Launchpad.net

Launchpad Home
Code
Bugs
Blueprints
Translations
Answers

CVE 2016-4049

The bgp_dump_routes_func function in bgpd/bgp_dump.c in Quagga does not perform size checks when dumping data, which might allow remote attackers to cause a denial of service (assertion failure and daemon crash) via a large BGP packet.

See the

CVE page on Mitre.org for more details.

References

MLIST: [oss-security] 2016042...
MLIST: [quagga-dev] 20160125 ...
MLIST: [quagga-dev] 20160203 ...
SUSE: openSUSE-SU-2016:1313
SECTRACK: 1035699
DEBIAN: DSA-3654
BID: 88561
GENTOO: GLSA-201701-48
REDHAT: RHSA-2017:0794

Launchpad.net

CVE 2016-4049

Related bugs

References