An FR-GV-203 issue in FreeRADIUS 2.x before 2.2.10 allows "DHCP - Memory leak in decode_tlv()" and a denial of service.
References
Link | Resource |
---|---|
http://freeradius.org/security/fuzzer-2017.html | Patch Vendor Advisory |
http://www.debian.org/security/2017/dsa-3930 | |
http://www.securityfocus.com/bid/99905 | |
http://www.securitytracker.com/id/1038914 | Third Party Advisory VDB Entry |
https://access.redhat.com/errata/RHSA-2017:1759 | |
http://freeradius.org/security/fuzzer-2017.html | Patch Vendor Advisory |
http://www.debian.org/security/2017/dsa-3930 | |
http://www.securityfocus.com/bid/99905 | |
http://www.securitytracker.com/id/1038914 | Third Party Advisory VDB Entry |
https://access.redhat.com/errata/RHSA-2017:1759 |
Configurations
Configuration 1 (hide)
|
History
21 Nov 2024, 03:06
Type | Values Removed | Values Added |
---|---|---|
References | () http://freeradius.org/security/fuzzer-2017.html - Patch, Vendor Advisory | |
References | () http://www.debian.org/security/2017/dsa-3930 - | |
References | () http://www.securityfocus.com/bid/99905 - | |
References | () http://www.securitytracker.com/id/1038914 - Third Party Advisory, VDB Entry | |
References | () https://access.redhat.com/errata/RHSA-2017:1759 - |
Information
Published : 2017-07-17 17:29
Updated : 2024-11-21 03:06
NVD link : CVE-2017-10980
Mitre link : CVE-2017-10980
CVE.ORG link : CVE-2017-10980
JSON object : View
Products Affected
freeradius
- freeradius
CWE
CWE-772
Missing Release of Resource after Effective Lifetime