Wind River Support Network

HomeDefectsLIN8-3726

Fixed

LIN8-3726 : Security Advisory - quagga - CVE-2016-4049

Created: May 31, 2016 Updated: Dec 3, 2018

Resolved Date: Mar 15, 2018

Found In Version: 8.0

Fix Version: 8.0.0.26

Severity: Standard

Applicable for: Wind River Linux 8

Component/s: Userspace

Description

The bgp_dump_routes_func function in bgpd/bgp_dump.c in Quagga does not perform size checks when dumping data, which might allow remote attackers to cause a denial of service (assertion failure and daemon crash) via a large BGP packet.

http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-4049

Other Downloads

Wind River Linux 8.0.0.26
Wind River Linux 8.0.0.27
Wind River Linux 8.0.0.28
Wind River Linux 8.0.0.29
Wind River Linux 8.0.0.30
Wind River Linux 8.0.0.31
Wind River Linux 8.0.0.32
Wind River Linux 8.0.0.33
Wind River Linux 8.0.0.34

CVEs

CVE-2016-4049