An FR-GV-201 issue in FreeRADIUS 2.x before 2.2.10 and 3.x before 3.0.15 allows "Read / write overflow in make_secret()" and a denial of service.
https://access.redhat.com/errata/RHSA-2017:2389
https://access.redhat.com/errata/RHSA-2017:1759
http://www.securitytracker.com/id/1038914
http://www.securityfocus.com/bid/99893