PublicDateAtUSN: 2011-10-07
Candidate: CVE-2011-3601
PublicDate: 2014-02-17 16:55:00 UTC
References: 
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3601
 http://www.openwall.com/lists/oss-security/2011/10/06/3
 https://ubuntu.com/security/notices/USN-1257-1
Description:
 Buffer overflow in the process_ra function in the router advertisement
 daemon (radvd) before 1.8.2 allows remote attackers to execute arbitrary
 code or cause a denial of service (crash) via a negative value in a
 label_len value.
Ubuntu-Description: 
Notes: 
 mdeslaur> maverick and older don't support ND_OPT_DNSSL_INFORMATION
Bugs: 
Priority: medium
Discovered-by: Vasiliy Kulikov
Assigned-to: mdeslaur
CVSS: 

Patches_radvd:
 upstream: https://github.com/reubenhwk/radvd/commit/9dfaaaf740ce784541e76e68de4ae04dce2c0921
upstream_radvd: released (1.8.2)
hardy_radvd: ignored (reached end-of-life)
lucid_radvd: not-affected (1:1.3-1.1)
maverick_radvd: not-affected (1:1.6-1)
natty_radvd: released (1:1.7-1ubuntu0.1)
oneiric_radvd: released (1:1.8-1ubuntu0.1)
devel_radvd: not-affected (1:1.8-1.2)