CVE-2022-41860

Name	CVE-2022-41860
Description	In freeradius, when an EAP-SIM supplicant sends an unknown SIM option, the server will try to look that option up in the internal dictionaries. This lookup will fail, but the SIM code will not check for that failure. Instead, it will dereference a NULL pointer, and cause the server to crash.
Source	CVE (at NVD; CERT, LWN, oss-sec, fulldisc, bugtraq, EDB, Metasploit, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, Mageia, GitHub advisories/code/issues, web search, more)
References	DLA-3342-1

Vulnerable and fixed packages

The table below lists information on source packages.

Source Package	Release	Version	Status
freeradius (PTS)	buster	3.0.17+dfsg-1.1+deb10u1	vulnerable
	buster (security)	3.0.17+dfsg-1.1+deb10u2	fixed
	bullseye	3.0.21+dfsg-2.2+deb11u1	vulnerable
	bookworm, sid	3.2.1+dfsg-4	fixed

The information below is based on the following data on fixed versions.

Package	Type	Release	Fixed Version	Urgency	Origin	Debian Bugs
freeradius	source	buster	3.0.17+dfsg-1.1+deb10u2		DLA-3342-1
freeradius	source	(unstable)	3.2.0+dfsg-1

Notes

[bullseye] - freeradius <no-dsa> (Minor issue)
https://github.com/FreeRADIUS/freeradius-server/commit/f1cdbb33ec61c4a64a32e107d4d02f936051c708 (release_3_0_26)
https://freeradius.org/security/ ("Crash on unknown option in EAP-SIM")