Launchpad CVE tracker

CVE 2020-12823

OpenConnect 8.09 has a buffer overflow, causing a denial of service (application crash) or possibly unspecified other impact, via crafted certificate data to get_cert_name in gnutls.c.

Related bugs and status

CVE-2020-12823 (Candidate) is related to these bugs:

Bug #1987569: Versions in Bionic and Focal are vulnerable to CVE-2020-12823

		In	Importance	Status
1987569	Versions in Bionic and Focal are vulnerable to CVE-2020-12823	openconnect (Ubuntu)	Medium	In Progress
1987569	Versions in Bionic and Focal are vulnerable to CVE-2020-12823	openconnect (Ubuntu Focal)	Medium	New
1987569	Versions in Bionic and Focal are vulnerable to CVE-2020-12823	openconnect (Ubuntu Bionic)	Medium	New

See the

CVE page on Mitre.org for more details.

References

MISC: https://bugs.gentoo.or...
MISC: https://gitlab.com/ope...
MLIST: [debian-lts-announce] ...
FEDORA: FEDORA-2020-143735a624
FEDORA: FEDORA-2020-2af15c566e
FEDORA: FEDORA-2020-bc22f06aa3
GENTOO: GLSA-202006-15
SUSE: openSUSE-SU-2020:0997
SUSE: openSUSE-SU-2020:1027

Launchpad.net

CVE 2020-12823

Related bugs and status

Related bugs

References