Candidate: CVE-2019-20797
PublicDate: 2020-05-18 00:15:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20797
 https://logicaltrust.net/blog/2019/10/prboom1.html
 https://sourceforge.net/p/prboom-plus/bugs/252/
 https://sourceforge.net/p/prboom-plus/bugs/253/
Description:
 An issue was discovered in e6y prboom-plus 2.5.1.5. There is a buffer
 overflow in client and server code responsible for handling received UDP
 packets, as demonstrated by I_SendPacket or I_SendPacketTo in i_network.c.
Ubuntu-Description:
Notes:
Mitigation:
Bugs:
Priority: medium
Discovered-by:
Assigned-to:
CVSS:
 nvd: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H [7.5 HIGH]


Patches_prboom-plus:
upstream_prboom-plus: needs-triage
precise/esm_prboom-plus: DNE
trusty_prboom-plus: ignored (out of standard support)
trusty/esm_prboom-plus: DNE
xenial_prboom-plus: ignored (end of standard support, was needs-triage)
bionic_prboom-plus: needs-triage
eoan_prboom-plus: ignored (reached end-of-life)
focal_prboom-plus: needs-triage
groovy_prboom-plus: not-affected (2:2.5.1.7um+git82-1)
hirsute_prboom-plus: not-affected (2:2.5.1.7um+git82-1)
impish_prboom-plus: not-affected (2:2.5.1.7um+git82-1)
jammy_prboom-plus: not-affected (2:2.5.1.7um+git82-1)
devel_prboom-plus: not-affected (2:2.5.1.7um+git82-1)