pppd(Point to Point Protocol Daemon) is a protocol used to establish a connection in dial-up modems, DSL connections, and other point-to-point links such as VPN devices. The pppd protocol can also be used for authentication purposes.
Security researcher Ilja Van Sprundel discovered the vulnerability with pppd versions 2.4.2 through 2.4.8 are vulnerable to buffer overflow due to the flaw with Extensible Authentication Protocol (EAP) packet.
PPP Daemon Flaw
The vulnerability can be tracked as CVE-2020-8597, it receives CVSS Score 9.8, the vulnerability allows an unauthenticated remote attacker to execute arbitrary code and gain control over the entire system.
The vulnerability is due to the error invalidating the size of the input before copying the supplied data into the memory. As there is a problem with the validation size of the data is incorrect it may cause memory corruption that leads to the execution of unwanted code.
pppd protocols always run with high privileges, so by abusing it attackers can potentially execute arbitrary code with the system or root-level privileges.
Following Linux distribution has been confirmed this vulnerability that running with pppd (Point to Point Protocol Daemon) versions 2.4.2 through 2.4.8.
- Debian GNU/Linux
- Fedora Project
- Red Hat
- SUSE Linux
Also, the following vendors are issued an update about the remote pppD remote code execution vulnerability,
The vulnerability can be triggered by the attacker by sending an unsolicited EAP packet to a vulnerable ppp client or server, an unauthenticated remote attacker could cause memory corruption that leads to arbitrary code execution.
Users are recommended to update with the latest available patches to fix the vulnerability, there is no workaround for the vulnerability at the time of writing.