Critical severity9.8NVD Advisory· Published Feb 22, 2017· Updated Jun 17, 2026
CVE-2016-1245
CVE-2016-1245
Description
It was discovered that the zebra daemon in Quagga before 1.0.20161017 suffered from a stack-based buffer overflow when processing IPv6 Neighbor Discovery messages. The root cause was relying on BUFSIZ to be compatible with a message size; however, BUFSIZ is system-dependent.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
17cpe:2.3:a:quagga:quagga:*:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:quagga:quagga:*:*:*:*:*:*:*:*range: <=1.0.20160315
- (no CPE)range: <1.0.20161017
- osv-coords14 versionspkg:rpm/opensuse/quagga&distro=openSUSE%20Tumbleweedpkg:rpm/suse/quagga&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP4pkg:rpm/suse/quagga&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP1pkg:rpm/suse/quagga&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP2pkg:rpm/suse/quagga&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP3pkg:rpm/suse/quagga&distro=SUSE%20Linux%20Enterprise%20Server%20for%20Raspberry%20Pi%2012%20SP2pkg:rpm/suse/quagga&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2011%20SP4pkg:rpm/suse/quagga&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP1pkg:rpm/suse/quagga&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP2pkg:rpm/suse/quagga&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP3pkg:rpm/suse/quagga&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2011%20SP4pkg:rpm/suse/quagga&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012%20SP1pkg:rpm/suse/quagga&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012%20SP2pkg:rpm/suse/quagga&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012%20SP3
< 1.0.20160315-5.1+ 13 more
- (no CPE)range: < 1.0.20160315-5.1
- (no CPE)range: < 0.99.15-0.29.1
- (no CPE)range: < 0.99.22.1-15.1
- (no CPE)range: < 1.1.1-17.3.3
- (no CPE)range: < 1.1.1-17.3.3
- (no CPE)range: < 1.1.1-17.3.3
- (no CPE)range: < 0.99.15-0.29.1
- (no CPE)range: < 0.99.22.1-15.1
- (no CPE)range: < 1.1.1-17.3.3
- (no CPE)range: < 1.1.1-17.3.3
- (no CPE)range: < 0.99.15-0.29.1
- (no CPE)range: < 0.99.22.1-15.1
- (no CPE)range: < 1.1.1-17.3.3
- (no CPE)range: < 1.1.1-17.3.3
Patches
Vulnerability mechanics
References
7- github.com/Quagga/quagga/commit/cfb1fae25f8c092e0d17073eaf7bd428ce1cd546nvdPatchThird Party Advisory
- www.gossamer-threads.com/lists/quagga/users/31952nvdMailing ListMitigationThird Party Advisory
- www.securityfocus.com/bid/93775nvdThird Party AdvisoryVDB Entry
- bugzilla.redhat.com/show_bug.cginvdIssue TrackingThird Party Advisory
- www.debian.org/security/2016/dsa-3695nvdThird Party Advisory
- rhn.redhat.com/errata/RHSA-2017-0794.htmlnvd
- security.gentoo.org/glsa/201701-48nvd
News mentions
0No linked articles in our index yet.