CVE-2020-6831 — Out-of-bounds Write in Mozilla Firefox

CWE-787 — Out-of-bounds Write CWE-120 — Classic Buffer Overflow19 documents11 sources

Severity

9.8CRITICALNVD

OSV8.1

EPSS

6.3%

top 9.06%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Mozilla Firefox Mozilla Firefox ESR Mozilla Thunderbird +4 more

Timeline

PublishedMay 26

Latest updateMay 24

Description

A buffer overflow could occur when parsing and validating SCTP chunks in WebRTC. This could have led to memory corruption and a potentially exploitable crash. This vulnerability affects Firefox ESR < 68.8, Firefox < 76, and Thunderbird < 68.8.0.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HExploitability: 3.9 | Impact: 5.9

Affected Packages11 packages

▶CVEListV5mozilla/firefoxunspecified — 76

▶NVDmozilla/firefox< 76.0

▶CVEListV5mozilla/firefox_esrunspecified — 68.8

▶NVDmozilla/firefox_esr< 68.8.0

▶Ubuntumozilla/firefox< 76.0.1+build1-0ubuntu0.16.04.1+5

Also affects: Debian Linux 10.0, 9.0, Ubuntu Linux 16.04, 18.04, 19.10, 20.04

Patches

Patch: security.gentoo.org ↗Patch: security.gentoo.org ↗

🔴Vulnerability Details

GHSA

GHSA-5x26-44w7-97vc: A buffer overflow could occur when parsing and validating SCTP chunks in WebRTC↗2022-05-24

▶

Project0

Exploiting Android Messengers with WebRTC: Part 2 - Project Zero↗2020-08-01

▶

OSV

thunderbird vulnerabilities↗2020-05-26

▶

OSV

CVE-2020-6831: A buffer overflow could occur when parsing and validating SCTP chunks in WebRTC↗2020-05-26

▶

CVEList

CVE-2020-6831: A buffer overflow could occur when parsing and validating SCTP chunks in WebRTC↗2020-05-26

▶

📋Vendor Advisories

Ubuntu

Thunderbird vulnerabilities↗2020-05-26

▶

Ubuntu

Firefox regression↗2020-05-12

▶

Ubuntu

Firefox vulnerabilities↗2020-05-07

▶

Chrome

Stable Channel Update for Desktop: CVE-2020-6831↗2020-05-05

▶

Red Hat

usrsctp: Buffer overflow in AUTH chunk input validation↗2020-05-05

▶

💬Community

Bugzilla

CVE-2020-6831 usrsctp: Buffer overflow in AUTH chunk input validation↗2020-05-05

▶

Bugzilla

Buffer overflow in sctp chunk input validation↗2020-04-22

▶