Attributes of data type 'signed' would sometimes be created from uninitialized memory, instead of from the received packet. There is only one 'signed' attribute, which is in the WiMAX dictionaries, and it is used only in certain limited situations. The security impact is minimal. Affected versions: 3.0.0 through 3.0.14, inclusive.
Acknowledgments: Name: the FreeRADIUS project Upstream: Guido Vranken
Created attachment 1295266 [details] Proposed patch
Created freeradius tracking bugs for this issue: Affects: fedora-all [bug 1471884]
This CVE was rejected: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10988 ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none.
External References: http://freeradius.org/security/fuzzer-2017.html