Candidate: CVE-2019-16159
PublicDate: 2019-09-09 15:15:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16159
 https://gitlab.labs.nic.cz/labs/bird/commit/1657c41c96b3c07d9265b07dd4912033ead4124b (1.6.x)
 https://gitlab.labs.nic.cz/labs/bird/commit/8388f5a7e14108a1458fea35bfbb5a453e2c563c (2.0.x)
 http://bird.network.cz
 http://trubka.network.cz/pipermail/bird-users/2019-September/013718.html
 http://trubka.network.cz/pipermail/bird-users/2019-September/013720.html
 http://trubka.network.cz/pipermail/bird-users/2019-September/013722.html
 https://gitlab.labs.nic.cz/labs/bird/commit/1657c41c96b3c07d9265b07dd4912033ead4124b
 https://gitlab.labs.nic.cz/labs/bird/commit/8388f5a7e14108a1458fea35bfbb5a453e2c563c
Description:
 BIRD Internet Routing Daemon 1.6.x through 1.6.7 and 2.x through 2.0.5 has
 a stack-based buffer overflow. The BGP daemon's support for RFC 8203
 administrative shutdown communication messages included an incorrect
 logical expression when checking the validity of an input message. Sending
 a shutdown communication with a sufficient message length causes a
 four-byte overflow to occur while processing the message, where two of the
 overflow bytes are attacker-controlled and two are fixed.
Ubuntu-Description:
Notes:
Mitigation:
Bugs:
Priority: medium
Discovered-by:
Assigned-to:
CVSS:
 nvd: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H [7.5 HIGH]


Patches_bird:
upstream_bird: needs-triage
precise/esm_bird: DNE
trusty_bird: ignored (out of standard support)
trusty/esm_bird: DNE
xenial_bird: not-affected (code not present)
bionic_bird: not-affected (code not present)
disco_bird: ignored (reached end-of-life)
eoan_bird: ignored (reached end-of-life)
focal_bird: not-affected (1.6.8-1)
devel_bird: not-affected (1.6.8-1)