CVE-2011-3603
Published: 27 April 2014
The router advertisement daemon (radvd) before 1.8.2 does not properly handle errors in the privsep_init function, which causes the radvd daemon to run as root and has an unspecified impact.
Notes
Author | Note |
---|---|
mdeslaur | it turns out this had no security impact after all, and the CVE number got rejected. We've fixed the issue anyway, but won't mention it in the USN |
Priority
Status
Package | Release | Status |
---|---|---|
radvd Launchpad, Ubuntu, Debian |
hardy |
Ignored
(end of life)
|
lucid |
Released
(1:1.3-1.1ubuntu0.1)
|
|
maverick |
Released
(1:1.6-1ubuntu0.1)
|
|
natty |
Released
(1:1.7-1ubuntu0.1)
|
|
oneiric |
Released
(1:1.8-1ubuntu0.1)
|
|
upstream |
Released
(1.8.2)
|
|
Patches: upstream: https://github.com/reubenhwk/radvd/commit/2c50375043186e133f15135f4c93ca964238ee60 upstream: https://github.com/reubenhwk/radvd/commit/074816cd0b37aac7b3209987e6e998f0a847b275 upstream: https://github.com/reubenhwk/radvd/commit/7dc53cc3b792775369bf0b2f053a3f4ed5d87e3d |