]> git.puffer.fish Git - mirror/frr.git/commit
projects / mirror / frr.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 7177504) | patch
ospf6d: CVE-2011-3324 (DD LSA assertion)
authorDenis Ovsienko <infrastation@yandex.ru>
Mon, 26 Sep 2011 09:18:36 +0000 (13:18 +0400)
committerDenis Ovsienko <infrastation@yandex.ru>
Mon, 26 Sep 2011 14:47:06 +0000 (18:47 +0400)
commit09395e2a0e93b2cf4258cb1de91887948796bb68
tree771622102161a372b45f730bd48ab23e69676350tree | snapshot
parent717750433839762d23a5f8d88fe0b4d57c8d490acommit | diff
ospf6d: CVE-2011-3324 (DD LSA assertion)

This vulnerability (CERT-FI #514839) was reported by CROSS project.

When Database Description LSA header list contains trailing zero octets,
ospf6d tries to process this data as an LSA header. This triggers an
assertion in the code and ospf6d shuts down.

* ospf6_lsa.c
  * ospf6_lsa_is_changed(): handle header-only argument(s)
    appropriately, do not treat LSA length underrun as a fatal error.
ospf6d/ospf6_lsa.c diff | blob | history
Unnamed repository; edit this file 'description' to name the repository.