CVE-2023-41102

Source
https://nvd.nist.gov/vuln/detail/CVE-2023-41102
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2023-41102.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2023-41102
Related
Published
2023-11-17T06:15:34Z
Modified
2025-01-15T04:57:38.723430Z
Severity
  • 7.5 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
Summary
[none]
Details

An issue was discovered in the captive portal in OpenNDS before version 10.1.3. It has multiple memory leaks due to not freeing up allocated memory. This may lead to a Denial-of-Service condition due to the consumption of all available memory. Affected OpenNDS before version 10.1.3 fixed in OpenWrt master and OpenWrt 23.05 on 23. November by updating OpenNDS to version 10.2.0.

References

Affected packages

Debian:12 / opennds

Package

Name
opennds
Purl
pkg:deb/debian/opennds?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

9.*

9.10.0-1

10.*

10.2.0+dfsg-1
10.3.0+dfsg-0.1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:13 / opennds

Package

Name
opennds
Purl
pkg:deb/debian/opennds?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
10.2.0+dfsg-1

Affected versions

9.*

9.10.0-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Git / github.com/opennds/opennds

Affected ranges

Type
GIT
Repo
https://github.com/opennds/opennds
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed
Fixed
Type
GIT
Repo
https://github.com/openwrt/routing
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed
Fixed

Affected versions

v10.*

v10.1.0
v10.1.1
v10.1.2
v10.1.3

v5.*

v5.0.0
v5.0.1
v5.1.0
v5.2.0

v6.*

v6.0.0

v7.*

v7.0.0
v7.0.1

v8.*

v8.0.0
v8.1.0
v8.1.1

v9.*

v9.0.0
v9.1.0
v9.1.1
v9.10.0
v9.2.0
v9.3.0
v9.4.0
v9.5.0
v9.5.1
v9.6.0
v9.7.0
v9.8.0
v9.9.0
v9.9.1