-08
CVE: CVE-2019-20503
Product: Firefox
Impact: high
Fixed in: Firefox 74
Mozilla
Mozilla Foundation Security Advisory 2020-09: CVE-2019-20503
vendor_mozilla·CVSS 6.5
CVE-2019-20503 [MEDIUM] Mozilla Foundation Security Advisory 2020-09: CVE-2019-20503
Mozilla Foundation Security Advisory 2020-09
CVE: CVE-2019-20503
Product: Firefox ESR
Impact: high
Fixed in: Firefox ESR 68.6
GHSA
GHSA-48ww-7497-cmhw: usrsctp before 2019-12-20 has out-of-bounds reads in sctp_load_addresses_from_init
ghsa_unreviewed·2022-05-24
CVE-2019-20503 [MEDIUM] CWE-125 GHSA-48ww-7497-cmhw: usrsctp before 2019-12-20 has out-of-bounds reads in sctp_load_addresses_from_init
usrsctp before 2019-12-20 has out-of-bounds reads in sctp_load_addresses_from_init.
OSV
thunderbird vulnerabilities
osv·2020-04-21·CVSS 8.8
CVE-2019-11757 [HIGH] thunderbird vulnerabilities
thunderbird vulnerabilities
Multiple security issues were discovered in Thunderbird. If a user were
tricked in to opening a specially crafted website in a browsing context,
an attacker could potentially exploit these to cause a denial of service,
obtain sensitive information, bypass security restrictions, bypass
same-origin restrictions, conduct cross-site scripting (XSS) attacks, or
execute arbitrary code. (CVE-2019-11757, CVE-2019-11758, CVE-2019-11759,
CVE-2019-11760, CVE-2019-11761, CVE-2019-11762, CVE-2019-11763,
CVE-2019-11764, CVE-2019-17005, CVE-2019-17008, CVE-2019-17010,
CVE-2019-17011, CVE-2019-17012, CVE-2019-17016, CVE-2019-17017,
CVE-2019-17022, CVE-2019-17024, CVE-2019-17026, CVE-2019-20503,
CVE-2020-6798, CVE-2020-6800, CVE-2020-6805, CVE-2020-6806, CVE-2020-6807,
CVE-2020
OSV
thunderbird vulnerabilities
osv·2020-04-13·CVSS 6.5
CVE-2020-6792 [MEDIUM] thunderbird vulnerabilities
thunderbird vulnerabilities
It was discovered that Message ID calculation was based on uninitialized
data. An attacker could potentially exploit this to obtain sensitive
information. (CVE-2020-6792)
Mutiple security issues were discovered in Thunderbird. If a user were
tricked in to opening a specially crafted message, an attacker could
potentially exploit these to cause a denial of service, obtain sensitive
information, or execute arbitrary code. (CVE-2020-6793, CVE-2020-6795,
CVE-2020-6822)
It was discovered that if a user saved passwords before Thunderbird 60
and then later set a master password, an unencrypted copy of these
passwords would still be accessible. A local user could exploit this to
obtain sensitive information. (CVE-2020-6794)
Multiple security issues were discovered i
OSV
firefox vulnerabilities
osv·2020-03-11·CVSS 6.5
CVE-2019-20503 [MEDIUM] firefox vulnerabilities
firefox vulnerabilities
Multiple security issues were discovered in Firefox. If a user were
tricked in to opening a specially crafted website, an attacker could
potentially exploit these to cause a denial of service, spoof the URL or
other browser chrome, obtain sensitive information, bypass Content
Security Policy (CSP) protections, or execute arbitrary code.
(CVE-2019-20503, CVE-2020-6805, CVE-2020-6806, CVE-2020-6807,
CVE-2020-6808, CVE-2020-6810, CVE-2020-6812, CVE-2020-6813, CVE-2020-6814,
CVE-2020-6815)
It was discovered that Web Extensions with the all-url permission could
access local files. If a user were tricked in to installing a specially
crafted extension, an attacker could potentially exploit this to obtain
sensitive information. (CVE-2020-6809)
It was discovered that the
OSV
CVE-2019-20503: usrsctp before 2019-12-20 has out-of-bounds reads in sctp_load_addresses_from_init
osv·2020-03-06·CVSS 6.5
CVE-2019-20503 [MEDIUM] CVE-2019-20503: usrsctp before 2019-12-20 has out-of-bounds reads in sctp_load_addresses_from_init
usrsctp before 2019-12-20 has out-of-bounds reads in sctp_load_addresses_from_init.
No detection rules found.
http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00022.htmlhttp://lists.opensuse.org/opensuse-security-announce/2020-03/msg00028.htmlhttp://lists.opensuse.org/opensuse-security-announce/2020-03/msg00030.htmlhttp://lists.opensuse.org/opensuse-security-announce/2020-03/msg00037.htmlhttp://seclists.org/fulldisclosure/2020/May/49http://seclists.org/fulldisclosure/2020/May/52http://seclists.org/fulldisclosure/2020/May/55http://seclists.org/fulldisclosure/2020/May/59https://access.redhat.com/errata/RHSA-2020:0815https://access.redhat.com/errata/RHSA-2020:0816https://access.redhat.com/errata/RHSA-2020:0819https://access.redhat.com/errata/RHSA-2020:0820https://bugs.chromium.org/p/project-zero/issues/detail?id=1992https://chromereleases.googleblog.com/2020/03/stable-channel-update-for-desktop_18.htmlhttps://crbug.com/1059349https://github.com/sctplab/usrsctp/commit/790a7a2555aefb392a5a69923f1e9d17b4968467https://lists.debian.org/debian-lts-announce/2020/03/msg00013.htmlhttps://lists.debian.org/debian-lts-announce/2020/03/msg00023.htmlhttps://lists.debian.org/debian-lts-announce/2023/07/msg00003.htmlhttps://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2DDNOAGIX5D77TTHT6YPMVJ5WTXTCQEI/https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6IOHSO6BUKC6I66J5PZOMAGFVJ66ZS57/https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JWANFIR3PYAL5RJQ4AO3ZS2DYMSF2ZGZ/https://security.gentoo.org/glsa/202003-02https://security.gentoo.org/glsa/202003-10https://support.apple.com/HT211168https://support.apple.com/HT211171https://support.apple.com/HT211175https://support.apple.com/HT211177https://support.apple.com/kb/HT211168https://support.apple.com/kb/HT211171https://support.apple.com/kb/HT211175https://support.apple.com/kb/HT211177https://usn.ubuntu.com/4299-1/https://usn.ubuntu.com/4328-1/https://usn.ubuntu.com/4335-1/https://www.debian.org/security/2020/dsa-4639https://www.debian.org/security/2020/dsa-4642https://www.debian.org/security/2020/dsa-4645http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00022.htmlhttp://lists.opensuse.org/opensuse-security-announce/2020-03/msg00028.htmlhttp://lists.opensuse.org/opensuse-security-announce/2020-03/msg00030.htmlhttp://lists.opensuse.org/opensuse-security-announce/2020-03/msg00037.htmlhttp://seclists.org/fulldisclosure/2020/May/49http://seclists.org/fulldisclosure/2020/May/52http://seclists.org/fulldisclosure/2020/May/55http://seclists.org/fulldisclosure/2020/May/59https://access.redhat.com/errata/RHSA-2020:0815https://access.redhat.com/errata/RHSA-2020:0816https://access.redhat.com/errata/RHSA-2020:0819https://access.redhat.com/errata/RHSA-2020:0820https://bugs.chromium.org/p/project-zero/issues/detail?id=1992https://chromereleases.googleblog.com/2020/03/stable-channel-update-for-desktop_18.htmlhttps://crbug.com/1059349https://github.com/sctplab/usrsctp/commit/790a7a2555aefb392a5a69923f1e9d17b4968467https://lists.debian.org/debian-lts-announce/2020/03/msg00013.htmlhttps://lists.debian.org/debian-lts-announce/2020/03/msg00023.htmlhttps://lists.debian.org/debian-lts-announce/2023/07/msg00003.htmlhttps://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2DDNOAGIX5D77TTHT6YPMVJ5WTXTCQEI/https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6IOHSO6BUKC6I66J5PZOMAGFVJ66ZS57/https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JWANFIR3PYAL5RJQ4AO3ZS2DYMSF2ZGZ/https://security.gentoo.org/glsa/202003-02https://security.gentoo.org/glsa/202003-10https://support.apple.com/HT211168https://support.apple.com/HT211171https://support.apple.com/HT211175https://support.apple.com/HT211177https://support.apple.com/kb/HT211168https://support.apple.com/kb/HT211171https://support.apple.com/kb/HT211175https://support.apple.com/kb/HT211177https://usn.ubuntu.com/4299-1/https://usn.ubuntu.com/4328-1/https://usn.ubuntu.com/4335-1/https://www.debian.org/security/2020/dsa-4639https://www.debian.org/security/2020/dsa-4642https://www.debian.org/security/2020/dsa-4645
2020-03-06
Published