CVE-2011-3603
Published: 27 April 2014
The router advertisement daemon (radvd) before 1.8.2 does not properly handle errors in the privsep_init function, which causes the radvd daemon to run as root and has an unspecified impact.
Notes
| Author | Note |
|---|---|
| mdeslaur | it turns out this had no security impact after all, and the CVE number got rejected. We've fixed the issue anyway, but won't mention it in the USN |
Priority
Status
| Package | Release | Status |
|---|---|---|
|
radvd Launchpad, Ubuntu, Debian |
hardy |
Ignored
(end of life)
|
| lucid |
Released
(1:1.3-1.1ubuntu0.1)
|
|
| maverick |
Released
(1:1.6-1ubuntu0.1)
|
|
| natty |
Released
(1:1.7-1ubuntu0.1)
|
|
| oneiric |
Released
(1:1.8-1ubuntu0.1)
|
|
| upstream |
Released
(1.8.2)
|
|
|
Patches: upstream: https://github.com/reubenhwk/radvd/commit/2c50375043186e133f15135f4c93ca964238ee60 upstream: https://github.com/reubenhwk/radvd/commit/074816cd0b37aac7b3209987e6e998f0a847b275 upstream: https://github.com/reubenhwk/radvd/commit/7dc53cc3b792775369bf0b2f053a3f4ed5d87e3d |
||