{"id":"CVE-2017-10984","details":"An FR-GV-301 issue in FreeRADIUS 3.x before 3.0.15 allows \"Write overflow in data2vp_wimax()\" - this allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code.","modified":"2026-04-11T15:15:08.594417Z","published":"2017-07-17T17:29:00.367Z","related":["MGASA-2017-0232","SUSE-SU-2017:2202-1","SUSE-SU-2017:2243-1","openSUSE-SU-2024:10767-1"],"references":[{"type":"WEB","url":"http://www.securityfocus.com/bid/99876"},{"type":"ADVISORY","url":"http://www.debian.org/security/2017/dsa-3930"},{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2017:2389"},{"type":"FIX","url":"http://freeradius.org/security/fuzzer-2017.html"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/freeradius/freeradius-server","events":[{"introduced":"0"},{"last_affected":"580424ea12feeb5933f1aaac33fd5f9e2fa2ee60"},{"last_affected":"9dbdad73ca823f5d2fbb0cbc5c34aec714a9e0d3"},{"last_affected":"808a9b3a8ff7ebac794519a1e842507c9a99107b"},{"last_affected":"3366cf0a98513ee15e1b96e3996f929ba5e611a4"},{"last_affected":"7c9d5fbe83a67934bff42c1093d50daacbf1c083"},{"last_affected":"8bc2d13ba84de80ef4873b0d0990a133332d24a1"},{"last_affected":"add9d9595bdbbae2c6b045cc3f8c1f31823748ec"},{"last_affected":"8282a158b0b30d7dc522162855a30c942ad57dfa"},{"last_affected":"3250f1d08a5ce770afb88760cdebdfeac5bf495c"},{"last_affected":"8a1cbd0d3a2fca26aefac2cfe7a50cd5d22fed42"},{"last_affected":"d33a1dcd2591773fd3d0adde592dfad73c2088ed"},{"last_affected":"d667a281f56c959b77f53b7cf003c4acc634e4b0"},{"last_affected":"86b280f53d5cad01130a3245adb82cda6adb93ef"},{"last_affected":"d5a382ecdadaa022a917b91f1ea96e73ef189150"},{"last_affected":"a6ce2fc6c7c21d232175f535d3128349bcd2d784"}],"database_specific":{"cpe":["cpe:2.3:a:freeradius:freeradius:3.0.0:*:*:*:*:*:*:*","cpe:2.3:a:freeradius:freeradius:3.0.1:*:*:*:*:*:*:*","cpe:2.3:a:freeradius:freeradius:3.0.2:*:*:*:*:*:*:*","cpe:2.3:a:freeradius:freeradius:3.0.3:*:*:*:*:*:*:*","cpe:2.3:a:freeradius:freeradius:3.0.4:*:*:*:*:*:*:*","cpe:2.3:a:freeradius:freeradius:3.0.5:*:*:*:*:*:*:*","cpe:2.3:a:freeradius:freeradius:3.0.6:*:*:*:*:*:*:*","cpe:2.3:a:freeradius:freeradius:3.0.7:*:*:*:*:*:*:*","cpe:2.3:a:freeradius:freeradius:3.0.8:*:*:*:*:*:*:*","cpe:2.3:a:freeradius:freeradius:3.0.9:*:*:*:*:*:*:*","cpe:2.3:a:freeradius:freeradius:3.0.10:*:*:*:*:*:*:*","cpe:2.3:a:freeradius:freeradius:3.0.11:*:*:*:*:*:*:*","cpe:2.3:a:freeradius:freeradius:3.0.12:*:*:*:*:*:*:*","cpe:2.3:a:freeradius:freeradius:3.0.13:*:*:*:*:*:*:*","cpe:2.3:a:freeradius:freeradius:3.0.14:*:*:*:*:*:*:*"],"source":"CPE_FIELD","extracted_events":[{"introduced":"0"},{"last_affected":"3.0.0"},{"last_affected":"3.0.1"},{"last_affected":"3.0.2"},{"last_affected":"3.0.3"},{"last_affected":"3.0.4"},{"last_affected":"3.0.5"},{"last_affected":"3.0.6"},{"last_affected":"3.0.7"},{"last_affected":"3.0.8"},{"last_affected":"3.0.9"},{"last_affected":"3.0.10"},{"last_affected":"3.0.11"},{"last_affected":"3.0.12"},{"last_affected":"3.0.13"},{"last_affected":"3.0.14"}]}}],"versions":["branch_4_0_0","first-build","release_0_1_0","release_0_2_0","release_0_3_0","release_0_4_0","release_0_5_0","release_0_6_0","release_0_7_0","release_2_0_0","release_2_0_0_pre1","release_2_0_0_pre2","release_2_0_1","release_2_0_2","release_2_0_3","release_2_0_4","release_2_0_5","release_2_1_0","release_2_1_1","release_2_1_2","release_2_1_3","release_2_1_4","release_2_1_7","release_3.0.8","release_3_0_0","release_3_0_0_beta0","release_3_0_0_beta1","release_3_0_0_rc0","release_3_0_0_rc1","release_3_0_1","release_3_0_10","release_3_0_11","release_3_0_12","release_3_0_13","release_3_0_14","release_3_0_2","release_3_0_3","release_3_0_4","release_3_0_4_rc0","release_3_0_4_rc1","release_3_0_4_rc2","release_3_0_5","release_3_0_6","release_3_0_7","release_3_0_8","release_3_0_9"],"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2017-10984.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}]}