CVE-2017-16227 log

Source	CVE Red Hat MITRE NVD Debian Ubuntu SUSE Alpine Mageia CVE Details CIRCL Bugs Arch Linux Red Hat Gentoo SUSE GitHub Lists oss-security full-disclosure bugtraq Misc GitHub code web search
Severity	Medium
Remote	Yes
Type	Denial of service
Description	A denial of service flaw was found in the way the bgpd daemon in quagga before 1.2.2 handled the processing of large BGP update messages. A remote, previously trusted attacker could potentially use this flaw to cause bgpd to terminate existing BGP sessions, thereby leading to denial of service.

Group	Package	Affected	Fixed	Severity	Status	Ticket
AVG-481	quagga	1.2.1-2	1.2.2-1	Medium	Fixed	FS#56250

Date	Advisory	Group	Package	Severity	Type
13 Dec 2017	ASA-201712-7	AVG-481	quagga	Medium	denial of service

References
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=879474 https://lists.quagga.net/pipermail/quagga-dev/2017-September/033284.html https://git.savannah.gnu.org/cgit/quagga.git/commit/?id=7a42b78be9a4108d98833069a88e6fddb9285008

References

https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=879474
https://lists.quagga.net/pipermail/quagga-dev/2017-September/033284.html
https://git.savannah.gnu.org/cgit/quagga.git/commit/?id=7a42b78be9a4108d98833069a88e6fddb9285008