All errata/sisyphus/ALT-PU-2022-2505-2
ALT-PU-2022-2505-2

Package update freeradius in branch sisyphus

Version3.2.0-alt1
Task#305779
Published2026-02-04
Max severityCRITICAL
Severity:

Closed issues (5)

BDU:2024-05180
HIGH7.5

Уязвимость реализации протокола аутентификации RADIUS связана с обходом процедуры аутентификации посредством захвата-воспроизведения (capture-replay) перехваченных сообщений. Эксплуатация уязвимости может позволить нарушителю, действующему удалённо, получить несанкционированный доступ путём подделки аутентификационного ответа

Published: 2024-07-11Modified: 2025-11-19
CVSS 3.xHIGH 7.5
CVSS:3.x/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
CVSS 2.0MEDIUM 6.8
CVSS:2.0/AV:A/AC:H/Au:N/C:C/I:C/A:C
References
CVE-2022-41860
HIGH7.5

In freeradius, when an EAP-SIM supplicant sends an unknown SIM option, the server will try to look that option up in the internal dictionaries. This lookup will fail, but the SIM code will not check for that failure. Instead, it will dereference a NULL pointer, and cause the server to crash.

Published: 2023-01-17Modified: 2025-11-03
CVSS 3.xHIGH 7.5
CVSS:3.x/CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
References
CVE-2022-41861
MEDIUM6.5

A flaw was found in freeradius. A malicious RADIUS client or home server can send a malformed abinary attribute which can cause the server to crash.

Published: 2023-01-17Modified: 2025-11-03
CVSS 3.xMEDIUM 6.5
CVSS:3.x/CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
References
CVE-2024-3596
CRITICAL9.0

RADIUS Protocol under RFC 2865 is susceptible to forgery attacks by a local attacker who can modify any valid Response (Access-Accept, Access-Reject, or Access-Challenge) to any other response using a chosen-prefix collision attack against MD5 Response Authenticator signature.

Published: 2024-07-09Modified: 2025-11-04
CVSS 3.xCRITICAL 9.0
CVSS:3.x/CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H
References
GHSA-vhmj-5q9r-mm9g
MEDIUM5.3

BlastRADIUS also affects eduMFA

Published: 2024-07-17
CVSS 3.xMEDIUM 5.3
CVSS:3.x/CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N
CVSS 4.0MEDIUM 5.3
CVSS:4.0/CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:P/VC:N/VI:N/VA:N/SC:H/SI:H/SA:N
References