Buffer overflow in Litech Router_advertisement_daemon

CVE-2011-3601

Buffer overflow in the process_ra function in the router advertisement daemon (radvd) before 1.8.2 allows remote attackers to execute arbitrary code or cause a denial of service (crash) via a negative value in a label_len value.

Vulnerability class: Buffer Overflow

EPSS: 0.019 (83.5th percentile) — read the EPSS interpretation.

Affected products

Litech Router_advertisement_daemon
N/a — versions n/a

Weakness classification (CWE)

CWE-119 — Improper Restriction of Operations within the Bounds of a Memory Buffer

References

[oss-security] 20111007 radvd 1.8.2 released with security fixes (mailing-list, x_refsource_MLIST)
secalert@redhat.com (x_refsource_CONFIRM)
USN-1257-1 (x_refsource_UBUNTU, vendor-advisory)