Endpoint Vulnerability

RHSA-2020:4799: freeradius:3.0 security and bug fix update (Moderate)

Description

FreeRADIUS is a high-performance and highly configurable free Remote Authentication Dial In User Service (RADIUS) server, designed to allow centralized authentication and authorization for a network. Security Fix(es): * freeradius: eap-pwd: DoS issues due to multithreaded BN_CTX access (CVE-2019-17185) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.3 Release Notes linked from the References section.

Affected Products

freeradius

References

CVE-2019-17185,