diff options
| author | Denis Ovsienko <infrastation@yandex.ru> | 2011-09-26 13:18:02 +0400 | 
|---|---|---|
| committer | Denis Ovsienko <infrastation@yandex.ru> | 2011-09-26 18:40:19 +0400 | 
| commit | 1f54cef38dab072f1054c6cfedd9ac32af14a120 (patch) | |
| tree | 6aceeb8772c8ba088b387d7fdcdc771899788fce /redhat/.cvsignore | |
| parent | 3d3380d4fda43924171bc0866746c85634952c99 (diff) | |
ospfd: CVE-2011-3325 part 2 (OSPF pkt type segv)
This vulnerability (CERT-FI #514838) was reported by CROSS project.
The error is reproducible only when ospfd debugging is enabled:
  * debug ospf packet all
  * debug ospf zebra
When incoming packet header type field is set to 0x0a, ospfd will crash.
* ospf_packet.c
  * ospf_verify_header(): add type field check
  * ospf_read(): perform input checks early
Diffstat (limited to 'redhat/.cvsignore')
0 files changed, 0 insertions, 0 deletions
