CVE-2017-10978
published 2017-07-17CVE-2017-10978: An FR-GV-201 issue in FreeRADIUS 2.x before 2.2.10 and 3.x before 3.0.15 allows "Read / write overflow in make_secret()" and a denial of service.
high7.5CVSS 3.0
AVNACLPRNUINSUCNINAH
An FR-GV-201 issue in FreeRADIUS 2.x before 2.2.10 and 3.x before 3.0.15 allows "Read / write overflow in make_secret()" and a denial of service.
Affected
25 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| apple | macos_server | — | — |
| debian | debian_linux | — | — |
| debian | debian_linux | — | — |
| debian | freeradius | < freeradius 3.0.15+dfsg-1 (bookworm) | freeradius 3.0.15+dfsg-1 (bookworm) |
| freeradius | freeradius | >= 0 < 3.0.15+dfsg-1 | 3.0.15+dfsg-1 |
| freeradius | freeradius | >= 0 < 3.0.15+dfsg-1 | 3.0.15+dfsg-1 |
| freeradius | freeradius | >= 0 < 3.0.15+dfsg-1 | 3.0.15+dfsg-1 |
| freeradius | freeradius | >= 0 < 3.0.15+dfsg-1 | 3.0.15+dfsg-1 |
| freeradius | freeradius | >= 2.0 < 2.2.10 | 2.2.10 |
| freeradius | freeradius | >= 3.0.0 < 3.0.15 | 3.0.15 |
| redhat | enterprise_linux_desktop | — | — |
| redhat | enterprise_linux_server | — | — |
| redhat | enterprise_linux_server | — | — |
| redhat | enterprise_linux_server_aus | — | — |
| redhat | enterprise_linux_server_aus | — | — |
| redhat | enterprise_linux_server_aus | — | — |
| redhat | enterprise_linux_server_eus | — | — |
| redhat | enterprise_linux_server_eus | — | — |
| redhat | enterprise_linux_server_eus | — | — |
| redhat | enterprise_linux_server_eus | — | — |
| redhat | enterprise_linux_server_tus | — | — |
| redhat | enterprise_linux_server_tus | — | — |
| redhat | enterprise_linux_server_tus | — | — |
| redhat | enterprise_linux_workstation | — | — |
| redhat | enterprise_linux_workstation | — | — |
CVSS provenance
nvdv3.07.5HIGHCVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
osv7.5HIGH