SB2018022246 - Fedora 27 update for quagga

CSH
CYBERSECURITY HELP
Sign In REGISTER

Main Vulnerability Database SB2018022246

SB2018022246 - Fedora 27 update for quagga

Published: February 22, 2018 Updated: April 24, 2025

Security Bulletin ID SB2018022246
CSH Severity
High
Patch available
YES
Number of vulnerabilities 4
Exploitation vector Remote access
Highest impact Code execution

Breakdown by Severity

High 25% Low 75%
  • Low
  • Medium
  • High
  • Critical

Description

This security bulletin contains information about 4 vulnerabilities.


1) Double free memory error (CVE-ID: CVE-2018-5379)

CWE-ID: CWE-415 - Double Free

CVSSv4: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber


The vulnerability allows a remote attacker to cause DoS condition on the target system.

The weakness exists in the Quagga BGP daemon due to double-free memory when processing certain forms of UPDATE message, containing cluster-list and/or unknown attributes. A remote attacker can supply specially crafted input, trigger bqpd to crash and execute arbitrary code.

2) Infinite loop (CVE-ID: CVE-2018-5381)

CWE-ID: CWE-835 - Loop with Unreachable Exit Condition ('Infinite Loop')

CVSSv4: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear


The vulnerability allows a remote attacker to cause DoS condition on the target system.

The weakness exists in the Quagga BGP daemon due to improper handling of invalid OPEN messages. A remote attacker can trigger infinite loop and cause the service to crash.

Successful exploitation of the vulnerability results in denial of service.

3) Out-of-bounds read (CVE-ID: CVE-2018-5380)

CWE-ID: CWE-125 - Out-of-bounds read

CVSSv4: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear


The vulnerability allows a remote attacker to obtain potentially sensitive information or cause DoS condition on the target system.

The weakness exists in the Quagga BGP daemon due to out-of-bounds read. A remote attacker send a specially crafted input, overrun internal BGP code-to-string conversion tables used for debug by 1 pointer value and read arbitrary data or cause a denial of service.

4) Memory corruption (CVE-ID: CVE-2018-5378)

CWE-ID: CWE-119 - Memory corruption

CVSSv4: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear


The vulnerability allows a remote attacker to cause DoS condition on the target system.

The weakness exists in the Quagga BGP daemon due to failure to properly bounds check data sent with a NOTIFY to a peer by the Quagga BGP daemon, bgpd. A remote attacker can send specially crafted input and cause the bgpd process or the daemon to crash.

Remediation

Install update from vendor's website.

References