Martin Winter

**Name of the Vulnerable Software and Affected Versions** Quagga versions prior to 0.99.20.1 Quagga versions prior to 0.99.22.4 **Description** The issue is related to a buffer overflow in the ospf ls upd list lsa function in ospf packet.c in the OSPFv2 implementation in ospfd. This can be exploited by remote attackers via a Link State Update packet that is smaller than the length specified in its header, leading to a denial of service. Multiple vulnerabilities in the Quagga package can also lead to disruption of confidentiality, integrity, and availability of protected information, and can be exploited remotely. **Recommendations** For Quagga versions prior to 0.99.20.1, update to version 0.99.20.1 or later. For Quagga versions prior to 0.99.22.4, update to version 0.99.22.4 or later. As a temporary workaround, consider restricting access to the OSPFv2 implementation to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** Quagga versions prior to 0.99.20.1 Quagga versions prior to 0.99.22.4 **Description** The issue concerns multiple vulnerabilities in the Quagga package, which can lead to disruption of confidentiality, integrity, and availability of protected information. These vulnerabilities can be exploited remotely, potentially causing a denial of service (daemon crash) via a Link State Update packet. The estimated number of potentially affected devices worldwide is not specified. **Recommendations** For Quagga versions prior to 0.99.20.1, update to version 0.99.20.1 or later to resolve the issue. For Quagga versions prior to 0.99.22.4, update to version 0.99.22.4 or later to resolve the issue. As a temporary workaround, consider restricting access to the OSPFv2 implementation in ospfd to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** Quagga versions prior to 0.99.20.1 Quagga versions prior to 0.99.22.4 **Description** The issue concerns multiple vulnerabilities in the Quagga package, which can lead to disruption of confidentiality, integrity, and availability of protected information. These vulnerabilities can be exploited remotely. The BGP implementation in bgpd does not properly use message buffers for OPEN messages, allowing remote attackers to cause a denial of service via a message associated with a malformed Four-octet AS Number Capability. **Recommendations** For Quagga versions prior to 0.99.20.1, update to version 0.99.20.1 or later to resolve the issue. For Quagga versions prior to 0.99.22.4, update to version 0.99.22.4 or later to resolve the issue. As a temporary workaround, consider restricting access to the BGP implementation in bgpd to minimize the risk of exploitation.