CVE-2011-3601

Name of the Vulnerable Software and Affected Versions radvd versions prior to 1.8.2

Description The issue is related to a buffer overflow in the process ra function of the router advertisement daemon (radvd). This can be exploited by remote attackers to execute arbitrary code or cause a denial of service (crash) via a negative value in a label len value. Multiple vulnerabilities in the radvd package before version 1.8.2 can lead to breaches of confidentiality, integrity, and availability of protected information, and these vulnerabilities can be exploited remotely.

Recommendations For versions prior to 1.8.2, update to version 1.8.2 or later to resolve the issue. As a temporary workaround, consider restricting access to the radvd service to minimize the risk of exploitation. Avoid using the label len value in the affected function until the issue is resolved.