CVE-2020-26164 — Vulnetix

CVE-2020-26164 PUBLISHED

In kdeconnect-kde (aka KDE Connect) before 20.08.2, an attacker on the local network could send crafted packets that trigger use of large amounts of CPU, memory, or network connection slots, aka a Denial of Service attack.

EPSS 0.10% · 27.0th percentile

Risk Scores

EPSS Score

0.10%

27.0th percentile

Affected Products

Vendor	Product	Versions
Ubuntu:22.04:LTS	kdeconnect	21.11.90-0ubuntu2, 21.11.90-0ubuntu1, 21.08.1-0ubuntu1
Ubuntu:25.10	kdeconnect	25.07.80-0ubuntu1, 25.08.0-0ubuntu1, 25.07.90-0ubuntu1
Ubuntu:18.04:LTS	kdeconnect	1.0.3-0ubuntu2, 1.2.1-0ubuntu1, 1.3.0-0ubuntu1
Ubuntu:24.04:LTS	kdeconnect	23.08.1-0ubuntu1, 0, 23.08.5-0ubuntu5
Ubuntu:16.04:LTS	kdeconnect	0.8-0ubuntu5, 0
Ubuntu:20.04:LTS	kdeconnect	1.3.5-0ubuntu1, 0, 1.4-0ubuntu1

Timeline

Oct 7, 2020 CVE Published
Apr 14, 2021 EPSS Score
Jun 22, 2021 EPSS Score
Aug 24, 2021 EPSS Score
Oct 25, 2021 EPSS Score
Jan 6, 2022 EPSS Score
Feb 4, 2022 EPSS Score
Feb 27, 2022 EPSS Score
Apr 1, 2022 EPSS Score
May 1, 2022 EPSS Score
Jul 2, 2022 EPSS Score
Sep 4, 2022 EPSS Score

References

https://ubuntu.com/security/CVE-2020-26164 third-party-advisory
https://kde.org/info/security/advisory-20201002-1.txt third-party-advisory
https://invent.kde.org/network/kdeconnect-kde/-/commit/f183b5447bad47655c21af87214579f03bf3a163 third-party-advisory
https://invent.kde.org/network/kdeconnect-kde/-/commit/b279c52101d3f7cc30a26086d58de0b5f1c547fa third-party-advisory
https://invent.kde.org/network/kdeconnect-kde/-/commit/d35b88c1b25fe13715f9170f18674d476ca9acdc third-party-advisory
https://invent.kde.org/network/kdeconnect-kde/-/commit/b496e66899e5bc9547b6537a7f44ab44dd0aaf38 third-party-advisory
https://invent.kde.org/network/kdeconnect-kde/-/commit/5310eae85dbdf92fba30375238a2481f2e34943e third-party-advisory
https://invent.kde.org/network/kdeconnect-kde/-/commit/721ba9faafb79aac73973410ee1dd3624ded97a5 third-party-advisory
https://invent.kde.org/network/kdeconnect-kde/-/commit/ae58b9dec49c809b85b5404cee17946116f8a706 third-party-advisory
https://invent.kde.org/network/kdeconnect-kde/-/commit/66c768aa9e7fba30b119c8b801efd49ed1270b0a third-party-advisory
https://invent.kde.org/network/kdeconnect-kde/-/commit/85b691e40f525e22ca5cc4ebe79c361d71d7dc05 third-party-advisory
https://invent.kde.org/network/kdeconnect-kde/-/commit/48180b46552d40729a36b7431e97bbe2b5379306 third-party-advisory
https://bugzilla.suse.com/show_bug.cgi?id=1176268 third-party-advisory
https://github.com/KDE/kdeconnect-kde/commit/024e5f23db8d8ad3449714b906b46094baaffb89 third-party-advisory
https://github.com/KDE/kdeconnect-kde/commit/4fbd01a3d44a0bcca888c49a77ec7cfd10e113d7 third-party-advisory
https://github.com/KDE/kdeconnect-kde/commit/542d94a70c56aa386c8d4d793481ce181b0422e8 third-party-advisory
https://github.com/KDE/kdeconnect-kde/commit/613899be24b6e2a6b3e5cc719efce8ae8a122991 third-party-advisory
https://github.com/KDE/kdeconnect-kde/commit/8112729eb0f13e6947984416118531078e65580d third-party-advisory
https://github.com/KDE/kdeconnect-kde/commit/ce0f00fc2d3eccb51d0af4eba61a4f60de086a59 third-party-advisory
https://github.com/KDE/kdeconnect-kde/releases third-party-advisory

…and 3 more

Open in Interactive Console →