Debian Lwip vulnerabilities
3 known vulnerabilities affecting debian/lwip.
Total CVEs
3
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL1HIGH2
Vulnerabilities
Page 1 of 1
CVE-2020-8597CRITICALCVSS 9.8fixed in lwip 2.1.2+dfsg1-5 (bookworm)2020
CVE-2020-8597 [CRITICAL] CVE-2020-8597: lwip - eap.c in pppd in ppp 2.4.2 through 2.4.8 has an rhostname buffer overflow in the...
eap.c in pppd in ppp 2.4.2 through 2.4.8 has an rhostname buffer overflow in the eap_request and eap_response functions.
Scope: local
bookworm: resolved (fixed in 2.1.2+dfsg1-5)
bullseye: resolved (fixed in 2.1.2+dfsg1-5)
forky: resolved (fixed in 2.1.2+dfsg1-5)
sid: resolved (fixed in 2.1.2+dfsg1-5)
trixie: resolved (fixed in 2.1.2+dfsg1-5)
debian
CVE-2020-22283HIGHCVSS 7.5fixed in lwip 2.1.3+dfsg1-1 (bookworm)2020
CVE-2020-22283 [HIGH] CVE-2020-22283: lwip - A buffer overflow vulnerability in the icmp6_send_response_with_addrs_and_netif(...
A buffer overflow vulnerability in the icmp6_send_response_with_addrs_and_netif() function of Free Software Foundation lwIP version git head allows attackers to access sensitive information via a crafted ICMPv6 packet.
Scope: local
bookworm: resolved (fixed in 2.1.3+dfsg1-1)
bullseye: resolved (fixed in 2.1.2+dfsg1-8+deb11u1)
forky: resolved (fixed in 2.1.3+dfsg1-1)
si
debian
CVE-2020-22284HIGHCVSS 7.5fixed in lwip 2.1.3+dfsg1-1 (bookworm)2020
CVE-2020-22284 [HIGH] CVE-2020-22284: lwip - A buffer overflow vulnerability in the zepif_linkoutput() function of Free Softw...
A buffer overflow vulnerability in the zepif_linkoutput() function of Free Software Foundation lwIP git head version and version 2.1.2 allows attackers to access sensitive information via a crafted 6LoWPAN packet.
Scope: local
bookworm: resolved (fixed in 2.1.3+dfsg1-1)
bullseye: resolved (fixed in 2.1.2+dfsg1-8+deb11u1)
forky: resolved (fixed in 2.1.3+dfsg1-1)
sid: re
debian