quagga: remote denial of service via BGP UPDATE messages (CVE-2017-16227)
The aspath_put function in bgpd/bgp_aspath.c in Quagga before 1.2.2
allows remote attackers to cause a denial of service (session drop)
via BGP UPDATE messages, because AS_PATH size calculation for long
paths counts certain bytes twice and consequently constructs an invalid
message.
References:
https://nvd.nist.gov/vuln/detail/CVE-2017-16227
https://lists.quagga.net/pipermail/quagga-dev/2017-September/033284.html
Patch:
http://git.savannah.gnu.org/cgit/quagga.git/commit/?id=7a42b78be9a4108d98833069a88e6fddb9285008
(from redmine: issue id 8082, created on 2017-10-31, closed on 2017-11-23)
- Relations:
- child #8083 (closed)
- child #8084 (closed)
- child #8085 (closed)
- child #8086 (closed)