Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 607212 (CVE-2017-5495) - <net-misc/quagga-1.1.1: Telnet interface input buffer allocates unbounded amounts of memory (CVE-2017-5495)
Summary: <net-misc/quagga-1.1.1: Telnet interface input buffer allocates unbounded amo...
Status: RESOLVED FIXED
Alias: CVE-2017-5495
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: Normal minor (vote)
Assignee: Gentoo Security
URL: http://savannah.nongnu.org/forum/foru...
Whiteboard: B3 [noglsa cve]
Keywords:
Depends on:
Blocks:
 
Reported: 2017-01-25 18:40 UTC by Francis Booth
Modified: 2017-02-22 08:42 UTC (History)
1 user (show)

See Also:
Package list:
=net-misc/quagga-1.1.1
Runtime testing required: ---
stable-bot: sanity-check+


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Francis Booth 2017-01-25 18:40:52 UTC
A vulnerability was found in quagga. Telnet interface input buffer allocates unbounded amounts of memory which leads to Denial-of-service.

References:

http://savannah.nongnu.org/forum/forum.php?forum_id=8783
http://mirror.easyname.at/nongnu//quagga/quagga-1.1.1.changelog.txt

Reproducible: Always
Comment 1 Sergey Popov gentoo-dev Security 2017-02-02 14:42:30 UTC
commit 2ce2743ed3ab62ba5328e3da9075a7ce380af264
Author: Sergey Popov <pinkbyte@gentoo.org>
Date:   Thu Feb 2 17:40:09 2017 +0300

    net-misc/quagga: version bump

    Gentoo-Bug: 607212

    Package-Manager: portage-2.3.3


Arches, please test and mark stable =net-misc/quagga-1.1.1

Target keywords: alpha amd64 arm hppa ppc sparc x86
Comment 2 GLSAMaker/CVETool Bot gentoo-dev 2017-02-02 14:42:52 UTC
CVE-2017-5495 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-5495):
  All versions of Quagga, 0.93 through 1.1.0, are vulnerable to an unbounded
  memory allocation in the telnet 'vty' CLI, leading to a Denial-of-Service of
  Quagga daemons, or even the entire host. When Quagga daemons are configured
  with their telnet CLI enabled, anyone who can connect to the TCP ports can
  trigger this vulnerability, prior to authentication. Most distributions
  restrict the Quagga telnet interface to local access only by default. The
  Quagga telnet interface 'vty' input buffer grows automatically, without
  bound, so long as a newline is not entered. This allows an attacker to cause
  the Quagga daemon to allocate unbounded memory by sending very long strings
  without a newline. Eventually the daemon is terminated by the system, or the
  system itself runs out of memory. This is fixed in Quagga 1.1.1 and Free
  Range Routing (FRR) Protocol Suite 2017-01-10.
Comment 3 Jeroen Roovers gentoo-dev 2017-02-03 22:00:24 UTC
Stable for HPPA.
Comment 4 Agostino Sarubbo gentoo-dev 2017-02-04 15:23:04 UTC
amd64 stable
Comment 5 Agostino Sarubbo gentoo-dev 2017-02-12 15:46:10 UTC
x86 stable
Comment 6 Agostino Sarubbo gentoo-dev 2017-02-12 17:02:31 UTC
ppc stable
Comment 7 Markus Meier gentoo-dev 2017-02-12 20:09:21 UTC
arm stable
Comment 8 Tobias Klausmann gentoo-dev 2017-02-15 13:51:58 UTC
Stable on alpha.
Comment 9 Agostino Sarubbo gentoo-dev 2017-02-17 10:59:06 UTC
sparc stable.

Maintainer(s), please cleanup.
Security, please vote.
Comment 10 Thomas Deutschmann gentoo-dev Security 2017-02-17 11:07:44 UTC
GLSA Vote: No

@ Maintainer(s): Please cleanup and drop =net-misc/quagga-1.1.0-r2!
Comment 11 Sergey Popov gentoo-dev Security 2017-02-22 08:42:16 UTC
Cleanup is done, marking this as FIXED