Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 891265 (CVE-2022-41859, CVE-2022-41860, CVE-2022-41861) - <net-dialup/freeradius-3.2.2: multiple vulnerabilities
Summary: <net-dialup/freeradius-3.2.2: multiple vulnerabilities
Status: CONFIRMED
Alias: CVE-2022-41859, CVE-2022-41860, CVE-2022-41861
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: Normal minor (vote)
Assignee: Gentoo Security
URL:
Whiteboard: B3 [glsa?]
Keywords: PullRequest
Depends on: 898040
Blocks:
  Show dependency tree
 
Reported: 2023-01-18 04:44 UTC by John Helmert III
Modified: 2023-04-30 23:48 UTC (History)
1 user (show)

See Also:
Package list:
Runtime testing required: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description John Helmert III archtester Gentoo Infrastructure gentoo-dev Security 2023-01-18 04:44:59 UTC
CVE-2022-41859 (https://github.com/FreeRADIUS/freeradius-server/commit/9e5e8f2f):

In freeradius, the EAP-PWD function compute_password_element() leaks information about the password which allows an attacker to substantially reduce the size of an offline dictionary attack.

CVE-2022-41860 (https://github.com/FreeRADIUS/freeradius-server/commit/f1cdbb33ec61c4a64a):

In freeradius, when an EAP-SIM supplicant sends an unknown SIM option, the server will try to look that option up in the internal dictionaries. This lookup will fail, but the SIM code will not check for that failure. Instead, it will dereference a NULL pointer, and cause the server to crash.

CVE-2022-41861 (https://github.com/FreeRADIUS/freeradius-server/commit/0ec2b39d260e):

A flaw was found in freeradius. A malicious RADIUS client or home server can send a malformed abinary attribute which can cause the server to crash.

All have referenced patches, but don't seem to be in any release.
Comment 1 Larry the Git Cow gentoo-dev 2023-02-27 08:31:01 UTC
The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=b3ba1ccdbb78b40fc07e108cd7a30f92bbc59d9f

commit b3ba1ccdbb78b40fc07e108cd7a30f92bbc59d9f
Author:     Alarig Le Lay <alarig@swordarmor.fr>
AuthorDate: 2023-02-27 08:28:14 +0000
Commit:     Joonas Niilola <juippis@gentoo.org>
CommitDate: 2023-02-27 08:30:58 +0000

    net-dialup/freeradius: add 3.2.1
    
    Bug: https://bugs.gentoo.org/891265
    Closes: https://bugs.gentoo.org/897082
    Signed-off-by: Alarig Le Lay <alarig@swordarmor.fr>
    Closes: https://github.com/gentoo/gentoo/pull/29342
    Signed-off-by: Joonas Niilola <juippis@gentoo.org>

 net-dialup/freeradius/Manifest                |   1 +
 net-dialup/freeradius/freeradius-3.2.1.ebuild | 311 ++++++++++++++++++++++++++
 2 files changed, 312 insertions(+)

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=88befb5372fc96f806de06bef0caca0bf4488b6e

commit 88befb5372fc96f806de06bef0caca0bf4488b6e
Author:     Alarig Le Lay <alarig@swordarmor.fr>
AuthorDate: 2023-02-27 08:27:26 +0000
Commit:     Joonas Niilola <juippis@gentoo.org>
CommitDate: 2023-02-27 08:30:58 +0000

    net-dialup/freeradius: add 3.0.26
    
    Bug: https://bugs.gentoo.org/891265
    Signed-off-by: Alarig Le Lay <alarig@swordarmor.fr>
    Signed-off-by: Joonas Niilola <juippis@gentoo.org>

 net-dialup/freeradius/Manifest                 |   1 +
 net-dialup/freeradius/freeradius-3.0.26.ebuild | 267 +++++++++++++++++++++++++
 2 files changed, 268 insertions(+)
Comment 2 Joonas Niilola gentoo-dev 2023-02-27 08:35:50 UTC
Well as I was thinking, maybe just bump to 3.2.2, stabilize that and drop all the older versions.
Comment 3 Larry the Git Cow gentoo-dev 2023-02-27 09:03:54 UTC
The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=a624ea84bec7bafb42e92db83f493ddf96c35324

commit a624ea84bec7bafb42e92db83f493ddf96c35324
Author:     Joonas Niilola <juippis@gentoo.org>
AuthorDate: 2023-02-27 09:03:34 +0000
Commit:     Joonas Niilola <juippis@gentoo.org>
CommitDate: 2023-02-27 09:03:51 +0000

    net-dialup/freeradius: add 3.2.2
    
    Bug: https://bugs.gentoo.org/891265
    Signed-off-by: Joonas Niilola <juippis@gentoo.org>

 net-dialup/freeradius/Manifest                |   1 +
 net-dialup/freeradius/freeradius-3.2.2.ebuild | 309 ++++++++++++++++++++++++++
 2 files changed, 310 insertions(+)
Comment 4 Joonas Niilola gentoo-dev 2023-02-27 09:06:03 UTC
Manually checking the source code, the linked commits are present in 3.2.2 release.
Comment 5 Larry the Git Cow gentoo-dev 2023-04-20 04:01:07 UTC
The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=b022e526a4edf6aa28f76069f42c7195c21e1e27

commit b022e526a4edf6aa28f76069f42c7195c21e1e27
Author:     John Helmert III <ajak@gentoo.org>
AuthorDate: 2023-04-20 03:58:53 +0000
Commit:     John Helmert III <ajak@gentoo.org>
CommitDate: 2023-04-20 03:58:53 +0000

    net-dialup/freeradius: drop 3.0.25-r2, 3.0.26, 3.2.0, 3.2.1
    
    Bug: https://bugs.gentoo.org/891265
    Signed-off-by: John Helmert III <ajak@gentoo.org>

 net-dialup/freeradius/Manifest                    |   4 -
 net-dialup/freeradius/freeradius-3.0.25-r2.ebuild | 267 -------------------
 net-dialup/freeradius/freeradius-3.0.26.ebuild    | 267 -------------------
 net-dialup/freeradius/freeradius-3.2.0.ebuild     | 309 ---------------------
 net-dialup/freeradius/freeradius-3.2.1.ebuild     | 311 ----------------------
 5 files changed, 1158 deletions(-)