FreeRADIUS Security Patches Fix Critical Buffer Overflow Vulnerabilities

This advisory warns of severe unauthenticated buffer-overflow flaws in the widely deployed FreeRADIUS server—an attacker can send crafted UDP packets (e.g., a long NAS-Filter-Rule attribute) to crash the service before authentication checks, and multiple overflows affect EAP-MSCHAPv2, EAP-MD5 and TEAP. The maintainers withheld exploit details due to automated attack/tooling risks and urge immediate patching to FreeRADIUS 3.0.28 or 3.2.9 and validation of authentication environments.