CVE-2020-4067

HIGH

coturn < 4.5.1.3 - Information Disclosure via Uninitialized STUN/TURN Response Buffer

Title source: llm
STIX 2.1

Description

In coturn before version 4.5.1.3, there is an issue whereby STUN/TURN response buffer is not initialized properly. There is a leak of information between different client connections. One client (an attacker) could use their connection to intelligently query coturn to get interesting bytes in the padding bytes from the connection of another client. This has been fixed in 4.5.1.3.

References (9)

Core 9
Core References
Issue Tracking, Third Party Advisory x_refsource_misc
https://github.com/coturn/coturn/issues/583
Third Party Advisory vendor-advisory x_refsource_debian
https://www.debian.org/security/2020/dsa-4711
Mailing List, Third Party Advisory mailing-list x_refsource_mlist
https://lists.debian.org/debian-lts-announce/2020/07/msg00002.html
Mailing List, Third Party Advisory vendor-advisory x_refsource_suse
http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00010.html
Third Party Advisory vendor-advisory x_refsource_ubuntu
https://usn.ubuntu.com/4415-1/

Scores

CVSS v3 7.0
EPSS 0.0185
EPSS Percentile 76.2%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:L

Details

CWE
CWE-665
Status published
Products (11)
canonical/ubuntu_linux 16.04
canonical/ubuntu_linux 18.04
canonical/ubuntu_linux 19.10
canonical/ubuntu_linux 20.04
coturn_project/coturn < 4.5.1.3
debian/debian_linux 8.0
debian/debian_linux 9.0
debian/debian_linux 10.0
fedoraproject/fedora 31
fedoraproject/fedora 32
... and 1 more
Published Jun 29, 2020
Tracked Since Feb 18, 2026