exploitDog

CVE-2022-24705

Опубликовано: 14 фев. 2022

Источник: nvd

CVSS3: 9.8

CVSS2: 7.5

EPSS Низкий

Описание

The rad_packet_recv function in radius/packet.c suffers from a memcpy buffer overflow, resulting in an overly-large recvfrom into a fixed buffer that causes a buffer overflow and overwrites arbitrary memory. If the server connects with a malicious client, crafted client requests can remotely trigger this vulnerability.

Ссылки

https://github.com/accel-ppp/accel-ppp/pull/35
Patch
Third Party Advisory
https://github.com/accel-ppp/accel-ppp/pull/35
Patch
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:accel-ppp:accel-ppp:*:*:*:*:*:*:*:*

Версия до 1.12.0 (исключая)

EPSS

Процентиль: 64%

0.00459

Низкий

9.8 Critical

CVSS3

7.5 High

CVSS2

Дефекты

CWE-120

Связанные уязвимости

GHSA-8hhg-rh8g-2x9h

github

почти 4 года назад

The rad_packet_recv function in radius/packet.c suffers from a memcpy buffer overflow, resulting in an overly-large recvfrom into a fixed buffer that causes a buffer overflow and overwrites arbitrary memory. If the server connects with a malicious client, crafted client requests can remotely trigger this vulnerability.

EPSS

Процентиль: 64%

0.00459

Низкий

9.8 Critical

CVSS3

7.5 High

CVSS2

Дефекты

CWE-120