CVE-2011-3603

Publication date 27 April 2014

Last updated 24 July 2024

Ubuntu priority

The router advertisement daemon (radvd) before 1.8.2 does not properly handle errors in the privsep_init function, which causes the radvd daemon to run as root and has an unspecified impact.

Read the notes from the security team

Status

Show unmaintained releases

No maintained releases are affected by this CVE.

Package	Ubuntu Release	Status
radvd	11.10 oneiric	Fixed 1:1.8-1ubuntu0.1
	11.04 natty	Fixed 1:1.7-1ubuntu0.1
	10.10 maverick	Fixed 1:1.6-1ubuntu0.1
	10.04 LTS lucid	Fixed 1:1.3-1.1ubuntu0.1
	8.04 LTS hardy	Ignored end of life

How can I get the fixes?
What do statuses mean?
Patch details

Notes

mdeslaur

it turns out this had no security impact after all, and the CVE number got rejected. We’ve fixed the issue anyway, but won’t mention it in the USN

Patch details

For informational purposes only. We recommend not to cherry-pick updates. How can I get the fixes?

Package	Patch details
radvd	Upstream: 2c50375 Upstream: 074816c Upstream: 7dc53cc

References

MITRE
NVD
Launchpad
Debian

Other references

http://www.openwall.com/lists/oss-security/2011/10/06/3
https://www.cve.org/CVERecord?id=CVE-2011-3603