CVE-2022-24705

2022-02-1422:15:08

Google

osv.dev

rad_packet_recv

buffer overflow

radius server

vulnerability

software

remote trigger

AI Score

7.5

Confidence

High

EPSS

0.002

Percentile

61.0%

JSON

The rad_packet_recv function in radius/packet.c suffers from a memcpy buffer overflow, resulting in an overly-large recvfrom into a fixed buffer that causes a buffer overflow and overwrites arbitrary memory. If the server connects with a malicious client, crafted client requests can remotely trigger this vulnerability.

References

github.com/accel-ppp/accel-ppp/pull/35