CVE-2023-41102

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2023-41102

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2023-41102.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2023-41102

Downstream

DEBIAN-CVE-2023-41102

Related

UBUNTU-CVE-2023-41102

Published

2023-11-17T06:15:34Z

Modified

2025-11-16T03:57:30.071740Z

Severity

7.5 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVSS Calculator

Summary

[none]

Details

An issue was discovered in the captive portal in OpenNDS before version 10.1.3. It has multiple memory leaks due to not freeing up allocated memory. This may lead to a Denial-of-Service condition due to the consumption of all available memory. Affected OpenNDS before version 10.1.3 fixed in OpenWrt master and OpenWrt 23.05 on 23. November by updating OpenNDS to version 10.2.0.

References

Affected packages

Git / github.com/openwrt/routing

Affected ranges

Type: GIT
Repo: https://github.com/openwrt/routing
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Fixed

ad787a920ccb9dacf5b01d52bce36ac14a5ecd89

Git / github.com/opennds/opennds

Affected ranges

Type: GIT
Repo: https://github.com/opennds/opennds
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Fixed

31dbf4aa069c5bb39a7926d86036ce3b04312b51

Fixed

69dde77927b252e2a4347170504a785ac5d50c33

Affected versions

v10.*

v10.1.0

v10.1.1

v10.1.2

v10.1.3

v5.*

v5.0.0

v5.0.1

v5.1.0

v5.2.0

v6.*

v6.0.0

v7.*

v7.0.0

v7.0.1

v8.*

v8.0.0

v8.1.0

v8.1.1

v9.*

v9.0.0

v9.1.0

v9.1.1

v9.10.0

v9.2.0

v9.3.0

v9.4.0

v9.5.0

v9.5.1

v9.6.0

v9.7.0

v9.8.0

v9.9.0

v9.9.1

Database specific

vanir_signatures

[
    {
        "deprecated": false,
        "source": "https://github.com/opennds/opennds/commit/31dbf4aa069c5bb39a7926d86036ce3b04312b51",
        "id": "CVE-2023-41102-04d8882d",
        "signature_version": "v1",
        "target": {
            "function": "client_reset",
            "file": "src/client_list.c"
        },
        "signature_type": "Function",
        "digest": {
            "function_hash": "114453890567834647965685719824587767951",
            "length": 1004.0
        }
    },
    {
        "deprecated": false,
        "source": "https://github.com/opennds/opennds/commit/31dbf4aa069c5bb39a7926d86036ce3b04312b51",
        "id": "CVE-2023-41102-5ea0e821",
        "signature_version": "v1",
        "target": {
            "function": "_client_list_free_node",
            "file": "src/client_list.c"
        },
        "signature_type": "Function",
        "digest": {
            "function_hash": "111946994257986523736346573010147181776",
            "length": 376.0
        }
    },
    {
        "deprecated": false,
        "source": "https://github.com/opennds/opennds/commit/31dbf4aa069c5bb39a7926d86036ce3b04312b51",
        "id": "CVE-2023-41102-77324f52",
        "signature_version": "v1",
        "target": {
            "file": "src/client_list.c"
        },
        "signature_type": "Line",
        "digest": {
            "threshold": 0.9,
            "line_hashes": [
                "309883865822656205120904230157861152430",
                "218641413411637046584653299465956762644",
                "154366200437616714995018179146879283151",
                "167054071320135631185158432643977228813",
                "220378641845672108835288240462172789641",
                "257828874008015060487122637993844471292",
                "119183715455682742955387468425165022393",
                "109310709702527705998561615116592252579",
                "246038276234997406492972260729425314106",
                "107248104420302283145201838074675470581",
                "48527951882261810520248555341589741123",
                "188970831149681757312628630391965456395",
                "24056457945855280061205702776546777664"
            ]
        }
    },
    {
        "deprecated": false,
        "source": "https://github.com/opennds/opennds/commit/31dbf4aa069c5bb39a7926d86036ce3b04312b51",
        "id": "CVE-2023-41102-d2da72df",
        "signature_version": "v1",
        "target": {
            "file": "src/http_microhttpd.c"
        },
        "signature_type": "Line",
        "digest": {
            "threshold": 0.9,
            "line_hashes": [
                "204580094829658141876247396546241413979",
                "53959168667521409563875410821839881076",
                "139372920570885686454043986697294147601",
                "91224663760601915698346904270031756370",
                "282530142551032988576917341017649734939"
            ]
        }
    },
    {
        "deprecated": false,
        "source": "https://github.com/opennds/opennds/commit/31dbf4aa069c5bb39a7926d86036ce3b04312b51",
        "id": "CVE-2023-41102-dcb802ba",
        "signature_version": "v1",
        "target": {
            "function": "redirect_to_splashpage",
            "file": "src/http_microhttpd.c"
        },
        "signature_type": "Function",
        "digest": {
            "function_hash": "328333231479874028419759832420785874083",
            "length": 1485.0
        }
    }
]