{"id":"CVE-2017-10986","details":"An FR-GV-303 issue in FreeRADIUS 3.x before 3.0.15 allows \"DHCP - Infinite read in dhcp_attr2vp()\" and a denial of service.","modified":"2026-04-02T00:00:26.576813Z","published":"2017-07-17T17:29:00.430Z","related":["MGASA-2017-0232","SUSE-SU-2017:2202-1","openSUSE-SU-2024:10767-1"],"references":[{"type":"WEB","url":"http://www.securityfocus.com/bid/99971"},{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2017:2389"},{"type":"ADVISORY","url":"http://www.debian.org/security/2017/dsa-3930"},{"type":"FIX","url":"http://freeradius.org/security/fuzzer-2017.html"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/freeradius/freeradius-server","events":[{"introduced":"0"},{"last_affected":"580424ea12feeb5933f1aaac33fd5f9e2fa2ee60"},{"introduced":"0"},{"last_affected":"9dbdad73ca823f5d2fbb0cbc5c34aec714a9e0d3"},{"introduced":"0"},{"last_affected":"808a9b3a8ff7ebac794519a1e842507c9a99107b"},{"introduced":"0"},{"last_affected":"3366cf0a98513ee15e1b96e3996f929ba5e611a4"},{"introduced":"0"},{"last_affected":"7c9d5fbe83a67934bff42c1093d50daacbf1c083"},{"introduced":"0"},{"last_affected":"8bc2d13ba84de80ef4873b0d0990a133332d24a1"},{"introduced":"0"},{"last_affected":"add9d9595bdbbae2c6b045cc3f8c1f31823748ec"},{"introduced":"0"},{"last_affected":"8282a158b0b30d7dc522162855a30c942ad57dfa"},{"introduced":"0"},{"last_affected":"3250f1d08a5ce770afb88760cdebdfeac5bf495c"},{"introduced":"0"},{"last_affected":"8a1cbd0d3a2fca26aefac2cfe7a50cd5d22fed42"},{"introduced":"0"},{"last_affected":"d33a1dcd2591773fd3d0adde592dfad73c2088ed"},{"introduced":"0"},{"last_affected":"d667a281f56c959b77f53b7cf003c4acc634e4b0"},{"introduced":"0"},{"last_affected":"86b280f53d5cad01130a3245adb82cda6adb93ef"},{"introduced":"0"},{"last_affected":"d5a382ecdadaa022a917b91f1ea96e73ef189150"},{"introduced":"0"},{"last_affected":"a6ce2fc6c7c21d232175f535d3128349bcd2d784"}],"database_specific":{"versions":[{"introduced":"0"},{"last_affected":"3.0.0"},{"introduced":"0"},{"last_affected":"3.0.1"},{"introduced":"0"},{"last_affected":"3.0.2"},{"introduced":"0"},{"last_affected":"3.0.3"},{"introduced":"0"},{"last_affected":"3.0.4"},{"introduced":"0"},{"last_affected":"3.0.5"},{"introduced":"0"},{"last_affected":"3.0.6"},{"introduced":"0"},{"last_affected":"3.0.7"},{"introduced":"0"},{"last_affected":"3.0.8"},{"introduced":"0"},{"last_affected":"3.0.9"},{"introduced":"0"},{"last_affected":"3.0.10"},{"introduced":"0"},{"last_affected":"3.0.11"},{"introduced":"0"},{"last_affected":"3.0.12"},{"introduced":"0"},{"last_affected":"3.0.13"},{"introduced":"0"},{"last_affected":"3.0.14"}]}}],"versions":["branch_3_1_x","branch_4_0_0","first-build","release_0_1_0","release_0_2_0","release_0_3_0","release_0_4_0","release_0_5_0","release_0_6_0","release_0_7_0","release_0_7_1","release_0_8_1","release_0_9_0","release_0_9_0_final","release_0_9_0_pre2","release_0_9_0_pre3","release_0_9_1","release_0_9_2","release_0_9_3","release_1_0_0","release_1_0_0_pre1","release_1_0_0_pre2","release_1_0_0_pre3","release_1_0_1","release_1_0_2","release_1_0_3","release_1_0_4","release_1_0_5","release_1_1_0","release_1_1_0_pre0","release_1_1_1","release_1_1_2","release_1_1_3","release_1_1_4","release_1_1_5","release_1_1_6","release_1_1_7","release_1_1_8","release_2_0_0","release_2_0_0_pre1","release_2_0_0_pre2","release_2_0_1","release_2_0_2","release_2_0_3","release_2_0_4","release_2_0_5","release_2_1_0","release_2_1_1","release_2_1_10","release_2_1_11","release_2_1_12","release_2_1_2","release_2_1_3","release_2_1_4","release_2_1_6","release_2_1_7","release_2_1_8","release_2_1_9","release_2_2_0","release_2_2_1","release_2_2_10","release_2_2_2","release_2_2_3","release_2_2_4","release_2_2_5","release_2_2_6","release_2_2_7","release_2_2_8","release_2_2_9","release_3_0_0","release_3_0_0_beta0","release_3_0_0_beta1","release_3_0_0_rc0","release_3_0_0_rc1"],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2017-10986.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}]}