A flaw was found in freeradius. A malicious RADIUS client or home server can send a malformed abinary attribute which can cause the server to crash.
References
Link | Resource |
---|---|
https://freeradius.org/security/ | Patch Vendor Advisory |
https://github.com/FreeRADIUS/freeradius-server/commit/0ec2b39d260e | Patch Third Party Advisory |
Configurations
History
10 Jul 2023, 17:46
Type | Values Removed | Values Added |
---|---|---|
CWE | CWE-20 |
24 Jan 2023, 19:53
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:a:freeradius:freeradius:*:*:*:*:*:*:*:* | |
References | (MISC) https://freeradius.org/security/ - Patch, Vendor Advisory | |
References | (MISC) https://github.com/FreeRADIUS/freeradius-server/commit/0ec2b39d260e - Patch, Third Party Advisory | |
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 6.5 |
First Time |
Freeradius
Freeradius freeradius |
17 Jan 2023, 18:55
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2023-01-17 18:15
Updated : 2023-12-10 14:48
NVD link : CVE-2022-41861
Mitre link : CVE-2022-41861
CVE.ORG link : CVE-2022-41861
JSON object : View
Products Affected
freeradius
- freeradius