]> git.puffer.fish Git - mirror/frr.git/commit
projects / mirror / frr.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 1f54cef) | patch
ospf6d: CVE-2011-3324 (DD LSA assertion)
authorDenis Ovsienko <infrastation@yandex.ru>
Mon, 26 Sep 2011 09:18:36 +0000 (13:18 +0400)
committerDenis Ovsienko <infrastation@yandex.ru>
Mon, 26 Sep 2011 14:40:30 +0000 (18:40 +0400)
commit308687b7d73c5cacf927a3a33efbfaea627ccc09
tree5a6892a966b268e278e24f610322e1404216b730tree | snapshot
parent1f54cef38dab072f1054c6cfedd9ac32af14a120commit | diff
ospf6d: CVE-2011-3324 (DD LSA assertion)

This vulnerability (CERT-FI #514839) was reported by CROSS project.

When Database Description LSA header list contains trailing zero octets,
ospf6d tries to process this data as an LSA header. This triggers an
assertion in the code and ospf6d shuts down.

* ospf6_lsa.c
  * ospf6_lsa_is_changed(): handle header-only argument(s)
    appropriately, do not treat LSA length underrun as a fatal error.
ospf6d/ospf6_lsa.c diff | blob | history
Unnamed repository; edit this file 'description' to name the repository.