CVE-2019-20503
Medium
Low
Medium
High
Critical
6.5
CVSS Score
Vulnerability Description
usrsctp before 2019-12-20 has out-of-bounds reads in sctp_load_addresses_from_init.
CVSS Metrics
Common Vulnerability Scoring System
Vector String:
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
Attack Vector
N
Attack Complexity
L
Privileges Required
N
User Interaction
R
Scope
U
Confidentiality
N
Integrity
N
Availability
H
Known Affected Software
6 configuration(s) from 2 vendor(s)
ubuntu_linux
Version:
16.04
CPE:
cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:*:*:*:*
ubuntu_linux
Version:
18.04
CPE:
cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:esm:*:*:*
ubuntu_linux
Version:
19.10
CPE:
cpe:2.3:o:canonical:ubuntu_linux:19.10:*:*:*:*:*:*:*
debian_linux
Version:
8.0
CPE:
cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
debian_linux
Version:
10.0
CPE:
cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*
debian_linux
Version:
9.0
CPE:
cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
This vulnerability affects 6 software configuration(s). Ensure you patch all affected systems.
Microsoft
2024-Jun-CVE-2019-20503
CVE-2019-20503: None
Severity
Unknown
Released
Oct 22, 2025
Security Update
References & Resources
-
http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00022.htmlcve@mitre.org Mailing List Third Party Advisory
-
http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00028.htmlcve@mitre.org Mailing List Third Party Advisory
-
http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00030.htmlcve@mitre.org Mailing List Third Party Advisory
-
http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00037.htmlcve@mitre.org Mailing List Third Party Advisory
-
http://seclists.org/fulldisclosure/2020/May/49cve@mitre.org Mailing List Third Party Advisory
-
http://seclists.org/fulldisclosure/2020/May/52cve@mitre.org Mailing List Third Party Advisory
-
http://seclists.org/fulldisclosure/2020/May/55cve@mitre.org Mailing List Third Party Advisory
-
http://seclists.org/fulldisclosure/2020/May/59cve@mitre.org Mailing List Third Party Advisory
-
https://access.redhat.com/errata/RHSA-2020:0815cve@mitre.org Third Party Advisory
-
https://access.redhat.com/errata/RHSA-2020:0816cve@mitre.org Third Party Advisory
-
https://access.redhat.com/errata/RHSA-2020:0819cve@mitre.org Third Party Advisory
-
https://access.redhat.com/errata/RHSA-2020:0820cve@mitre.org Third Party Advisory
-
https://bugs.chromium.org/p/project-zero/issues/detail?id=1992cve@mitre.org Exploit Patch Vendor Advisory
-
https://chromereleases.googleblog.com/2020/03/stable-channel-update-for-desktop_18.htmlcve@mitre.org Third Party Advisory
-
https://crbug.com/1059349cve@mitre.org Third Party Advisory
-
https://github.com/sctplab/usrsctp/commit/790a7a2555aefb392a5a69923f1e9d17b4968467cve@mitre.org Patch Third Party Advisory
-
https://lists.debian.org/debian-lts-announce/2020/03/msg00013.htmlcve@mitre.org Mailing List Third Party Advisory
-
https://lists.debian.org/debian-lts-announce/2020/03/msg00023.htmlcve@mitre.org Mailing List Third Party Advisory
-
https://lists.debian.org/debian-lts-announce/2023/07/msg00003.htmlcve@mitre.org Mailing List Third Party Advisory
-
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2DDNOAGIX5D77TTHT6YPMVJ5WTXTCQEI/cve@mitre.org Mailing List Third Party Advisory
-
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6IOHSO6BUKC6I66J5PZOMAGFVJ66ZS57/cve@mitre.org Mailing List Third Party Advisory
-
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JWANFIR3PYAL5RJQ4AO3ZS2DYMSF2ZGZ/cve@mitre.org Mailing List Third Party Advisory
-
https://security.gentoo.org/glsa/202003-02cve@mitre.org Third Party Advisory
-
https://security.gentoo.org/glsa/202003-10cve@mitre.org Third Party Advisory
-
https://support.apple.com/HT211168cve@mitre.org Third Party Advisory
-
https://support.apple.com/HT211171cve@mitre.org Third Party Advisory
-
https://support.apple.com/HT211175cve@mitre.org Third Party Advisory
-
https://support.apple.com/HT211177cve@mitre.org Third Party Advisory
-
https://support.apple.com/kb/HT211168cve@mitre.org Third Party Advisory
-
https://support.apple.com/kb/HT211171cve@mitre.org Third Party Advisory
-
https://support.apple.com/kb/HT211175cve@mitre.org Third Party Advisory
-
https://support.apple.com/kb/HT211177cve@mitre.org Third Party Advisory
-
https://usn.ubuntu.com/4299-1/cve@mitre.org Third Party Advisory
-
https://usn.ubuntu.com/4328-1/cve@mitre.org Third Party Advisory
-
https://usn.ubuntu.com/4335-1/cve@mitre.org Third Party Advisory
-
https://www.debian.org/security/2020/dsa-4639cve@mitre.org Third Party Advisory
-
https://www.debian.org/security/2020/dsa-4642cve@mitre.org Third Party Advisory
-
https://www.debian.org/security/2020/dsa-4645cve@mitre.org Third Party Advisory
-
http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00022.htmlaf854a3a-2127-422b-91ae-364da2661108 Mailing List Third Party Advisory
-
http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00028.htmlaf854a3a-2127-422b-91ae-364da2661108 Mailing List Third Party Advisory
-
http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00030.htmlaf854a3a-2127-422b-91ae-364da2661108 Mailing List Third Party Advisory
-
http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00037.htmlaf854a3a-2127-422b-91ae-364da2661108 Mailing List Third Party Advisory
-
http://seclists.org/fulldisclosure/2020/May/49af854a3a-2127-422b-91ae-364da2661108 Mailing List Third Party Advisory
-
http://seclists.org/fulldisclosure/2020/May/52af854a3a-2127-422b-91ae-364da2661108 Mailing List Third Party Advisory
-
http://seclists.org/fulldisclosure/2020/May/55af854a3a-2127-422b-91ae-364da2661108 Mailing List Third Party Advisory
-
http://seclists.org/fulldisclosure/2020/May/59af854a3a-2127-422b-91ae-364da2661108 Mailing List Third Party Advisory
-
https://access.redhat.com/errata/RHSA-2020:0815af854a3a-2127-422b-91ae-364da2661108 Third Party Advisory
-
https://access.redhat.com/errata/RHSA-2020:0816af854a3a-2127-422b-91ae-364da2661108 Third Party Advisory
-
https://access.redhat.com/errata/RHSA-2020:0819af854a3a-2127-422b-91ae-364da2661108 Third Party Advisory
-
https://access.redhat.com/errata/RHSA-2020:0820af854a3a-2127-422b-91ae-364da2661108 Third Party Advisory
-
https://bugs.chromium.org/p/project-zero/issues/detail?id=1992af854a3a-2127-422b-91ae-364da2661108 Exploit Patch Vendor Advisory
-
https://chromereleases.googleblog.com/2020/03/stable-channel-update-for-desktop_18.htmlaf854a3a-2127-422b-91ae-364da2661108 Third Party Advisory
-
https://crbug.com/1059349af854a3a-2127-422b-91ae-364da2661108 Third Party Advisory
-
https://github.com/sctplab/usrsctp/commit/790a7a2555aefb392a5a69923f1e9d17b4968467af854a3a-2127-422b-91ae-364da2661108 Patch Third Party Advisory
-
https://lists.debian.org/debian-lts-announce/2020/03/msg00013.htmlaf854a3a-2127-422b-91ae-364da2661108 Mailing List Third Party Advisory
-
https://lists.debian.org/debian-lts-announce/2020/03/msg00023.htmlaf854a3a-2127-422b-91ae-364da2661108 Mailing List Third Party Advisory
-
https://lists.debian.org/debian-lts-announce/2023/07/msg00003.htmlaf854a3a-2127-422b-91ae-364da2661108 Mailing List Third Party Advisory
-
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2DDNOAGIX5D77TTHT6YPMVJ5WTXTCQEI/af854a3a-2127-422b-91ae-364da2661108 Mailing List Third Party Advisory
-
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6IOHSO6BUKC6I66J5PZOMAGFVJ66ZS57/af854a3a-2127-422b-91ae-364da2661108 Mailing List Third Party Advisory
-
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JWANFIR3PYAL5RJQ4AO3ZS2DYMSF2ZGZ/af854a3a-2127-422b-91ae-364da2661108 Mailing List Third Party Advisory
-
https://security.gentoo.org/glsa/202003-02af854a3a-2127-422b-91ae-364da2661108 Third Party Advisory
-
https://security.gentoo.org/glsa/202003-10af854a3a-2127-422b-91ae-364da2661108 Third Party Advisory
-
https://support.apple.com/HT211168af854a3a-2127-422b-91ae-364da2661108 Third Party Advisory
-
https://support.apple.com/HT211171af854a3a-2127-422b-91ae-364da2661108 Third Party Advisory
-
https://support.apple.com/HT211175af854a3a-2127-422b-91ae-364da2661108 Third Party Advisory
-
https://support.apple.com/HT211177af854a3a-2127-422b-91ae-364da2661108 Third Party Advisory
-
https://support.apple.com/kb/HT211168af854a3a-2127-422b-91ae-364da2661108 Third Party Advisory
-
https://support.apple.com/kb/HT211171af854a3a-2127-422b-91ae-364da2661108 Third Party Advisory
-
https://support.apple.com/kb/HT211175af854a3a-2127-422b-91ae-364da2661108 Third Party Advisory
-
https://support.apple.com/kb/HT211177af854a3a-2127-422b-91ae-364da2661108 Third Party Advisory
-
https://usn.ubuntu.com/4299-1/af854a3a-2127-422b-91ae-364da2661108 Third Party Advisory
-
https://usn.ubuntu.com/4328-1/af854a3a-2127-422b-91ae-364da2661108 Third Party Advisory
-
https://usn.ubuntu.com/4335-1/af854a3a-2127-422b-91ae-364da2661108 Third Party Advisory
-
https://www.debian.org/security/2020/dsa-4639af854a3a-2127-422b-91ae-364da2661108 Third Party Advisory
-
https://www.debian.org/security/2020/dsa-4642af854a3a-2127-422b-91ae-364da2661108 Third Party Advisory
-
https://www.debian.org/security/2020/dsa-4645af854a3a-2127-422b-91ae-364da2661108 Third Party Advisory
Severity Details
6.5
out of 10.0
Medium
Weakness Type (CWE)
CWE-125
Top 25 #11
Out-of-bounds Read
- Description
- The product reads data past the end, or before the beginning, of the intended buffer.
- Typical Severity
- High
- Abstraction Level
- Base
Key Information
- Published Date
- March 06, 2020
