CVE-2019-11235

FreeRADIUS before 3.0.19 mishandles the each participant verifies that the received scalar is within a range, and that the received group element is a valid point on the curve being used protection mechanism, aka a Dragonblood issue, a similar issue to CVE-2019-9498 and CVE-2019-9499.

Weakness

The product does not sufficiently verify the origin or authenticity of data, in a way that causes it to accept invalid data.

Affected Software

Related Attack Patterns

• https://cwe.mitre.org/data/definitions/111.html
• https://cwe.mitre.org/data/definitions/141.html
• https://cwe.mitre.org/data/definitions/142.html
• https://cwe.mitre.org/data/definitions/148.html
• https://cwe.mitre.org/data/definitions/218.html
• https://cwe.mitre.org/data/definitions/384.html
• https://cwe.mitre.org/data/definitions/385.html
• https://cwe.mitre.org/data/definitions/386.html
• https://cwe.mitre.org/data/definitions/387.html
• https://cwe.mitre.org/data/definitions/388.html
• https://cwe.mitre.org/data/definitions/665.html
• https://cwe.mitre.org/data/definitions/701.html

References

• http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00014.html
• http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00032.html
• http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00033.html
• https://access.redhat.com/errata/RHSA-2019:1131
• https://access.redhat.com/errata/RHSA-2019:1142
• https://bugzilla.redhat.com/show_bug.cgi?id=1695748
• https://freeradius.org/release_notes/?br=3.0.x\u0026re=3.0.19
• https://freeradius.org/security/
• https://papers.mathyvanhoef.com/dragonblood.pdf
• https://usn.ubuntu.com/3954-1/
• https://www.kb.cert.org/vuls/id/871675/