CVE-2022-41861

Name
CVE-2022-41861
Description
A flaw was found in freeradius. A malicious RADIUS client or home server can send a malformed abinary attribute which can cause the server to crash.
NVD Severity
medium
Other trackers
Mailing lists
Exploits
Forges
GitHub (code, issues), Aports (code, issues)

References

Type URI
MISC https://github.com/FreeRADIUS/freeradius-server/commit/0ec2b39d260e
MISC https://freeradius.org/security/

Match rules

CPE URI Source package Min version Max version
cpe:2.3:a:freeradius:freeradius:*:*:*:*:*:*:*:* freeradius >= None <= 3.0.25

Vulnerable and fixed packages

Source package Branch Version Maintainer Status
freeradius 3.14-main 3.0.23-r0 Leonardo Arena <rnalrd@alpinelinux.org> possibly vulnerable
freeradius 3.16-main 3.0.26-r0 Leonardo Arena <rnalrd@alpinelinux.org> fixed
freeradius 3.15-main 3.0.26-r0 Leonardo Arena <rnalrd@alpinelinux.org> fixed