Login Sign Up

CVE-2020-28723

7.5 HIGH
Denial of Service

📋 TL;DR

CVE-2020-28723 is a memory leak vulnerability in the IPv6Param::setAddress function of CloudAvid PParam library version 1.3.1. This vulnerability allows attackers to cause denial of service through resource exhaustion by repeatedly triggering the memory leak. Systems using the vulnerable PParam library for IPv6 address handling are affected.

💻 Affected Systems

Products:
  • CloudAvid PParam library
Versions: 1.3.1
Operating Systems: All platforms using the vulnerable library
Default Config Vulnerable: ⚠️ Yes
Notes: Only affects applications that use the IPv6Param::setAddress function from the PParam library.

📦 What is this software?

Pparam by Cloudavid

View all CVEs affecting Pparam →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete system unavailability due to memory exhaustion, potentially leading to service disruption and requiring system restart.

🟠

Likely Case

Degraded performance and eventual service interruption as available memory is gradually consumed.

🟢

If Mitigated

Limited impact with proper memory monitoring and restart policies in place.

🌐 Internet-Facing: MEDIUM - Requires specific IPv6 parameter manipulation but could be triggered remotely.
🏢 Internal Only: MEDIUM - Internal applications using the library could be exploited by authenticated users.

🎯 Exploit Status

Public PoC: ⚠️ Yes
Weaponized: LIKELY
Unauthenticated Exploit: ✅ No
Complexity: LOW

Exploitation requires ability to call the vulnerable function with crafted input. Fuzzing tools and proof-of-concept code are publicly available.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 1.3.2 or later

Vendor Advisory: https://github.com/CloudAvid/PParam/issues/9

Restart Required: Yes

Instructions:

1. Update PParam library to version 1.3.2 or later. 2. Recompile any applications using the library. 3. Restart affected services.

🔧 Temporary Workarounds

Disable IPv6 functionality

all

If IPv6 functionality is not required, disable or remove IPv6 parameter handling in affected applications.

Implement memory usage limits

linux

Set memory limits on processes using the vulnerable library to prevent complete system exhaustion.

ulimit -v [memory_limit_in_kb]

🧯 If You Can't Patch

  • Implement strict input validation for IPv6 address parameters
  • Deploy memory monitoring with automated alerts for abnormal consumption patterns

🔍 How to Verify

Check if Vulnerable:

Check if applications link against PParam library version 1.3.1 using ldd (Linux) or dependency walker tools.

Check Version:

strings /path/to/libpparam.so | grep 'PParam version'

Verify Fix Applied:

Verify PParam library version is 1.3.2 or later and test IPv6 parameter handling functions.

📡 Detection & Monitoring

Log Indicators:

  • Abnormal memory consumption patterns
  • Process crashes with out-of-memory errors
  • Repeated calls to IPv6 parameter functions

Network Indicators:

  • Unusual volume of IPv6 parameter manipulation requests
  • Traffic patterns targeting specific IPv6 handling endpoints

SIEM Query:

source="system_logs" ("out of memory" OR "memory allocation failed") AND process="*pparam*"

📊 Metadata

CVE ID: CVE-2020-28723
CVSS v3 Score: 7.5 (HIGH)
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CWE: CWE-401
Published: November 16, 2020
Last Updated: November 21, 2024

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2020-28723, you might also want to check these:

CVE-2021-40633 8.8

CVE-2021-40633 is a memory leak vulnerability in gif2rgb, a utility in giflib 5.1.4, allowing remote...

Same vulnerability type (CWE-401)
CVE-2021-3492 8.8

CVE-2021-3492 is a kernel vulnerability in Ubuntu's Shiftfs filesystem where improper error handling...

Same vulnerability type (CWE-401)
CVE-2024-25450 8.8

CVE-2024-25450 is a memory allocation vulnerability in imlib2 v1.9.1's init_imlib_fonts() function t...

Same vulnerability type (CWE-401)