SUSE CVE-2018-5379

The Quagga BGP daemon bgpd prior to version 1.2.3 can double-free memory when processing certain forms of UPDATE message, containing cluster-list and/or unknown attributes. A successful attack could cause a denial of service or potentially allow an attacker to execute arbitrary code...

Quagga BGP Daemon bgp_update_receive Double Free (CVE-2018-5379)

A double free vulnerability has been reported in Quagga BGP Daemon. The vulnerability is due to improper handling of cluster list and unknown attributes. A remote attacker can exploit this vulnerability by sending a crafted BGP UPDATE message to the target server...

CVE-2018-5379

The Quagga BGP daemon bgpd prior to version 1.2.3 can double-free memory when processing certain forms of UPDATE message, containing cluster-list and/or unknown attributes. A successful attack could cause a denial of service or potentially allow an attacker to execute arbitrary code...

FreeBSD : quagga -- several security issues (e15a22ce-f16f-446b-9ca7-6859350c2e75)

Quagga reports : The Quagga BGP daemon, bgpd, does not properly bounds check the data sent with a NOTIFY to a peer, if an attribute length is invalid. Arbitrary data from the bgpd process may be sent over the network to a peer and/or it may crash. The Quagga BGP daemon, bgpd, can double-free memo...

UBUNTU-CVE-2018-5379

The Quagga BGP daemon bgpd prior to version 1.2.3 can double-free memory when processing certain forms of UPDATE message, containing cluster-list and/or unknown attributes. A successful attack could cause a denial of service or potentially allow an attacker to execute arbitrary code...

CVE-2018-5379

The Quagga BGP daemon bgpd prior to version 1.2.3 can double-free memory when processing certain forms of UPDATE message, containing cluster-list and/or unknown attributes. A successful attack could cause a denial of service or potentially allow an attacker to execute arbitrary code...