{"id":"CVE-2017-10978","details":"An FR-GV-201 issue in FreeRADIUS 2.x before 2.2.10 and 3.x before 3.0.15 allows \"Read / write overflow in make_secret()\" and a denial of service.","modified":"2026-04-16T06:16:07.711053235Z","published":"2017-07-17T17:29:00.180Z","related":["SUSE-SU-2017:2202-1","SUSE-SU-2017:2243-1","SUSE-SU-2017:2244-1","openSUSE-SU-2024:10767-1"],"references":[{"type":"ADVISORY","url":"http://www.debian.org/security/2017/dsa-3930"},{"type":"ADVISORY","url":"http://www.securityfocus.com/bid/99893"},{"type":"ADVISORY","url":"http://www.securitytracker.com/id/1038914"},{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2017:1759"},{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2017:2389"},{"type":"FIX","url":"http://freeradius.org/security/fuzzer-2017.html"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/freeradius/freeradius-server","events":[{"introduced":"74ef9b64f7cd631b13d7a61bd1588a2bfc75ba39"},{"fixed":"ee6cba74cfa0c7214eb068f2f4665da0137c69c3"},{"introduced":"580424ea12feeb5933f1aaac33fd5f9e2fa2ee60"},{"fixed":"d253cf86d79b024ff68378e146775aa6975b887a"}],"database_specific":{"versions":[{"introduced":"2.0"},{"fixed":"2.2.10"},{"introduced":"3.0.0"},{"fixed":"3.0.15"}]}}],"versions":["release_2_0_0","release_2_0_1","release_2_0_2","release_2_0_3","release_2_0_4","release_2_0_5","release_2_1_0","release_2_1_1","release_2_1_10","release_2_1_11","release_2_1_12","release_2_1_2","release_2_1_3","release_2_1_4","release_2_1_7","release_2_1_8","release_2_1_9","release_2_2_0","release_2_2_1","release_2_2_2","release_2_2_3","release_2_2_4","release_2_2_5","release_2_2_6","release_2_2_7","release_2_2_8","release_2_2_9","release_3.0.8","release_3_0_0","release_3_0_1","release_3_0_10","release_3_0_11","release_3_0_12","release_3_0_13","release_3_0_14","release_3_0_2","release_3_0_3","release_3_0_4_rc0","release_3_0_4_rc1","release_3_0_4_rc2","release_3_0_5","release_3_0_6","release_3_0_7","release_3_0_8","release_3_0_9"],"database_specific":{"unresolved_ranges":[{"events":[{"introduced":"0"},{"last_affected":"8.0"}]},{"events":[{"introduced":"0"},{"last_affected":"9.0"}]},{"events":[{"introduced":"0"},{"last_affected":"7.0"}]},{"events":[{"introduced":"0"},{"last_affected":"6.0"}]},{"events":[{"introduced":"0"},{"last_affected":"7.0"}]},{"events":[{"introduced":"0"},{"last_affected":"7.4"}]},{"events":[{"introduced":"0"},{"last_affected":"7.6"}]},{"events":[{"introduced":"0"},{"last_affected":"7.7"}]},{"events":[{"introduced":"0"},{"last_affected":"7.4"}]},{"events":[{"introduced":"0"},{"last_affected":"7.5"}]},{"events":[{"introduced":"0"},{"last_affected":"7.6"}]},{"events":[{"introduced":"0"},{"last_affected":"7.7"}]},{"events":[{"introduced":"0"},{"last_affected":"7.4"}]},{"events":[{"introduced":"0"},{"last_affected":"7.6"}]},{"events":[{"introduced":"0"},{"last_affected":"7.7"}]},{"events":[{"introduced":"0"},{"last_affected":"6.0"}]},{"events":[{"introduced":"0"},{"last_affected":"7.0"}]}],"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2017-10978.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}]}