{"id":"CVE-2020-35680","details":"smtpd/lka_filter.c in OpenSMTPD before 6.8.0p1, in certain configurations, allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a crafted pattern of client activity, because the filter state machine does not properly maintain the I/O channel between the SMTP engine and the filters layer.","modified":"2026-04-11T13:53:09.265927Z","published":"2020-12-24T16:15:15.600Z","references":[{"type":"WEB","url":"https://www.mail-archive.com/misc%40opensmtpd.org/msg05188.html"},{"type":"WEB","url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5LKTFBQCHGMVPR4IZWHQIYAPM5J3LN3J/"},{"type":"WEB","url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TYAYXRV2DM5K4RU7RHCDZSA2UF6VCTRC/"},{"type":"ADVISORY","url":"https://security.gentoo.org/glsa/202105-12"},{"type":"ADVISORY","url":"https://poolp.org/posts/2020-12-24/december-2020-opensmtpd-6.8.0p1-released-fixed-several-bugs-proposed-several-diffs-book-is-on-github/"},{"type":"FIX","url":"https://github.com/openbsd/src/commit/6c3220444ed06b5796dedfd53a0f4becd903c0d1"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/openbsd/src","events":[{"introduced":"0"},{"fixed":"6c3220444ed06b5796dedfd53a0f4becd903c0d1"}]},{"type":"GIT","repo":"https://github.com/opensmtpd/opensmtpd","events":[{"introduced":"0"},{"last_affected":"b9e207ab4e42dff36a56e0b32d67f5c50e4f63fb"}],"database_specific":{"versions":[{"introduced":"0"},{"last_affected":"6.8.0-patch1\\-rc1"}]}}],"versions":["6.8.0p1-rc1","l","opensmtpd-20121030111957p1","opensmtpd-20121106111009p1","opensmtpd-20121107175757p1","opensmtpd-20121113231010p1","opensmtpd-201211152324p1","opensmtpd-201211232348p1","opensmtpd-201211261224p1","opensmtpd-201212031111p1","opensmtpd-201212081318p1","opensmtpd-201212222206p1","opensmtpd-201301031733p1","opensmtpd-201301111154p1","opensmtpd-201301191220p1","opensmtpd-201301241740p1","opensmtpd-201301252211p1","opensmtpd-201301281310p1","opensmtpd-201302051638p1","opensmtpd-201302141353p1","opensmtpd-201302152354p1","opensmtpd-201302212015p1","opensmtpd-201303011853p1","opensmtpd-201303201252p1","opensmtpd-201303211343p1","opensmtpd-201303221610p1","opensmtpd-201303311750p1","opensmtpd-201304041639p1","opensmtpd-201305171925p1","opensmtpd-201305171950p1","opensmtpd-201305241932p1","opensmtpd-201306071637p1","opensmtpd-201306211627p1","opensmtpd-201306271531p1","opensmtpd-201307091512p1","opensmtpd-201307121003p1","opensmtpd-201307151923p1","opensmtpd-201307191003p1","opensmtpd-201307191119p1","opensmtpd-201307221453p1","opensmtpd-201307290744p1","opensmtpd-201309091202p1","opensmtpd-201309121848p1","opensmtpd-201309121931p1","opensmtpd-201309201537p1","opensmtpd-201309241457p1","opensmtpd-201309241712p1","opensmtpd-201309241818p1","opensmtpd-201309251624p1","opensmtpd-201309261726p1","opensmtpd-201310081839p1","opensmtpd-201310101759p1","opensmtpd-201310231634p1","opensmtpd-201310241356p1","opensmtpd-201310251946p1","opensmtpd-201310281424p1","opensmtpd-201311071830p1","opensmtpd-201311181634p1","opensmtpd-201311182347p1","opensmtpd-201311201707p1","opensmtpd-201311261029p1","opensmtpd-201311270853p1","opensmtpd-201311281211p1","opensmtpd-201311292259p1","opensmtpd-201312021552p1","opensmtpd-201312021558p1","opensmtpd-201312081717p1","opensmtpd-201312131550p1","opensmtpd-201312142054p1","opensmtpd-201401061555p1","opensmtpd-201401201010p1","opensmtpd-201401201614p1","opensmtpd-201401202159p1","opensmtpd-201401231518p1","opensmtpd-201401241552p1","opensmtpd-201404151432p1","opensmtpd-201405071644p1","opensmtpd-201405121644p1","opensmtpd-201405121707p1","opensmtpd-201405142229p1","opensmtpd-201405142325p1","opensmtpd-201405202105p1","opensmtpd-201406061833p1","opensmtpd-201406170940p1","opensmtpd-201406190036p1","opensmtpd-201406192219p1","opensmtpd-201406192306p1","opensmtpd-201410012105p1","opensmtpd-201410040019p1","opensmtpd-201410131657p1","opensmtpd-201410152136p1","opensmtpd-201411042328p1","opensmtpd-201411052125p1","opensmtpd-201412241507p1","opensmtpd-201501060207p1","opensmtpd-201502012312p1","opensmtpd-201505091607p1","opensmtpd-201505121836p1","opensmtpd-201505241924p1","opensmtpd-201506020910p1","opensmtpd-201506112227p1","opensmtpd-201601051911p1","opensmtpd-201602031446p1","opensmtpd-201602120826p1","opensmtpd-201602131612p1","opensmtpd-201602131907p1","opensmtpd-201605221711p1","opensmtpd-201606062256p1","opensmtpd-201606062303p1","opensmtpd-201606071034p1","opensmtpd-201606152203p1","opensmtpd-201606220754p1","opensmtpd-201609141253p1","opensmtpd-201702130941p1","opensmtpd-201801101420p1","opensmtpd-5.0p1","opensmtpd-5.2.1p1","opensmtpd-5.3p1","opensmtpd-5.4.2p1","opensmtpd-5.9.1p1","opensmtpd-6.8.0p1-rc1"],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2020-35680.json","vanir_signatures_modified":"2026-04-11T13:53:09Z","unresolved_ranges":[{"events":[{"introduced":"0"},{"fixed":"6.8.0"}]},{"events":[{"introduced":"0"},{"last_affected":"6.8.0-NA"}]},{"events":[{"introduced":"0"},{"last_affected":"32"}]},{"events":[{"introduced":"0"},{"last_affected":"33"}]}],"vanir_signatures":[{"deprecated":false,"target":{"file":"usr.sbin/smtpd/lka_filter.c"},"id":"CVE-2020-35680-5a2407e5","source":"https://github.com/openbsd/src/commit/6c3220444ed06b5796dedfd53a0f4becd903c0d1","signature_type":"Line","signature_version":"v1","digest":{"threshold":0.9,"line_hashes":["146958479146620846539546414962359749417","331739472224798831840993251905507474107","91893901251692159920292890227734731430","279425024596136944150789901713018609996","302454195925576915379956718349724179184","102226086405913718666762852662536102668","156377891668464352413748805278213613186","294224973442606065565798747585475670296"]}},{"deprecated":false,"target":{"function":"filter_session_io","file":"usr.sbin/smtpd/lka_filter.c"},"id":"CVE-2020-35680-e9b83694","source":"https://github.com/openbsd/src/commit/6c3220444ed06b5796dedfd53a0f4becd903c0d1","signature_type":"Function","signature_version":"v1","digest":{"length":477,"function_hash":"139574854378595409949297631104406793897"}}]}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}]}