CESA-2018:0377 -- centos 7 quaggaID: oval:org.secpod.oval:def:204760 | Date: (C)2018-03-13 (M)2022-10-10 |
Class: PATCH | Family: unix |
The quagga packages contain Quagga, the free network-routing software suite that manages TCP/IP based protocols. Quagga supports the BGP4, BGP4+, OSPFv2, OSPFv3, RIPv1, RIPv2, and RIPng protocols, and is intended to be used as a Route Server and Route Reflector. Security Fix: * quagga: Double free vulnerability in bgpd when processing certain forms of UPDATE message allowing to crash or potentially execute arbitrary code For more details about the security issue, including the impact, a CVSS score, and other related information, refer to the CVE page listed in the References section. Red Hat would like to thank the Quagga project for reporting this issue.