What is CVE-2020-6016?

CVE-2020-6016 is a vulnerability in Game Networking Sockets, classified under CWE-590. Published 2020-11-18.

Is CVE-2020-6016 known to be exploited?

1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Vulnerability in Game Networking Sockets

CVE-2020-6016

Valve's Game Networking Sockets prior to version v1.2.0 improperly handles unreliable segments with negative offsets in function SNP_ReceiveUnreliableSegment(), leading to a Heap-Based Buffer Underflow and a free() of memory not from the h…

EPSS: 0.066 (91.4th percentile) — read the EPSS interpretation.

Affected products

N/a Game Networking Sockets — versions All versions prior to v1.2.0

Weakness classification (CWE)

CWE-590

Public proof-of-concept exploits

Live-Hack-CVE/CVE-2020-6016

References

github.com/ValveSoftware/GameNetworkingSockets/commit/e0c86dcb9139771db3db0cfdb… (x_refsource_MISC)
research.checkpoint.com/2020/game-on-finding-vulnerabilities-in-valves-steam-so… (x_refsource_MISC)

Frequently asked questions

What is CVE-2020-6016?: CVE-2020-6016 is a vulnerability in Game Networking Sockets, classified under CWE-590. Published 2020-11-18.
Is CVE-2020-6016 known to be exploited?: 1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.