Bug 789834 (CVE-2012-5521) - VUL-2: quagga: quagga (ospf6d): Assertion failure when removing routes (retrieving information which route to remove)
Summary: VUL-2: quagga: quagga (ospf6d): Assertion failure when removing routes (retri...
Status: RESOLVED INVALID
Alias: CVE-2012-5521
Product: SUSE Security Incidents
Classification: Novell Products
Component: Incidents (show other bugs)
Version: unspecified
Hardware: Other Other
: P3 - Medium : Normal
Target Milestone: ---
Deadline: 2013-09-02
Assignee: Security Team bot
QA Contact: Security Team bot
URL:
Whiteboard: maint:running:50109:moderate maint:ru...
Keywords:
Depends on:
Blocks:
 
Reported: 2012-11-15 16:17 UTC by Marcus Meissner
Modified: 2020-04-02 02:25 UTC (History)
3 users (show)

See Also:
Found By: ---
Services Priority:
Business Priority:
Blocker: ---
Marketing QA Status: ---
IT Deployment: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Marcus Meissner 2012-11-15 16:17:37 UTC
is public, via oss-sec

CVE-2012-5521

From: Jan Lieskovsky <jlieskov@redhat.com>
Date: Tue, 13 Nov 2012 09:48:59 -0500 (EST)
Subject: [oss-security] CVE Request -- quagga (ospf6d): Assertion failure when removing routes (retrieving information which route to remove)

Hello Kurt, Steve, vendors,

  Marco d'Itri in Debian bug [1] has reported the following deficiency,
being present in 0.99.21 and possibly earlier versions of the Quagga 
routing suite:

A denial of service flaw was found in the way Quagga's ospf6d daemon
performed routes removal. In certain circumstances when removing the
route the ospf6d daemon terminated with assertion failure when trying
to determine / find, which route to remove. An OSPF6 router could use
this flaw to cause ospf6d on an adjacent router to abort.

References:
[1] http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=693102
[2] https://bugzilla.redhat.com/show_bug.cgi?id=876197

Upstream bug report:
[3] https://bugzilla.quagga.net/show_bug.cgi?id=747

Could you allocate a CVE id for this?

Thank you && Regards, Jan.
Comment 1 Swamp Workflow Management 2012-11-15 16:18:19 UTC
The SWAMPID for this issue is 50109.
This issue was rated as moderate.
Please submit fixed packages until 2012-11-29.
When done, please reassign the bug to security-team@suse.de.
Patchinfo will be handled by security team.
Comment 2 Swamp Workflow Management 2012-11-15 23:00:40 UTC
bugbot adjusting priority
Comment 4 Marcus Meissner 2012-11-28 10:34:53 UTC
I tried to make sense of the code and why it crashes ... but with just the backtrace it is hard for me either.

(canceling swamp until we have a valid fix)
Comment 5 Swamp Workflow Management 2013-08-19 08:27:25 UTC
The SWAMPID for this issue is 54111.
This issue was rated as moderate.
Please submit fixed packages until 2013-09-02.
When done, please reassign the bug to security-team@suse.de.
Patchinfo will be handled by security team.
Comment 7 Johannes Segitz 2015-03-10 12:57:11 UTC
The upstream bug is still UNCONFIRMED and there is no patch. We'll close this for now. The bug was mentioned in the SWAMP and no further information is available.