Variable underflow exists in accel-ppp radius/packet.c when receiving a RADIUS vendor-specific attribute with length field is less than 2. It has an impact only when the attacker controls the RADIUS server, which can lead to arbitrary code execution.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Alpine | 3.15-community | noarch | accel-ppp | = 1.12.0.141-r3 | UNKNOWN |
Alpine | 3.16-community | noarch | accel-ppp | = 1.12.0.181-r0 | UNKNOWN |
Alpine | 3.17-community | noarch | accel-ppp | = 1.12.0.181-r2 | UNKNOWN |
Alpine | 3.18-community | noarch | accel-ppp | = 1.12.0_git20230404-r0 | UNKNOWN |
Alpine | 3.19-community | noarch | accel-ppp | = 1.12.0_git20230404-r2 | UNKNOWN |