CVE-2017-10987

Published: 17 July 2017

An FR-GV-304 issue in FreeRADIUS 3.x before 3.0.15 allows "DHCP - Buffer over-read in fr_dhcp_decode_suboptions()" and a denial of service.

Priority

CVSS 3 base score: 7.5

Status

Package	Release	Status
freeradius Launchpad, Ubuntu, Debian	precise	Does not exist
	trusty	Does not exist (trusty was not-affected [v3 only])
	upstream	Released (3.0.15+dfsg-1)
	xenial	Not vulnerable (v3 only)
	yakkety	Not vulnerable (v3 only)
	zesty	Released (3.0.12+dfsg-4ubuntu1.2)