Candidate: CVE-2011-3603
PublicDate: 2014-04-27 21:55:00 UTC
References: 
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3603
 http://www.openwall.com/lists/oss-security/2011/10/06/3
Description:
 The router advertisement daemon (radvd) before 1.8.2 does not properly
 handle errors in the privsep_init function, which causes the radvd daemon
 to run as root and has an unspecified impact.
Ubuntu-Description: 
Notes: 
 mdeslaur> it turns out this had no security impact after all, and the
 mdeslaur> CVE number got rejected. We've fixed the issue anyway, but
 mdeslaur> won't mention it in the USN
Bugs: 
Priority: medium
Discovered-by: Vasiliy Kulikov
Assigned-to: mdeslaur
CVSS: 

Patches_radvd:
 upstream: https://github.com/reubenhwk/radvd/commit/2c50375043186e133f15135f4c93ca964238ee60
 upstream: https://github.com/reubenhwk/radvd/commit/074816cd0b37aac7b3209987e6e998f0a847b275
 upstream: https://github.com/reubenhwk/radvd/commit/7dc53cc3b792775369bf0b2f053a3f4ed5d87e3d
upstream_radvd: released (1.8.2)
hardy_radvd: ignored (reached end-of-life)
lucid_radvd: released (1:1.3-1.1ubuntu0.1)
maverick_radvd: released (1:1.6-1ubuntu0.1)
natty_radvd: released (1:1.7-1ubuntu0.1)
oneiric_radvd: released (1:1.8-1ubuntu0.1)
devel_radvd: not-affected (1:1.8-1.2)