Wind River Support Network

HomeDefectsLIN7-6274

Fixed

LIN7-6274 : Security Advisory - quagga - CVE-2016-4049

Created: May 31, 2016 Updated: Sep 13, 2018

Resolved Date: Apr 22, 2018

Found In Version: 7.0.0.15

Fix Version: 7.0.0.29

Severity: Standard

Applicable for: Wind River Linux 7

Component/s: Userspace

Description

The bgp_dump_routes_func function in bgpd/bgp_dump.c in Quagga does not perform size checks when dumping data, which might allow remote attackers to cause a denial of service (assertion failure and daemon crash) via a large BGP packet.

http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-4049

Other Downloads

Wind River Linux 7.0.0.29
Wind River Linux 7.0.0.30
Wind River Linux 7.0.0.31

CVEs

CVE-2016-4049