Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 647788 (CVE-2018-5378, CVE-2018-5379, CVE-2018-5380, CVE-2018-5381)

Summary: <net-misc/quagga-1.2.4: multiple vulnerabilities (CVE-2018-{5378,5379,5380,5381})
Product: Gentoo Security Reporter: GLSAMaker/CVETool Bot <glsamaker>
Component: VulnerabilitiesAssignee: Gentoo Security <security>
Status: RESOLVED FIXED    
Severity: major CC: pinkbyte
Priority: High Flags: stable-bot: sanity-check+
Version: unspecified   
Hardware: All   
OS: Linux   
URL: https://savannah.nongnu.org/forum/forum.php?forum_id=9095
Whiteboard: B1 [glsa+ cve]
Package list:
=net-misc/quagga-1.2.4
Runtime testing required: ---

Description GLSAMaker/CVETool Bot gentoo-dev 2018-02-16 00:18:26 UTC
CVE-2018-5381 (https://nvd.nist.gov/vuln/detail/CVE-2018-5381):
  The Quagga BGP daemon, bgpd, had a bug in its parsing of "Capabilities" in
  BGP OPEN messages, in the bgp_packet.c:bgp_capability_msg_parse function.
  The parser can enter an infinite loop on invalid capabilities if a
  Multi-Protocol capability does not have a recognized AFI/SAFI.

CVE-2018-5380 (https://nvd.nist.gov/vuln/detail/CVE-2018-5380):
  The Quagga BGP daemon, bgpd, can overrun internal BGP code-to-string
  conversion tables used for debug by 1 pointer value, based on input.

CVE-2018-5379 (https://nvd.nist.gov/vuln/detail/CVE-2018-5379):
  The Quagga BGP daemon, bgpd, can double-free memory when processing certain
  forms of UPDATE message, containing cluster-list and/or unknown attributes.

CVE-2018-5378 (https://nvd.nist.gov/vuln/detail/CVE-2018-5378):
  The Quagga BGP daemon, bgpd, does not properly bounds check the data sent
  with a NOTIFY to a peer, if an attribute length is invalid. Arbitrary data
  from the bgpd process may be sent over the network to a peer and/or it may
  crash.
Comment 2 Sergey Popov gentoo-dev 2018-02-20 11:26:07 UTC
commit 1f64762ca074542f9da3dc71e84b0d68c75dca06
Author: Sergey Popov <pinkbyte@gentoo.org>
Date:   Tue Feb 20 14:24:22 2018 +0300

    net-misc/quagga: version bump

    Gentoo-Bug: 647788
    Package-Manager: Portage-2.3.19, Repoman-2.3.6

Arches, please test and mark stable =net-misc/quagga-1.2.2

Target keywords: alpha amd64 arm hppa ppc sparc x86
Comment 3 Sergey Popov gentoo-dev 2018-02-20 11:26:45 UTC
Sorry, messed up with last message. Here we go again:

Arches, please test and mark stable =net-misc/quagga-1.2.4

Target keywords: alpha amd64 arm hppa ppc sparc x86
Comment 4 Thomas Deutschmann (RETIRED) gentoo-dev 2018-02-21 03:03:02 UTC
x86 stable
Comment 5 Agostino Sarubbo gentoo-dev 2018-02-22 09:10:59 UTC
amd64 stable
Comment 6 Sergei Trofimovich (RETIRED) gentoo-dev 2018-02-23 22:07:26 UTC
commit 301bc5994e8d45b27b11d6f9e86b15b43773b9af
Author: Rolf Eike Beer <eike@sf-mail.de>
Date:   Fri Feb 23 08:57:23 2018 +0100

    net-misc/quagga: stable 1.2.4 for sparc, bug #647788
Comment 7 Sergei Trofimovich (RETIRED) gentoo-dev 2018-02-26 07:18:20 UTC
hppa stable
Comment 8 Tobias Klausmann (RETIRED) gentoo-dev 2018-03-05 13:58:23 UTC
Stable on alpha.
Comment 9 Markus Meier gentoo-dev 2018-03-06 19:39:32 UTC
arm stable
Comment 10 Larry the Git Cow gentoo-dev 2018-04-20 06:57:41 UTC
The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=5ad20b92a458e8c7d8dd5a48a9e23eec7b07faff

commit 5ad20b92a458e8c7d8dd5a48a9e23eec7b07faff
Author:     Sergei Trofimovich <slyfox@gentoo.org>
AuthorDate: 2018-04-20 06:56:32 +0000
Commit:     Sergei Trofimovich <slyfox@gentoo.org>
CommitDate: 2018-04-20 06:56:32 +0000

    net-misc/quagga: stable 1.2.4 for ppc, bug #647788
    
    Bug: https://bugs.gentoo.org/647788
    Package-Manager: Portage-2.3.28, Repoman-2.3.9
    RepoMan-Options: --include-arches="ppc"

 net-misc/quagga/quagga-1.2.4.ebuild | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)}
Comment 11 Aaron Bauman (RETIRED) gentoo-dev 2018-04-20 13:52:14 UTC
GLSA request filed.
Comment 12 GLSAMaker/CVETool Bot gentoo-dev 2018-04-22 22:36:50 UTC
This issue was resolved and addressed in
 GLSA 201804-17 at https://security.gentoo.org/glsa/201804-17
by GLSA coordinator Aaron Bauman (b-man).