CVE-2017-10987 - log back

CVE-2017-10987 created at 25 Sep 2019 19:31:40
Severity
+ Medium
Remote
+ Remote
Type
+ Denial of service
Description
+ A security issue has been found in freeradius <= 3.0.15, where the fr_dhcp_decode_suboptions() function does not properly check if sub-options overflow the packet.
References
+ http://freeradius.org/security/fuzzer-2017.html#FR-GV-304
+ https://github.com/FreeRADIUS/freeradius-server/commit/19a18bf7c8af649c9e9742fb6a046f6aff639866
Notes