Debian Security Advisory
DSA-4115-1 quagga -- security update
- Date Reported:
- 15 Feb 2018
- Affected Packages:
- Security database references:
- In Mitre's CVE dictionary: CVE-2018-5378, CVE-2018-5379, CVE-2018-5380, CVE-2018-5381.
- More information:
Several vulnerabilities have been discovered in Quagga, a routing daemon. The Common Vulnerabilities and Exposures project identifies the following issues:
It was discovered that the Quagga BGP daemon, bgpd, does not properly bounds check data sent with a NOTIFY to a peer, if an attribute length is invalid. A configured BGP peer can take advantage of this bug to read memory from the bgpd process or cause a denial of service (daemon crash).
It was discovered that the Quagga BGP daemon, bgpd, can double-free memory when processing certain forms of UPDATE message, containing cluster-list and/or unknown attributes, resulting in a denial of service (bgpd daemon crash).
It was discovered that the Quagga BGP daemon, bgpd, does not properly handle internal BGP code-to-string conversion tables.
It was discovered that the Quagga BGP daemon, bgpd, can enter an infinite loop if sent an invalid OPEN message by a configured peer. A configured peer can take advantage of this flaw to cause a denial of service (bgpd daemon not responding to any other events; BGP sessions will drop and not be reestablished; unresponsive CLI interface).
For the oldstable distribution (jessie), these problems have been fixed in version 0.99.23.1-1+deb8u5.
For the stable distribution (stretch), these problems have been fixed in version 1.1.1-3+deb9u2.
We recommend that you upgrade your quagga packages.
For the detailed security status of quagga please refer to its security tracker page at: https://security-tracker.debian.org/tracker/quagga