CVE-2020-27638 – This vulnerability in fastd (a VPN daemon) allo... (How to Fix)

Q: What is the severity of CVE-2020-27638?

CVE-2020-27638 has a CVSS score of 7.5 (HIGH). This vulnerability in fastd (a VPN daemon) allows denial of service through an assertion failure when receiving packets with invalid type codes. Attackers can crash fastd instances by sending specially crafted packets. Systems running fastd versions before v21 are affected.

📋 TL;DR

This vulnerability in fastd (a VPN daemon) allows denial of service through an assertion failure when receiving packets with invalid type codes. Attackers can crash fastd instances by sending specially crafted packets. Systems running fastd versions before v21 are affected.

💻 Affected Systems

Products:

fastd

Versions: All versions before v21

Operating Systems: Linux, Unix-like systems

Default Config Vulnerable: ⚠️ Yes

Notes: Only affects systems where fastd is running and receiving network traffic.

📦 What is this software?

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete service disruption of VPN connectivity, potentially affecting all traffic routed through fastd.

🟠

Likely Case

Service crash requiring manual restart, causing temporary VPN connectivity loss.

🟢

If Mitigated

Minimal impact if fastd is behind firewalls or not internet-facing.

🌐 Internet-Facing: HIGH - Attackers can remotely trigger the crash without authentication.

🏢 Internal Only: MEDIUM - Internal attackers or compromised systems could still exploit it.

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: LIKELY

Unauthenticated Exploit: ⚠️ Yes

Complexity: LOW

Simple packet crafting required. No authentication needed.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: v21

Vendor Advisory: https://fastd.readthedocs.io/en/stable/releases/v21.html

Restart Required: Yes

Instructions:

1. Stop fastd service. 2. Update to fastd v21 or later via package manager. 3. Restart fastd service.

🔧 Temporary Workarounds

Network filtering

linux

Block or filter packets to fastd from untrusted sources

iptables -A INPUT -p udp --dport [fastd_port] -s ! [trusted_networks] -j DROP

🧯 If You Can't Patch

Implement strict network access controls to limit who can send packets to fastd
Monitor fastd process health and implement automatic restart mechanisms

🔍 How to Verify

Check if Vulnerable:

Check fastd version with 'fastd --version' and verify it's older than v21

Check Version:

fastd --version

Verify Fix Applied:

Confirm version is v21 or newer with 'fastd --version'

📡 Detection & Monitoring

Log Indicators:

fastd crash logs
assertion failure messages in system logs

Network Indicators:

Unexpected packets to fastd port with invalid type codes

SIEM Query:

process:fastd AND (event:crash OR log_message:"assertion failure")

📊 Metadata

CVE ID: CVE-2020-27638

CVSS v3 Score: 7.5 (HIGH)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE: CWE-617

Published: October 22, 2020

Last Updated: November 21, 2024

🔗 References

https://bugs.debian.org/972521 Issue Tracking,Third Party Advisory
https://fastd.readthedocs.io/en/stable/releases/v21.html Broken Link,Release Notes,Third Party Advisory
https://github.com/NeoRaider/fastd/commit/737925113363b6130879729cdff9ccc46c33eaea Patch,Third Party Advisory
https://lists.debian.org/debian-lts-announce/2020/10/msg00025.html Mailing List,Third Party Advisory
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/D2LNSF2LI4RQ7BVGHTJQUJWP7RVGHDTK/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GUZ3AGTAXH7OOP45F5WXBVRQ3IDWUR7M/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WSMH65GHKHMJAK2VMPROIPIUS4IA63CW/
https://bugs.debian.org/972521 Issue Tracking,Third Party Advisory
https://fastd.readthedocs.io/en/stable/releases/v21.html Broken Link,Release Notes,Third Party Advisory
https://github.com/NeoRaider/fastd/commit/737925113363b6130879729cdff9ccc46c33eaea Patch,Third Party Advisory
https://lists.debian.org/debian-lts-announce/2020/10/msg00025.html Mailing List,Third Party Advisory
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/D2LNSF2LI4RQ7BVGHTJQUJWP7RVGHDTK/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GUZ3AGTAXH7OOP45F5WXBVRQ3IDWUR7M/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WSMH65GHKHMJAK2VMPROIPIUS4IA63CW/

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2020-27638, you might also want to check these:

📋 TL;DR

💻 Affected Systems

📦 What is this software?

Debian Linux by Debian

Fastd by Fastd Project

Fedora by Fedoraproject

Fedora by Fedoraproject

Fedora by Fedoraproject

⚠️ Risk & Real-World Impact

Worst Case

Likely Case

If Mitigated

🎯 Exploit Status

🛠️ Fix & Mitigation

✅ Official Fix

Instructions:

🔧 Temporary Workarounds

Network filtering

🧯 If You Can't Patch

🔍 How to Verify

Check if Vulnerable:

Check Version:

Verify Fix Applied:

📡 Detection & Monitoring

Log Indicators:

Network Indicators:

SIEM Query:

📊 Metadata

🔗 References

📤 Share & Export

🔗 Related Vulnerabilities