CVE-2020-11068
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2020-11068
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2020-11068.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2020-11068
- Related
- Published
- 2020-06-23T17:15:11.500Z
- Modified
- 2025-11-20T11:08:17.545004Z
- Severity
-
- 8.8 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
- Summary
- [none]
- Details
-
In LoRaMac-node before 4.4.4, a reception buffer overflow can happen due to the received buffer size not being checked. This has been fixed in 4.4.4.
- References
Affected packages
Git / github.com/lora-net/loramac-node
Affected ranges
- Type
- GIT
- Repo
- https://github.com/lora-net/loramac-node
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedFixed
Affected versions
4.*
4.4.2-rc.4
V3.*
V3.4
v2.*
v2.0
v2.1
v2.2
v2.3.RC1
v2.3.RC2
v3.*
v3.0
v3.1
v3.2
v3.3
v3.4.1
v4.*
v4.0.0
v4.1.0
v4.2.0
v4.3.0
v4.3.1
v4.3.2
v4.4.0
v4.4.1
v4.4.2
v4.4.2-rc.1
v4.4.2-rc.2
v4.4.2-rc.3
v4.4.2-rc.5
v4.4.2-rc.6
v4.4.2-rc.7
v4.4.3
Database specific
vanir_signatures
[
{
"signature_type": "Line",
"source": "https://github.com/lora-net/loramac-node/commit/e3063a91daa7ad8a687223efa63079f0c24568e4",
"id": "CVE-2020-11068-06e3ddf5",
"deprecated": false,
"target": {
"file": "src/mac/LoRaMac.c"
},
"digest": {
"threshold": 0.9,
"line_hashes": [
"217943513229331974053177570341904374095",
"158229748252261799029226800678054978975",
"257417098436523763359627050287874618484",
"25502565422967047204298405231183211323",
"65784995682968914060774190354734000253",
"227905730767439064633267358346307995013",
"10271869559989751747744332288236947360",
"92088805706696705966372640674638221742"
]
},
"signature_version": "v1"
},
{
"signature_type": "Line",
"source": "https://github.com/lora-net/loramac-node/commit/e3063a91daa7ad8a687223efa63079f0c24568e4",
"id": "CVE-2020-11068-11dd77fd",
"deprecated": false,
"target": {
"file": "src/peripherals/atecc608a-tnglora-se/atecc608a-tnglora-se.c"
},
"digest": {
"threshold": 0.9,
"line_hashes": [
"187279422351008881163045226212769455854",
"334431603000567321990112645809611874811",
"149712001136221002528868900505496561655"
]
},
"signature_version": "v1"
},
{
"signature_type": "Function",
"source": "https://github.com/lora-net/loramac-node/commit/e3063a91daa7ad8a687223efa63079f0c24568e4",
"id": "CVE-2020-11068-681c59fd",
"deprecated": false,
"target": {
"file": "src/mac/LoRaMac.c",
"function": "ProcessRadioRxDone"
},
"digest": {
"function_hash": "77552535904026823327571985916187162076",
"length": 9734.0
},
"signature_version": "v1"
},
{
"signature_type": "Line",
"source": "https://github.com/lora-net/loramac-node/commit/e3063a91daa7ad8a687223efa63079f0c24568e4",
"id": "CVE-2020-11068-6aa9e653",
"deprecated": false,
"target": {
"file": "src/peripherals/lr1110-se/lr1110-se.c"
},
"digest": {
"threshold": 0.9,
"line_hashes": [
"187279422351008881163045226212769455854",
"334431603000567321990112645809611874811",
"149712001136221002528868900505496561655"
]
},
"signature_version": "v1"
},
{
"signature_type": "Function",
"source": "https://github.com/lora-net/loramac-node/commit/e3063a91daa7ad8a687223efa63079f0c24568e4",
"id": "CVE-2020-11068-988d2ca2",
"deprecated": false,
"target": {
"file": "src/peripherals/soft-se/soft-se.c",
"function": "SecureElementProcessJoinAccept"
},
"digest": {
"function_hash": "104639005086380311500882123505189001892",
"length": 1954.0
},
"signature_version": "v1"
},
{
"signature_type": "Function",
"source": "https://github.com/lora-net/loramac-node/commit/e3063a91daa7ad8a687223efa63079f0c24568e4",
"id": "CVE-2020-11068-9b512c72",
"deprecated": false,
"target": {
"file": "src/peripherals/lr1110-se/lr1110-se.c",
"function": "SecureElementProcessJoinAccept"
},
"digest": {
"function_hash": "2985876363264467897231117159574642002",
"length": 1324.0
},
"signature_version": "v1"
},
{
"signature_type": "Line",
"source": "https://github.com/lora-net/loramac-node/commit/e3063a91daa7ad8a687223efa63079f0c24568e4",
"id": "CVE-2020-11068-b1007c0a",
"deprecated": false,
"target": {
"file": "src/peripherals/soft-se/soft-se.c"
},
"digest": {
"threshold": 0.9,
"line_hashes": [
"187279422351008881163045226212769455854",
"334431603000567321990112645809611874811",
"149712001136221002528868900505496561655"
]
},
"signature_version": "v1"
},
{
"signature_type": "Function",
"source": "https://github.com/lora-net/loramac-node/commit/e3063a91daa7ad8a687223efa63079f0c24568e4",
"id": "CVE-2020-11068-df0f7ad0",
"deprecated": false,
"target": {
"file": "src/peripherals/atecc608a-tnglora-se/atecc608a-tnglora-se.c",
"function": "SecureElementProcessJoinAccept"
},
"digest": {
"function_hash": "104639005086380311500882123505189001892",
"length": 1954.0
},
"signature_version": "v1"
}
]