Alerts This Week
Warning Icon 1 677
Alerts This Week
Warning Icon 1 677

Ubuntu 16.10: 3110-1 Moderate: Quagga Network Crash Risk

Calendar Oct 25, 2016 User Avatar LinuxSecurity Advisories
1 - 2 min read
Ubuntu Large Esm H500
Topics%20covered

Topics Covered

security advisory denial of service quagga ubuntu network crash
Quagga could be made to crash if it received specially crafted network traffic. 
=========================================================================Ubuntu Security Notice USN-3110-1
October 25, 2016

quagga vulnerability
=========================================================================
A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 16.10
- Ubuntu 16.04 LTS
- Ubuntu 14.04 LTS
- Ubuntu 12.04 LTS

Summary:

Quagga could be made to crash if it received specially crafted network
traffic.

Software Description:
- quagga: BGP/OSPF/RIP routing daemon

Details:

David Lamparter discovered that Quagga incorrectly handled certain IPv6
router advertisements. A remote attacker could possibly use this issue to
cause Quagga to crash, resulting in a denial of service.

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 16.10:
  quagga                          1.0.20160315-2ubuntu0.1

Ubuntu 16.04 LTS:
  quagga                          0.99.24.1-2ubuntu1.2

Ubuntu 14.04 LTS:
  quagga                          0.99.22.4-3ubuntu1.3

Ubuntu 12.04 LTS:
  quagga                          0.99.20.1-0ubuntu0.12.04.6

After a standard system update you need to restart Quagga to make all the
necessary changes.

References:
  https://ubuntu.com/security/notices/USN-3110-1
  CVE-2016-1245

Package Information:
  https://launchpad.net/ubuntu/+source/quagga/1.0.20160315-2ubuntu0.1
  https://launchpad.net/ubuntu/+source/quagga/0.99.24.1-2ubuntu1.2
  https://launchpad.net/ubuntu/+source/quagga/0.99.22.4-3ubuntu1.3
  https://launchpad.net/ubuntu/+source/quagga/0.99.20.1-0ubuntu0.12.04.6

Ubuntu 16.10: 3110-1 Moderate: Quagga Network Crash Risk

ubuntu
Calendar Grey October 25, 2016
Dist Ubuntu Esm H88
Quagga issue resolved in Ubuntu versions 16.10 down to 12.04, impacting system reliability due to malicious network packets.
Quagga could be made to crash if it received specially crafted network traffic.

Summary

Topics%20covered

Topics Covered

security advisory denial of service quagga ubuntu network crash

Update Instructions

The problem can be corrected by updating your system to the following package versions: Ubuntu 16.10: quagga 1.0.20160315-2ubuntu0.1 Ubuntu 16.04 LTS: quagga 0.99.24.1-2ubuntu1.2 Ubuntu 14.04 LTS: quagga 0.99.22.4-3ubuntu1.3 Ubuntu 12.04 LTS: quagga 0.99.20.1-0ubuntu0.12.04.6 After a standard system update you need to restart Quagga to make all the necessary changes.

References

https://ubuntu.com/security/notices/USN-3110-1

CVE-2016-1245

October 25, 2016

Topics%20covered

Topics Covered

security advisory denial of service quagga ubuntu network crash

Package Information

https://launchpad.net/ubuntu/+source/quagga/1.0.20160315-2ubuntu0.1 https://launchpad.net/ubuntu/+source/quagga/0.99.24.1-2ubuntu1.2 https://launchpad.net/ubuntu/+source/quagga/0.99.22.4-3ubuntu1.3 https://launchpad.net/ubuntu/+source/quagga/0.99.20.1-0ubuntu0.12.04.6

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Related News

Your message here