CVE-2023-38321

NameCVE-2023-38321
DescriptionOpenNDS, as used in Sierra Wireless ALEOS before 4.17.0.12 and other products, allows remote attackers to cause a denial of service (NULL pointer dereference, daemon crash, and Captive Portal outage) via a GET request to /opennds_auth/ that lacks a custom query string parameter and client-token.
SourceCVE (at NVD; CERT, LWN, oss-sec, fulldisc, Debian ELTS, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, GitHub advisories/code/issues, web search, more)
Debian Bugs1059451

Vulnerable and fixed packages

The table below lists information on source packages.

Source PackageReleaseVersionStatus
opennds (PTS)bookworm9.10.0-1vulnerable
forky, sid, trixie10.3.1+dfsg-1fixed

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
openndssource(unstable)10.2.0+dfsg-11059451

Notes

https://github.com/openNDS/openNDS/commit/cd4004fc3cf79c0f2bc0ee98db30d225d0b79bc9 (v10.1.2)
https://source.sierrawireless.com/-/media/support_downloads/security-bulletins/pdf/swi-psa-2023-006-r3.ashx
While not specifically listed in the commit message, this appears to be the same fix as for CVE-2023-38320/CVE-2023-38322
Search for package or bug name: Reporting problems