What is CVE-2020-8597?

CVE-2020-8597 is a vulnerability in N/a. Published 2020-02-03.

Is CVE-2020-8597 known to be exploited?

37 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

CVE-2020-8597

eap.c in pppd in ppp 2.4.2 through 2.4.8 has an rhostname buffer overflow in the eap_request and eap_response functions.

EPSS: 0.660 (98.5th percentile) — read the EPSS interpretation.

github.com/paulusmack/ppp/commit/8d7970b8f3db727fe798b65f3377fe6787575426 (x_refsource_MISC)
[debian-lts-announce] 20200209 [SECURITY] [DLA 2097-1] ppp security update (mailing-list, x_refsource_MLIST)
DSA-4632 (vendor-advisory, x_refsource_DEBIAN)
RHSA-2020:0631 (vendor-advisory, x_refsource_REDHAT)
RHSA-2020:0634 (vendor-advisory, x_refsource_REDHAT)
RHSA-2020:0633 (vendor-advisory, x_refsource_REDHAT)
RHSA-2020:0630 (vendor-advisory, x_refsource_REDHAT)
openSUSE-SU-2020:0286 (vendor-advisory, x_refsource_SUSE)
USN-4288-1 (vendor-advisory, x_refsource_UBUNTU)
VU#782301 (third-party-advisory, x_refsource_CERT-VN)

What is CVE-2020-8597?: CVE-2020-8597 is a vulnerability in N/a. Published 2020-02-03.
Is CVE-2020-8597 known to be exploited?: 37 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.