Vulnerability & Exploit Database

Back to search

Alpine Linux: CVE-2016-2342: quagga stack-based buffer overflow vulnerability

Severity CVSS Published Added Modified
8 (AV:N/AC:H/Au:N/C:C/I:C/A:C) March 17, 2016 August 30, 2017 January 08, 2018

Description

The bgp_nlri_parse_vpnv4 function in bgp_mplsvpn.c in the VPNv4 NLRI parser in bgpd in Quagga before 1.0.20160309, when a certain VPNv4 configuration is used, relies on a Labeled-VPN SAFI routes-data length field during a data copy, which allows remote attackers to execute arbitrary code or cause a denial of service (stack-based buffer overflow) via a crafted packet.

Scan For This Vulnerability

Use our top-rated tool to discover, prioritize, and remediate your vulnerabilities

 Free InsightVM Trial

References

Solution

alpine-linux-upgrade-quagga

Related Vulnerabilities