CVE-2020-27638
- Source
- https://cve.org/CVERecord?id=CVE-2020-27638
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2020-27638.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2020-27638
- Downstream
- Published
- 2020-10-22T13:15:15.613Z
- Modified
- 2026-04-11T11:23:31.673484Z
- Severity
-
- 7.5 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
- Summary
- [none]
- Details
-
receive.c in fastd before v21 allows denial of service (assertion failure) when receiving packets with an invalid type code.
- References
-
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/D2LNSF2LI4RQ7BVGHTJQUJWP7RVGHDTK/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GUZ3AGTAXH7OOP45F5WXBVRQ3IDWUR7M/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WSMH65GHKHMJAK2VMPROIPIUS4IA63CW/
- https://lists.debian.org/debian-lts-announce/2020/10/msg00025.html
- https://fastd.readthedocs.io/en/stable/releases/v21.html
- https://bugs.debian.org/972521
- https://github.com/NeoRaider/fastd/commit/737925113363b6130879729cdff9ccc46c33eaea
Affected packages
Git / github.com/neocturne/fastd
Affected ranges
- Type
- GIT
- Repo
- https://github.com/neocturne/fastd
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedFixed
Affected versions
v0.*
v0.1
v0.1-rc1
v0.1-rc2
v0.1-rc3
v0.1-rc4
v0.2
v0.3
v0.4
v0.4-rc1
v0.4-rc10
v0.4-rc11
v0.4-rc12
v0.4-rc13
v0.4-rc2
v0.4-rc3
v0.4-rc4
v0.4-rc5
v0.4-rc6
v0.4-rc7
v0.4-rc8
v0.4-rc9
v0.5
v0.5-rc1
v0.5-rc2
v0.5-rc3
v0.5-rc4
Other
v10
v11
v12
v13
v14
v15
v16
v17
v18
v19
v20
v6
v6-rc1
v7
v8
v9
Database specific
vanir_signatures_modified
"2026-04-11T11:23:31Z"
vanir_signatures
[
{
"id": "CVE-2020-27638-479d7b31",
"signature_version": "v1",
"digest": {
"function_hash": "176340725060813004210905118311611276175",
"length": 694.0
},
"source": "https://github.com/neocturne/fastd/commit/737925113363b6130879729cdff9ccc46c33eaea",
"deprecated": false,
"target": {
"function": "handle_socket_receive_known",
"file": "src/receive.c"
},
"signature_type": "Function"
},
{
"id": "CVE-2020-27638-b0830e65",
"signature_version": "v1",
"digest": {
"function_hash": "279097731734714311607881590027641747637",
"length": 476.0
},
"source": "https://github.com/neocturne/fastd/commit/737925113363b6130879729cdff9ccc46c33eaea",
"deprecated": false,
"target": {
"function": "handle_socket_receive_unknown",
"file": "src/receive.c"
},
"signature_type": "Function"
},
{
"id": "CVE-2020-27638-cf9ffff7",
"signature_version": "v1",
"digest": {
"line_hashes": [
"218993648070656331698192938340773989964",
"204748408106242575614860218896531178762",
"139337633164185874394351173136018775119",
"211707679463638823627401166846990478979",
"288152887943536033044038232302204222846",
"100029604037219442177910336290054639548",
"264322882793426461474977070951987059818",
"151738650662340874906420184695183817751"
],
"threshold": 0.9
},
"source": "https://github.com/neocturne/fastd/commit/737925113363b6130879729cdff9ccc46c33eaea",
"deprecated": false,
"target": {
"file": "src/receive.c"
},
"signature_type": "Line"
}
]
source
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2020-27638.json"
unresolved_ranges
[
{
"events": [
{
"introduced": "0"
},
{
"fixed": "21.0"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "9.0"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "31"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "32"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "33"
}
]
}
]