PT-2021-3571 · Freebsd · Freebsd

Leommxj

Published

2021-05-26

Updated

2022-05-16

CVE-2021-29629

CVSS v2.0

7.8

High

Vector

AV:N/AC:L/Au:N/C:N/I:N/A:C

Name of the Vulnerable Software and Affected Versions FreeBSD versions 11.4 through 11.4-RELEASE before p10 FreeBSD versions 12.2 through 12.2-RELEASE before p7 FreeBSD versions 13.0 through 13.0-RELEASE before p1

Description The issue exists due to insufficient input validation in the libradius service of the FreeBSD operating system. This can be exploited by a remote attacker to cause a denial of service.

Recommendations For versions 11.4 through 11.4-RELEASE before p10, update to a version after p10. For versions 12.2 through 12.2-RELEASE before p7, update to a version after p7. For versions 13.0 through 13.0-RELEASE before p1, update to a version after p1.

Fix

DoS

RCE

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-20

Related Identifiers

BDU:2021-03672

CVE-2021-29629

FREEBSD-SA-21_12

Affected Products

Freebsd

PT-2021-3571 · Freebsd · Freebsd

CVE-2021-29629

Weakness Enumeration

Related Identifiers

Affected Products

References · 10