Issued:: 2024-07-30
Updated:: 2024-07-30

RHSA-2024:4913 - Security Advisory

Overview
Updated Packages

Synopsis

Important: freeradius:3.0 security update

Type/Severity

Security Advisory: Important

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for the freeradius:3.0 module is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

FreeRADIUS is a high-performance and highly configurable free Remote Authentication Dial In User Service (RADIUS) server, designed to allow centralized authentication and authorization for a network.

Security Fix(es):

freeradius: forgery attack (CVE-2024-3596)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

Affected Products

Red Hat Enterprise Linux Server - AUS 8.2 x86_64

Fixes

BZ - 2263240 - CVE-2024-3596 freeradius: forgery attack

CVEs

CVE-2024-3596

References

https://access.redhat.com/security/updates/classification/#important

Note: More recent versions of these packages may be available. Click a package name for more details.

Red Hat Enterprise Linux Server - AUS 8.2

SRPM
freeradius-3.0.20-1.module+el8.2.0+22148+b45f7ef2.1.src.rpm	SHA-256: ac93e3afc20068d9077c7d25ad7e44a18acc2f19216844b1089192695fd3bdb6
x86_64
freeradius-3.0.20-1.module+el8.2.0+22148+b45f7ef2.1.x86_64.rpm	SHA-256: 57c4ff14d5c8513fb3b5c2f54aba9fb72d3b0f27cd01c53439e6226536c7cd21
freeradius-debuginfo-3.0.20-1.module+el8.2.0+22148+b45f7ef2.1.x86_64.rpm	SHA-256: 1d4886fdf7414bec404f7928ae78502f485fc3b9b519f8c07441a802731281a1
freeradius-debugsource-3.0.20-1.module+el8.2.0+22148+b45f7ef2.1.x86_64.rpm	SHA-256: f4f31a78a29bd55e849a812d1865ec5f948bb0d1133f438e088691df4a4a142e
freeradius-devel-3.0.20-1.module+el8.2.0+22148+b45f7ef2.1.x86_64.rpm	SHA-256: 49b9fcfcd96a6bd9847bce841ccdc1759a397270e47049eb41cf93056c0b1f73
freeradius-doc-3.0.20-1.module+el8.2.0+22148+b45f7ef2.1.x86_64.rpm	SHA-256: b3e79d371af8592848c3a9501c3bf5a93f479e6b32d64ff4dec252e14534d5f7
freeradius-krb5-3.0.20-1.module+el8.2.0+22148+b45f7ef2.1.x86_64.rpm	SHA-256: 95b59182113de64e66fe95749b4cac3510b1e4e86d752bcfaf008775f6afbd64
freeradius-krb5-debuginfo-3.0.20-1.module+el8.2.0+22148+b45f7ef2.1.x86_64.rpm	SHA-256: bb8dcbcf152eb85ecadea26d521e6378c95984a2072e427848185769ef54bf1d
freeradius-ldap-3.0.20-1.module+el8.2.0+22148+b45f7ef2.1.x86_64.rpm	SHA-256: a4b83319e9444eb87d8f366aa82555921acfb4a56ae988a70f52b3fc478d44e3
freeradius-ldap-debuginfo-3.0.20-1.module+el8.2.0+22148+b45f7ef2.1.x86_64.rpm	SHA-256: b5c74b6395104aec7a47ac963ecb637f1712ee956ff3d6bf9c660e27be2dbdd1
freeradius-mysql-3.0.20-1.module+el8.2.0+22148+b45f7ef2.1.x86_64.rpm	SHA-256: 7a1c1017886a8f51cbac7873bf4cb7228100cb7c953da633106d1e32ef462010
freeradius-mysql-debuginfo-3.0.20-1.module+el8.2.0+22148+b45f7ef2.1.x86_64.rpm	SHA-256: 2e649033d00ae730053ddd8d76633fc44b2f5bed0bf635d82e7875b1389e5e60
freeradius-perl-3.0.20-1.module+el8.2.0+22148+b45f7ef2.1.x86_64.rpm	SHA-256: 5a89c33c4453d7f5d22fb08cb0713890f11b693c1449b3cc58b584603cd6e4e3
freeradius-perl-debuginfo-3.0.20-1.module+el8.2.0+22148+b45f7ef2.1.x86_64.rpm	SHA-256: 8a8ebd5d7ee0be550a4aca03ade910e6a8eb9125450eb1d271735f48b1bad9c6
freeradius-postgresql-3.0.20-1.module+el8.2.0+22148+b45f7ef2.1.x86_64.rpm	SHA-256: 5e702042afbacb3e4a44c920ec3d1ba884db4170b45c23aa1e03ebd5d3ffd78f
freeradius-postgresql-debuginfo-3.0.20-1.module+el8.2.0+22148+b45f7ef2.1.x86_64.rpm	SHA-256: 11c5e11b7ccd7244aefc7b0a11dce2b03d07b17484b008902720b9812abcba4f
freeradius-rest-3.0.20-1.module+el8.2.0+22148+b45f7ef2.1.x86_64.rpm	SHA-256: 10fdbc0bc991523aed35be49c1a80063734c945b9a734507f844734485fe0060
freeradius-rest-debuginfo-3.0.20-1.module+el8.2.0+22148+b45f7ef2.1.x86_64.rpm	SHA-256: 850c2dc2f7284b2643a8e7d1529f901abfb3cb1819b7b825dfbdcfc658e293a1
freeradius-sqlite-3.0.20-1.module+el8.2.0+22148+b45f7ef2.1.x86_64.rpm	SHA-256: 15fd1e7df8da24baa86c73c3499eebdf7340e86a3a10b5f0ce63e3ab7bf765de
freeradius-sqlite-debuginfo-3.0.20-1.module+el8.2.0+22148+b45f7ef2.1.x86_64.rpm	SHA-256: 91ebbd6f995dafc34dbb9c0dcff2f68ee57adb049e02d6d438b63ab2af62766c
freeradius-unixODBC-3.0.20-1.module+el8.2.0+22148+b45f7ef2.1.x86_64.rpm	SHA-256: c6c76cfc4c8bfeb093147401b8e6b784675b6efe1273036014c9459a981efaa3
freeradius-unixODBC-debuginfo-3.0.20-1.module+el8.2.0+22148+b45f7ef2.1.x86_64.rpm	SHA-256: c2a897a77b32bdd56143897211e94b5f0298d42fb6124c7459d42c70d8d5902b
freeradius-utils-3.0.20-1.module+el8.2.0+22148+b45f7ef2.1.x86_64.rpm	SHA-256: a0c1d196c9b418fa8e6aeff3e537af60c538e82bf71117ff1afb97e97e63b07c
freeradius-utils-debuginfo-3.0.20-1.module+el8.2.0+22148+b45f7ef2.1.x86_64.rpm	SHA-256: 71a8aeaf3815856cd8e273e6abaa2f368057dbc1a7246cec92b742288c60cb8b

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.

Select Your Language

Infrastructure and Management

Cloud Computing

Storage

Runtimes

Integration and Automation