]> git.puffer.fish Git - mirror/frr.git/commit
projects / mirror / frr.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 61ab030) | patch
ospfd: CVE-2011-3325 part 2 (OSPF pkt type segv)
authorDenis Ovsienko <infrastation@yandex.ru>
Mon, 26 Sep 2011 09:18:02 +0000 (13:18 +0400)
committerDenis Ovsienko <infrastation@yandex.ru>
Mon, 26 Sep 2011 14:46:54 +0000 (18:46 +0400)
commit717750433839762d23a5f8d88fe0b4d57c8d490a
treeaea292ef6dab658197d1df6c9a5bf3f3925013adtree | snapshot
parent61ab0301606053192f45c188bc48afc837518770commit | diff
ospfd: CVE-2011-3325 part 2 (OSPF pkt type segv)

This vulnerability (CERT-FI #514838) was reported by CROSS project.

The error is reproducible only when ospfd debugging is enabled:
  * debug ospf packet all
  * debug ospf zebra
When incoming packet header type field is set to 0x0a, ospfd will crash.

* ospf_packet.c
  * ospf_verify_header(): add type field check
  * ospf_read(): perform input checks early
ospfd/ospf_packet.c diff | blob | history
Unnamed repository; edit this file 'description' to name the repository.