Sign in Get started

← All advisories

High severity7.5NVD Advisory· Published Jul 17, 2017· Updated May 13, 2026

CVE-2017-10985

CVE-2017-10985

Description

An FR-GV-302 issue in FreeRADIUS 3.x before 3.0.15 allows "Infinite loop and memory exhaustion with 'concat' attributes" and a denial of service.

Affected products

15

FreeRADIUS/Freeradius15 versions
cpe:2.3:a:freeradius:freeradius:3.0.0:*:*:*:*:*:*:*+ 14 more
- cpe:2.3:a:freeradius:freeradius:3.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:freeradius:freeradius:3.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:freeradius:freeradius:3.0.10:*:*:*:*:*:*:*
- cpe:2.3:a:freeradius:freeradius:3.0.11:*:*:*:*:*:*:*
- cpe:2.3:a:freeradius:freeradius:3.0.12:*:*:*:*:*:*:*
- cpe:2.3:a:freeradius:freeradius:3.0.13:*:*:*:*:*:*:*
- cpe:2.3:a:freeradius:freeradius:3.0.14:*:*:*:*:*:*:*
- cpe:2.3:a:freeradius:freeradius:3.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:freeradius:freeradius:3.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:freeradius:freeradius:3.0.4:*:*:*:*:*:*:*
- cpe:2.3:a:freeradius:freeradius:3.0.5:*:*:*:*:*:*:*
- cpe:2.3:a:freeradius:freeradius:3.0.6:*:*:*:*:*:*:*
- cpe:2.3:a:freeradius:freeradius:3.0.7:*:*:*:*:*:*:*
- cpe:2.3:a:freeradius:freeradius:3.0.8:*:*:*:*:*:*:*
- cpe:2.3:a:freeradius:freeradius:3.0.9:*:*:*:*:*:*:*

Patches

0

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

4

freeradius.org/security/fuzzer-2017.htmlnvdPatchVendor Advisory
www.debian.org/security/2017/dsa-3930nvd
www.securityfocus.com/bid/99968nvd
access.redhat.com/errata/RHSA-2017:2389nvd

News mentions

0

No linked articles in our index yet.