CVE-2020-28194
CRITICALaccel-ppp < 1.12.0-e9d369a - Integer Underflow in RADIUS Vendor-Specific Attribute Handling
Title source: llmDescription
Variable underflow exists in accel-ppp radius/packet.c when receiving a RADIUS vendor-specific attribute with length field is less than 2. It has an impact only when the attacker controls the RADIUS server, which can lead to arbitrary code execution.
References (2)
Core 2
Core References
Patch, Third Party Advisory x_refsource_misc
https://github.com/accel-ppp/accel-ppp/security/advisories/GHSA-2m44-rh3c-x4gr
Patch, Third Party Advisory x_refsource_misc
https://github.com/accel-ppp/accel-ppp/commit/e9d369aa0054312b7633e964e9f7eb323f1f3d69
Scores
CVSS v3
9.8
EPSS
0.0270
EPSS Percentile
84.0%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Details
CWE
CWE-191
Status
published
Products (1)
accel-ppp/accel-ppp
< 1.12.0-e9d369a
Published
Feb 01, 2021
Tracked Since
Feb 18, 2026