CVE-2017-16227

Source
Severity Medium
Remote Yes
Type Denial of service
Description
A denial of service flaw was found in the way the bgpd daemon in quagga before 1.2.2 handled the processing of large BGP update messages. A remote, previously trusted attacker could potentially use this flaw to cause bgpd to terminate existing BGP sessions, thereby leading to denial of service.
Group Package Affected Fixed Severity Status Ticket
AVG-481 quagga 1.2.1-2 1.2.2-1 Medium Fixed FS#56250
Date Advisory Group Package Severity Description
13 Dec 2017 ASA-201712-7 AVG-481 quagga Medium denial of service
References
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=879474
https://lists.quagga.net/pipermail/quagga-dev/2017-September/033284.html
https://git.savannah.gnu.org/cgit/quagga.git/commit/?id=7a42b78be9a4108d98833069a88e6fddb9285008