PublicDateAtUSN: 2020-06-29 20:15:00 UTC
Candidate: CVE-2020-4067
PublicDate: 2020-06-29 20:15:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-4067
 https://github.com/coturn/coturn/security/advisories/GHSA-c8r8-8vp5-6gcm
 https://github.com/coturn/coturn/commit/170da1140797748ae85565b5a93a2e35e7b07b6a
 https://github.com/coturn/coturn/blob/aab60340b201d55c007bcdc853230f47aa2dfdf1/ChangeLog#L15
 https://github.com/coturn/coturn/issues/583
 https://www.debian.org/security/2020/dsa-4711
 https://ubuntu.com/security/notices/USN-4415-1
Description:
 In coturn before version 4.5.1.3, there is an issue whereby STUN/TURN
 response buffer is not initialized properly. There is a leak of information
 between different client connections. One client (an attacker) could use
 their connection to intelligently query coturn to get interesting bytes in
 the padding bytes from the connection of another client. This has been
 fixed in 4.5.1.3.
Ubuntu-Description:
Notes:
Mitigation:
Bugs:
Priority: medium
Discovered-by:
Assigned-to:
CVSS:
 nvd: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N [7.5 HIGH]


Patches_coturn:
upstream_coturn: released (4.5.1.3-1)
precise/esm_coturn: DNE
trusty_coturn: ignored (out of standard support)
trusty/esm_coturn: DNE
xenial_coturn: released (4.5.0.3-1ubuntu0.3)
bionic_coturn: released (4.5.0.7-1ubuntu2.18.04.2)
eoan_coturn: released (4.5.1.1-1.1ubuntu0.19.10.1)
focal_coturn: released (4.5.1.1-1.1ubuntu0.20.04.1)
devel_coturn: not-affected (4.5.1.3-1)