Security Advisory

CVE-2022-24705

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2022-02-14 21:04:30

Last updated 2024-09-16 18:39:19

Assigner GovTech CSG

State PUBLISHED

Description

The rad_packet_recv function in radius/packet.c suffers from a memcpy buffer overflow, resulting in an overly-large recvfrom into a fixed buffer that causes a buffer overflow and overwrites arbitrary memory. If the server connects with a malicious client, crafted client requests can remotely trigger this vulnerability.

← Browse all CVEs View on cve.org ↗