Candidate: CVE-2020-14983
PublicDate: 2020-06-22 20:15:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14983
 https://github.com/chocolate-doom/chocolate-doom/issues/1293
Description:
 The server in Chocolate Doom 3.0.0 and Crispy Doom 5.8.0 doesn't validate
 the user-controlled num_players value, leading to a buffer overflow. A
 malicious user can overwrite the server's stack.
Ubuntu-Description:
Notes:
Mitigation:
Bugs:
Priority: medium
Discovered-by:
Assigned-to:
CVSS:
 nvd: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H [9.8 CRITICAL]


Patches_chocolate-doom:
upstream_chocolate-doom: needs-triage
precise/esm_chocolate-doom: DNE
trusty_chocolate-doom: ignored (out of standard support)
trusty/esm_chocolate-doom: DNE
xenial_chocolate-doom: ignored (end of standard support, was needs-triage)
bionic_chocolate-doom: needs-triage
eoan_chocolate-doom: ignored (reached end-of-life)
focal_chocolate-doom: needs-triage
groovy_chocolate-doom: not-affected (3.0.1-1)
hirsute_chocolate-doom: not-affected (3.0.1-1)
impish_chocolate-doom: not-affected (3.0.1-1)
jammy_chocolate-doom: not-affected (3.0.1-1)
devel_chocolate-doom: not-affected (3.0.1-1)

Patches_crispy-doom:
upstream_crispy-doom: needs-triage
precise/esm_crispy-doom: DNE
trusty_crispy-doom: ignored (out of standard support)
trusty/esm_crispy-doom: DNE
xenial_crispy-doom: DNE
bionic_crispy-doom: DNE
eoan_crispy-doom: ignored (reached end-of-life)
focal_crispy-doom: needs-triage
groovy_crispy-doom: not-affected (5.9.0-1)
hirsute_crispy-doom: not-affected (5.9.0-1)
impish_crispy-doom: not-affected (5.9.0-1)
jammy_crispy-doom: not-affected (5.9.0-1)
devel_crispy-doom: not-affected (5.9.0-1)