Vulnerability Description
In FreeRADIUS 3.0.x before 3.0.20, the EAP-pwd module used a global OpenSSL BN_CTX instance to handle all handshakes. This mean multiple threads use the same BN_CTX instance concurrently, resulting in crashes when concurrent EAP-pwd handshakes are initiated. This can be abused by an adversary as a Denial-of-Service (DoS) attack.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Freeradius | Freeradius | >= 3.0.0, < 3.0.20 |
| Opensuse | Leap | 15.1 |
Related Weaknesses (CWE)
References
- http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00039.htmlMailing ListThird Party Advisory
- https://freeradius.org/security/Vendor Advisory
- https://github.com/FreeRADIUS/freeradius-server/releases/tag/release_3_0_20Release NotesThird Party Advisory
- http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00039.htmlMailing ListThird Party Advisory
- https://freeradius.org/security/Vendor Advisory
- https://github.com/FreeRADIUS/freeradius-server/releases/tag/release_3_0_20Release NotesThird Party Advisory
FAQ
What is CVE-2019-17185?
CVE-2019-17185 is a vulnerability with a CVSS score of 7.5 (HIGH). In FreeRADIUS 3.0.x before 3.0.20, the EAP-pwd module used a global OpenSSL BN_CTX instance to handle all handshakes. This mean multiple threads use the same BN_CTX instance concurrently, resulting in...
How severe is CVE-2019-17185?
CVE-2019-17185 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2019-17185?
Check the references section above for vendor advisories and patch information. Affected products include: Freeradius Freeradius, Opensuse Leap.