CVE-2017-10984

Priority
Description
An FR-GV-301 issue in FreeRADIUS 3.x before 3.0.15 allows "Write overflow
in data2vp_wimax()" - this allows remote attackers to cause a denial of
service (daemon crash) or possibly execute arbitrary code.
Assigned-to
mdeslaur
Notes
mdeslauronly 3.x
Package
Upstream:released (3.0.15+dfsg-1)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE (trusty was not-affected [only 3.x])
Ubuntu 16.04 LTS (Xenial Xerus):not-affected (only 3.x)
Patches:
Upstream:https://github.com/FreeRADIUS/freeradius-server/commit/931850e5d2f65193520c2d9c9878148c0cdc16a6
Upstream:https://github.com/FreeRADIUS/freeradius-server/commit/4b059296e14b6ab75dc17163077490528a819806
More Information

Updated: 2020-01-29 19:57:43 UTC (commit 768ceb2fdee6790d707d0f681e1b54916744af1e)