CVE-2017-10984

Priority
Medium
Description
An FR-GV-301 issue in FreeRADIUS 3.x before 3.0.15 allows "Write overflow
in data2vp_wimax()" - this allows remote attackers to cause a denial of
service (daemon crash) or possibly execute arbitrary code.
References
Bugs
Notes
 mdeslaur> only 3.x
Assigned-to
mdeslaur
Package
Upstream:released (3.0.15+dfsg-1)
Ubuntu 17.10 (Artful Aardvark):released (3.0.15+dfsg-1ubuntu1)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 LTS (Trusty Tahr):not-affected (only 3.x)
Ubuntu Core 15.04:DNE
Ubuntu 16.04 LTS (Xenial Xerus):not-affected (only 3.x)
Ubuntu 17.04 (Zesty Zapus):released (3.0.12+dfsg-4ubuntu1.2)
Patches:
Upstream:https://github.com/FreeRADIUS/freeradius-server/commit/931850e5d2f65193520c2d9c9878148c0cdc16a6
Upstream:https://github.com/FreeRADIUS/freeradius-server/commit/4b059296e14b6ab75dc17163077490528a819806
More Information

Updated: 2017-08-11 23:55:39 UTC (commit 13081)