CVE-2017-10987

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2017-10987

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2017-10987.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2017-10987

Related

Published

2017-07-17T17:29:00Z

Modified

2025-04-20T03:34:13.212673Z

Downstream

RHSA-2017:2389

SUSE-SU-2017:2202-1

SUSE-SU-2017:2243-1

openSUSE-SU-2024:10767-1

Severity

7.5 (High) CVSS_V3 - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVSS Calculator

Summary

[none]

Details

An FR-GV-304 issue in FreeRADIUS 3.x before 3.0.15 allows "DHCP - Buffer over-read in frdhcpdecode_suboptions()" and a denial of service.

References

Affected packages

Debian:11 / freeradius

Package

Name: freeradius
Purl: pkg:deb/debian/freeradius?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

3.0.15+dfsg-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:12 / freeradius

Package

Name: freeradius
Purl: pkg:deb/debian/freeradius?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

3.0.15+dfsg-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:13 / freeradius

Package

Name: freeradius
Purl: pkg:deb/debian/freeradius?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

3.0.15+dfsg-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Git / github.com/freeradius/freeradius-server

Affected ranges

Type: GIT
Repo: https://github.com/freeradius/freeradius-server
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Last affected

3250f1d08a5ce770afb88760cdebdfeac5bf495c

Last affected

3366cf0a98513ee15e1b96e3996f929ba5e611a4

Last affected

580424ea12feeb5933f1aaac33fd5f9e2fa2ee60

Last affected

7c9d5fbe83a67934bff42c1093d50daacbf1c083

Last affected

808a9b3a8ff7ebac794519a1e842507c9a99107b

Last affected

8282a158b0b30d7dc522162855a30c942ad57dfa

Last affected

86b280f53d5cad01130a3245adb82cda6adb93ef

Last affected

8a1cbd0d3a2fca26aefac2cfe7a50cd5d22fed42

Last affected

8bc2d13ba84de80ef4873b0d0990a133332d24a1

Last affected

9dbdad73ca823f5d2fbb0cbc5c34aec714a9e0d3

Last affected

a6ce2fc6c7c21d232175f535d3128349bcd2d784

Last affected

add9d9595bdbbae2c6b045cc3f8c1f31823748ec

Last affected

d33a1dcd2591773fd3d0adde592dfad73c2088ed

Last affected

d5a382ecdadaa022a917b91f1ea96e73ef189150

Last affected

d667a281f56c959b77f53b7cf003c4acc634e4b0

Affected versions

Other

branch_4_0_0

first-build

release_0_1_0

release_0_2_0

release_0_3_0

release_0_4_0

release_0_5_0

release_0_6_0

release_0_7_0

release_0_9_0

release_0_9_0_final

release_0_9_0_pre2

release_0_9_0_pre3

release_1_0_0

release_1_0_0_pre1

release_1_0_0_pre2

release_1_0_0_pre3

release_1_0_1

release_1_0_2

release_1_1_0

release_1_1_0_pre0

release_1_1_1

release_1_1_2

release_1_1_3

release_1_1_4

release_1_1_5

release_1_1_6

release_1_1_7

release_2_0_0

release_2_0_0_pre1

release_2_0_0_pre2

release_2_0_1

release_2_0_2

release_2_0_3

release_2_0_4

release_2_0_5

release_2_1_0

release_2_1_1

release_2_1_2

release_2_1_3

release_2_1_4

release_2_1_7

release_3_0_0

release_3_0_0_beta0

release_3_0_0_beta1

release_3_0_0_rc0

release_3_0_0_rc1

release_3_0_1

release_3_0_2

release_3_0_3

release_3_0_4_rc0

release_3_0_4_rc1

release_3_0_4_rc2

release_3_0_5

release_3_0_6

release_3_0_7

release_3_0_8

release_3.*

release_3.0.8