Red Hat Bugzilla – Bug 1468555
CVE-2017-10988 freeradius: Incorrectly created 'signed' attributes
Last modified: 2017-08-02 05:42:52 EDT
Attributes of data type 'signed' would sometimes be created from uninitialized memory, instead of from the received packet. There is only one 'signed' attribute, which is in the WiMAX dictionaries, and it is used only in certain limited situations.
The security impact is minimal.
Affected versions: 3.0.0 through 3.0.14, inclusive.
Name: the FreeRADIUS project
Upstream: Guido Vranken
Created attachment 1295266 [details]
Created freeradius tracking bugs for this issue:
Affects: fedora-all [bug 1471884]
This CVE was rejected:
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none.