Описание
scapy 2.4.0 is affected by: Denial of Service. The impact is: infinite loop, resource consumption and program unresponsive. The component is: _RADIUSAttrPacketListField.getfield(self..). The attack vector is: over the network or in a pcap. both work.
Пакеты
| Пакет | Статус | Версия исправления | Релиз | Тип |
|---|---|---|---|---|
| scapy | fixed | 2.4.2-1 | package | |
| scapy | no-dsa | buster | package | |
| scapy | not-affected | stretch | package | |
| scapy | not-affected | jessie | package |
Примечания
https://github.com/secdev/scapy/pull/1409
https://github.com/secdev/scapy/commit/0d7ae2b039f650a40e511d09eb961c782da025d9 (v2.4.1)
https://github.com/secdev/scapy/pull/1409/files#diff-441eff981e466959968111fc6314fe93L1058
EPSS
Связанные уязвимости
scapy 2.4.0 is affected by: Denial of Service. The impact is: infinite loop, resource consumption and program unresponsive. The component is: _RADIUSAttrPacketListField.getfield(self..). The attack vector is: over the network or in a pcap. both work.
scapy 2.4.0 is affected by: Denial of Service. The impact is: infinite loop, resource consumption and program unresponsive. The component is: _RADIUSAttrPacketListField.getfield(self..). The attack vector is: over the network or in a pcap. both work.
EPSS