CVE-2020-4067

HIGH

coturn <4.5.1.3 - Info Disclosure

Title source: llm

Description

In coturn before version 4.5.1.3, there is an issue whereby STUN/TURN response buffer is not initialized properly. There is a leak of information between different client connections. One client (an attacker) could use their connection to intelligently query coturn to get interesting bytes in the padding bytes from the connection of another client. This has been fixed in 4.5.1.3.

References (9)

[Third Party Advisory] https://github.com/coturn/coturn/security/advisories/GHSA-c8r8-8vp5-6gcm

[Issue Tracking, Third Party Advisory] https://github.com/coturn/coturn/issues/583

[Release Notes] https://github.com/coturn/coturn/blob/aab60340b201d55c007bcdc853230f47aa2dfdf1/ChangeLog#L15

View Writeup ZIP pw:eip

[Third Party Advisory] https://www.debian.org/security/2020/dsa-4711

[Mailing List, Third Party Advisory] https://lists.debian.org/debian-lts-announce/2020/07/msg00002.html

[Mailing List, Third Party Advisory] http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00010.html

[Third Party Advisory] https://usn.ubuntu.com/4415-1/

[Mailing List, Third Party Advisory] https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TNJJO77ZLGGFJWNUGP6VDG5HPAC5UDBK/

[Mailing List, Third Party Advisory] https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5G35UBNSRLL6SYRTODYTMBJ65TLQILUM/

Scores

CVSS v3 7.0

EPSS 0.0110

EPSS Percentile 78.1%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:L

Details

CWE

CWE-665

Status published

Products (11)

canonical/ubuntu_linux 16.04

canonical/ubuntu_linux 18.04

canonical/ubuntu_linux 19.10

canonical/ubuntu_linux 20.04

coturn_project/coturn < 4.5.1.3

debian/debian_linux 8.0

debian/debian_linux 9.0

debian/debian_linux 10.0

fedoraproject/fedora 31

fedoraproject/fedora 32

... and 1 more

Published Jun 29, 2020

Tracked Since Feb 18, 2026