CVE-2020-15704Sensitive Information Exposure in PPP

CWE-200Sensitive Information ExposureCWE-20Improper Input ValidationCWE-552Files or Directories Accessible to External Parties9 documents7 sources
Severity
5.5MEDIUMNVD
EPSS
0.1%
top 83.88%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
Canonical PPPSamba PPPDebian PPP
Timeline
PublishedSep 1
Latest updateMay 24

Description

The modprobe child process in the ./debian/patches/load_ppp_generic_if_needed patch file incorrectly handled module loading. A local non-root attacker could exploit the MODPROBE_OPTIONS environment variable to read arbitrary root files. Fixed in 2.4.5-5ubuntu1.4, 2.4.5-5.1ubuntu2.3+esm2, 2.4.7-1+2ubuntu1.16.04.3, 2.4.7-2+2ubuntu1.3, 2.4.7-2+4.1ubuntu5.1, 2.4.7-2+4.1ubuntu6. Was ZDI-CAN-11504.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:NExploitability: 1.8 | Impact: 3.6

Affected Packages4 packages

debiandebian/ppp
CVEListV5canonical/ppp2.4.52.4.5-5ubuntu1.4+1
NVDcanonical/ppp< 2.4.7-1\+ubuntu1.16.04.3+4
Ubuntusamba/ppp< 2.4.7-1+2ubuntu1.16.04.3+3

🔴Vulnerability Details

2
GHSA
GHSA-2q4h-xfv6-4848: The modprobe child process in the2022-05-24
OSV
CVE-2020-15704: The modprobe child process in the2020-08-04

📋Vendor Advisories

4
Ubuntu
ppp vulnerability2020-08-06
Red Hat
ppp: Privilege escalation through loading of arbitrary kernel modules and other programs2020-08-05
Ubuntu
ppp vulnerability2020-08-04
Debian
CVE-2020-15704: ppp - The modprobe child process in the ./debian/patches/load_ppp_generic_if_needed pa...2020

💬Community

2
Bugzilla
CVE-2020-15704 ppp: Privilege escalation through loading of arbitrary kernel modules and other programs [fedora-all]2020-08-05
Bugzilla
CVE-2020-15704 ppp: Privilege escalation through loading of arbitrary kernel modules and other programs2020-08-05