PT-2020-9878 · Openssl+9 · Openssl+8

Mathy Vanhoef

Published

2020-01-05

Updated

2024-06-15

CVE-2019-17185

CVSS v3.1

7.5

High

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions FreeRADIUS versions 3.0.x through 3.0.19

Description The EAP-pwd module in FreeRADIUS used a global OpenSSL BN CTX instance to handle all handshakes, resulting in multiple threads using the same instance concurrently. This leads to crashes when concurrent EAP-pwd handshakes are initiated, which can be exploited by an adversary as a Denial-of-Service (DoS) attack.

Recommendations For FreeRADIUS versions 3.0.x through 3.0.19, update to version 3.0.20 or later to resolve the issue. As a temporary workaround, consider restricting concurrent EAP-pwd handshakes to minimize the risk of crashes.

Fix

DoS

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-662

Related Identifiers

ALT-PU-2020-1496

CESA-2020_3984

CESA-2020_4799

CVE-2019-17185

MGASA-2020-0007

OESA-2021-1031

OPENSUSE-SU-2020:0553-1

OPENSUSE-SU-2020_0553-1

OPENSUSE-SU-2024:10767-1

RHSA-2020:3984

RHSA-2020:4799

RHSA-2020_3984

RHSA-2020_4799

RLSA-2020:4799

SUSE-SU-2020:1018-1

SUSE-SU-2020:1020-1

SUSE-SU-2020:1023-1

SUSE-SU-2020:2391-1

USN-5785-1

Affected Products

Alt Linux

Centos

Freeradius

Linuxmint

Openssl

Red Hat

Rocky Linux

Suse

Ubuntu

PT-2020-9878 · Openssl+9 · Openssl+8

CVE-2019-17185

Weakness Enumeration

Related Identifiers

Affected Products

References · 60