1
PublicDateAtUSN: 2017-07-17
2
Candidate: CVE-2017-10979
5
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10979
6
http://freeradius.org/security/fuzzer-2017.html#FR-GV-202
7
http://freeradius.org/security/fuzzer-2017.html
8
https://usn.ubuntu.com/usn/usn-3369-1
10
An FR-GV-202 issue in FreeRADIUS 2.x before 2.2.10 allows "Write overflow
11
in rad_coalesce()" - this allows remote attackers to cause a denial of
12
service (daemon crash) or possibly execute arbitrary code.
15
sbeattie> affects 2.x only
18
Discovered-by: Guido Vranken
22
upstream: https://github.com/FreeRADIUS/freeradius-server/commit/ae3ba0011e7d299e92c45300e0137a56a650e8f5
23
upstream_freeradius: released (3.0.12+dfsg-3)
24
precise/esm_freeradius: DNE
25
trusty_freeradius: released (2.1.12+dfsg-1.2ubuntu8.2)
26
vivid/ubuntu-core_freeradius: DNE
27
xenial_freeradius: released (2.2.8+dfsg-0.1ubuntu0.1)
28
yakkety_freeradius: ignored (reached end-of-life)
29
zesty_freeradius: not-affected (2.x only)
30
devel_freeradius: not-affected (3.0.12+dfsg-5ubuntu1)