PublicDateAtUSN: 2016-03-17
Candidate: CVE-2016-2342
PublicDate: 2016-03-17 14:59:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2342
 http://www.kb.cert.org/vuls/id/270232
 http://nongnu.askapache.com//quagga/quagga-1.0.20160309.changelog.txt
 https://ubuntu.com/security/notices/USN-2941-1
Description:
 The bgp_nlri_parse_vpnv4 function in bgp_mplsvpn.c in the VPNv4 NLRI parser
 in bgpd in Quagga before 1.0.20160309, when a certain VPNv4 configuration
 is used, relies on a Labeled-VPN SAFI routes-data length field during a
 data copy, which allows remote attackers to execute arbitrary code or cause
 a denial of service (stack-based buffer overflow) via a crafted packet.
Ubuntu-Description:
Notes:
Bugs:
Priority: high
Discovered-by: Kostya Kortchinsky
Assigned-to: mdeslaur
CVSS:
 nvd: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H [8.1 HIGH]

Patches_quagga:
 upstream: http://git.savannah.gnu.org/cgit/quagga.git/commit/?id=a3bc7e9400b214a0f078fdb19596ba54214a1442
upstream_quagga: needed
precise_quagga: released (0.99.20.1-0ubuntu0.12.04.4)
trusty_quagga: released (0.99.22.4-3ubuntu1.1)
trusty/esm_quagga: DNE (trusty was released [0.99.22.4-3ubuntu1.1])
vivid/stable-phone-overlay_quagga: DNE
vivid/ubuntu-core_quagga: DNE
wily_quagga: released (0.99.24.1-2ubuntu0.1)
devel_quagga: released (0.99.24.1-2ubuntu1)