diff options
author | Denis Ovsienko <infrastation@yandex.ru> | 2011-09-26 13:18:36 +0400 |
---|---|---|
committer | Denis Ovsienko <infrastation@yandex.ru> | 2011-09-26 18:47:06 +0400 |
commit | 09395e2a0e93b2cf4258cb1de91887948796bb68 (patch) | |
tree | 771622102161a372b45f730bd48ab23e69676350 /ospf6d/ospf6_message.h | |
parent | 717750433839762d23a5f8d88fe0b4d57c8d490a (diff) |
ospf6d: CVE-2011-3324 (DD LSA assertion)
This vulnerability (CERT-FI #514839) was reported by CROSS project.
When Database Description LSA header list contains trailing zero octets,
ospf6d tries to process this data as an LSA header. This triggers an
assertion in the code and ospf6d shuts down.
* ospf6_lsa.c
* ospf6_lsa_is_changed(): handle header-only argument(s)
appropriately, do not treat LSA length underrun as a fatal error.
Diffstat (limited to 'ospf6d/ospf6_message.h')
0 files changed, 0 insertions, 0 deletions