CVE-2022-41860
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2022-41860
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2022-41860.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2022-41860
- Related
- Published
- 2023-01-17T18:15:11Z
- Modified
- 2024-09-18T03:18:29.834088Z
- Severity
-
- 7.5 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
- Summary
- [none]
- Details
-
In freeradius, when an EAP-SIM supplicant sends an unknown SIM option, the server will try to look that option up in the internal dictionaries. This lookup will fail, but the SIM code will not check for that failure. Instead, it will dereference a NULL pointer, and cause the server to crash.
- References
Affected packages
Alpine:v3.15 / freeradius
Package
- Name
- freeradius
- Purl
- pkg:apk/alpine/freeradius?arch=source
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed3.0.26-r0
Affected versions
2.*
2.1.7-r0
2.1.7-r1
2.1.7-r2
2.1.10-r0
2.1.10-r1
2.1.10-r2
2.1.10-r3
2.1.10-r4
2.1.10-r5
2.1.10-r6
2.1.10-r7
2.1.10-r8
2.1.10-r9
2.1.10-r10
2.1.10-r11
2.1.10-r12
2.1.10-r13
2.1.10-r14
2.1.10-r15
2.1.10-r16
2.1.10-r17
2.1.10-r18
2.1.10-r19
2.1.10-r20
2.1.10-r21
2.1.10-r22
2.1.10-r23
2.1.12-r0
2.1.12-r1
2.1.12-r2
2.1.12-r3
2.1.12-r4
2.1.12-r5
2.2.0-r0
2.2.0-r1
2.2.0-r2
2.2.0-r3
2.2.0-r4
2.2.0-r5
2.2.0-r6
2.2.0-r7
2.2.0-r8
2.2.0-r9
2.2.0-r10
2.2.0-r11
2.2.1-r0
2.2.2-r0
2.2.2-r1
2.2.2-r2
2.2.3-r0
2.2.3-r1
2.2.3-r2
2.2.3-r3
2.2.3-r4
2.2.3-r5
2.2.4-r0
2.2.4-r1
2.2.4-r2
2.2.4-r3
2.2.5-r0
2.2.5-r1
2.2.5-r2
2.2.5-r3
2.2.5-r4
2.2.6-r0
2.2.6-r1
3.*
3.0.8-r1
3.0.8-r2
3.0.8-r3
3.0.8-r4
3.0.8-r5
3.0.8-r6
3.0.8-r7
3.0.9-r0
3.0.9-r1
3.0.9-r2
3.0.9-r3
3.0.10-r0
3.0.10-r1
3.0.10-r2
3.0.10-r3
3.0.11-r0
3.0.11-r1
3.0.11-r2
3.0.11-r3
3.0.12-r0
3.0.12-r1
3.0.12-r2
3.0.13-r0
3.0.13-r1
3.0.13-r2
3.0.13-r3
3.0.15-r0
3.0.15-r1
3.0.15-r2
3.0.15-r3
3.0.16-r0
3.0.16-r1
3.0.16-r2
3.0.17-r0
3.0.17-r1
3.0.17-r2
3.0.17-r3
3.0.17-r4
3.0.18-r0
3.0.18-r1
3.0.19-r0
3.0.19-r1
3.0.19-r2
3.0.19-r3
3.0.19-r4
3.0.20-r0
3.0.20-r1
3.0.20-r2
3.0.20-r3
3.0.20-r4
3.0.20-r5
3.0.20-r6
3.0.20-r7
3.0.20-r8
3.0.20-r9
3.0.20-r10
3.0.21-r0
3.0.21-r1
3.0.21-r2
3.0.21-r3
3.0.21-r4
3.0.21-r5
3.0.21-r6
3.0.21-r7
3.0.21-r8
3.0.22-r0
3.0.23-r0
3.0.23-r1
3.0.23-r2
3.0.23-r3
3.0.25-r0
3.0.25-r1
Alpine:v3.16 / freeradius
Package
- Name
- freeradius
- Purl
- pkg:apk/alpine/freeradius?arch=source
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed3.0.26-r0
Affected versions
2.*
2.1.7-r0
2.1.7-r1
2.1.7-r2
2.1.10-r0
2.1.10-r1
2.1.10-r2
2.1.10-r3
2.1.10-r4
2.1.10-r5
2.1.10-r6
2.1.10-r7
2.1.10-r8
2.1.10-r9
2.1.10-r10
2.1.10-r11
2.1.10-r12
2.1.10-r13
2.1.10-r14
2.1.10-r15
2.1.10-r16
2.1.10-r17
2.1.10-r18
2.1.10-r19
2.1.10-r20
2.1.10-r21
2.1.10-r22
2.1.10-r23
2.1.12-r0
2.1.12-r1
2.1.12-r2
2.1.12-r3
2.1.12-r4
2.1.12-r5
2.2.0-r0
2.2.0-r1
2.2.0-r2
2.2.0-r3
2.2.0-r4
2.2.0-r5
2.2.0-r6
2.2.0-r7
2.2.0-r8
2.2.0-r9
2.2.0-r10
2.2.0-r11
2.2.1-r0
2.2.2-r0
2.2.2-r1
2.2.2-r2
2.2.3-r0
2.2.3-r1
2.2.3-r2
2.2.3-r3
2.2.3-r4
2.2.3-r5
2.2.4-r0
2.2.4-r1
2.2.4-r2
2.2.4-r3
2.2.5-r0
2.2.5-r1
2.2.5-r2
2.2.5-r3
2.2.5-r4
2.2.6-r0
2.2.6-r1
3.*
3.0.8-r1
3.0.8-r2
3.0.8-r3
3.0.8-r4
3.0.8-r5
3.0.8-r6
3.0.8-r7
3.0.9-r0
3.0.9-r1
3.0.9-r2
3.0.9-r3
3.0.10-r0
3.0.10-r1
3.0.10-r2
3.0.10-r3
3.0.11-r0
3.0.11-r1
3.0.11-r2
3.0.11-r3
3.0.12-r0
3.0.12-r1
3.0.12-r2
3.0.13-r0
3.0.13-r1
3.0.13-r2
3.0.13-r3
3.0.15-r0
3.0.15-r1
3.0.15-r2
3.0.15-r3
3.0.16-r0
3.0.16-r1
3.0.16-r2
3.0.17-r0
3.0.17-r1
3.0.17-r2
3.0.17-r3
3.0.17-r4
3.0.18-r0
3.0.18-r1
3.0.19-r0
3.0.19-r1
3.0.19-r2
3.0.19-r3
3.0.19-r4
3.0.20-r0
3.0.20-r1
3.0.20-r2
3.0.20-r3
3.0.20-r4
3.0.20-r5
3.0.20-r6
3.0.20-r7
3.0.20-r8
3.0.20-r9
3.0.20-r10
3.0.21-r0
3.0.21-r1
3.0.21-r2
3.0.21-r3
3.0.21-r4
3.0.21-r5
3.0.21-r6
3.0.21-r7
3.0.21-r8
3.0.22-r0
3.0.23-r0
3.0.23-r1
3.0.23-r2
3.0.23-r3
3.0.25-r0
3.0.25-r1
3.0.25-r2
Debian:11 / freeradius
Package
- Name
- freeradius
- Purl
- pkg:deb/debian/freeradius?arch=source
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Affected versions
3.*
3.0.21+dfsg-2.2
3.0.21+dfsg-2.2+deb11u1~bpo10+1
3.0.21+dfsg-2.2+deb11u1
3.0.21+dfsg-3
3.0.25+dfsg-1
3.0.25+dfsg-1.1
3.2.0+dfsg-1~bpo11+1
3.2.0+dfsg-1
3.2.1+dfsg-1~bpo11+1
3.2.1+dfsg-1
3.2.1+dfsg-2
3.2.1+dfsg-3~bpo11+1
3.2.1+dfsg-3
3.2.1+dfsg-4
3.2.2+dfsg-1~exp1
3.2.3+dfsg-1
3.2.3+dfsg-2
3.2.5+dfsg-1
3.2.5+dfsg-2
3.2.5+dfsg-3
Debian:12 / freeradius
Package
- Name
- freeradius
- Purl
- pkg:deb/debian/freeradius?arch=source
Debian:13 / freeradius
Package
- Name
- freeradius
- Purl
- pkg:deb/debian/freeradius?arch=source
Git / github.com/freeradius/freeradius-server
Affected versions
Other
branch_4_0_0
first-build
release_0_1_0
release_0_2_0
release_0_3_0
release_0_4_0
release_0_5_0
release_0_6_0
release_0_7_0
release_0_9_0
release_0_9_0_final
release_0_9_0_pre2
release_0_9_0_pre3
release_1_0_0
release_1_0_0_pre1
release_1_0_0_pre2
release_1_0_0_pre3
release_1_0_1
release_1_0_2
release_1_1_0
release_1_1_0_pre0
release_1_1_1
release_1_1_2
release_1_1_3
release_1_1_4
release_1_1_5
release_1_1_6
release_1_1_7
release_2_0_0
release_2_0_0_pre1
release_2_0_0_pre2
release_2_0_1
release_2_0_2
release_2_0_3
release_2_0_4
release_2_0_5
release_2_1_0
release_2_1_1
release_2_1_2
release_2_1_3
release_2_1_4
release_2_1_7
release_3_0_0
release_3_0_0_beta0
release_3_0_0_beta1
release_3_0_0_rc0
release_3_0_0_rc1
release_3_0_1
release_3_0_10
release_3_0_11
release_3_0_12
release_3_0_13
release_3_0_14
release_3_0_15
release_3_0_16
release_3_0_17
release_3_0_18
release_3_0_19
release_3_0_2
release_3_0_20
release_3_0_21
release_3_0_22
release_3_0_23
release_3_0_24
release_3_0_25
release_3_0_3
release_3_0_4_rc0
release_3_0_4_rc1
release_3_0_4_rc2
release_3_0_5
release_3_0_6
release_3_0_7
release_3_0_8
release_3_0_9
release_3.*
release_3.0.8