High severity7.5NVD Advisory· Published May 23, 2016· Updated Jun 17, 2026
CVE-2016-4049
CVE-2016-4049
Description
The bgp_dump_routes_func function in bgpd/bgp_dump.c in Quagga does not perform size checks when dumping data, which might allow remote attackers to cause a denial of service (assertion failure and daemon crash) via a large BGP packet.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
14cpe:2.3:a:quagga:quagga:-:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:quagga:quagga:-:*:*:*:*:*:*:*
- (no CPE)
- osv-coords10 versionspkg:rpm/opensuse/quagga&distro=openSUSE%20Tumbleweedpkg:rpm/suse/quagga&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP4pkg:rpm/suse/quagga&distro=SUSE%20Linux%20Enterprise%20Server%2012pkg:rpm/suse/quagga&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP1pkg:rpm/suse/quagga&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2011%20SP4pkg:rpm/suse/quagga&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012pkg:rpm/suse/quagga&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP1pkg:rpm/suse/quagga&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2011%20SP4pkg:rpm/suse/quagga&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012pkg:rpm/suse/quagga&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012%20SP1
< 1.0.20160315-5.1+ 9 more
- (no CPE)range: < 1.0.20160315-5.1
- (no CPE)range: < 0.99.15-0.24.2
- (no CPE)range: < 0.99.22.1-12.1
- (no CPE)range: < 0.99.22.1-12.1
- (no CPE)range: < 0.99.15-0.24.2
- (no CPE)range: < 0.99.22.1-12.1
- (no CPE)range: < 0.99.22.1-12.1
- (no CPE)range: < 0.99.15-0.24.2
- (no CPE)range: < 0.99.22.1-12.1
- (no CPE)range: < 0.99.22.1-12.1
Patches
Vulnerability mechanics
References
9- lists.opensuse.org/opensuse-updates/2016-05/msg00062.htmlnvd
- rhn.redhat.com/errata/RHSA-2017-0794.htmlnvd
- www.debian.org/security/2016/dsa-3654nvd
- www.openwall.com/lists/oss-security/2016/04/27/7nvd
- www.securityfocus.com/bid/88561nvd
- www.securitytracker.com/id/1035699nvd
- lists.quagga.net/pipermail/quagga-dev/2016-February/014743.htmlnvd
- lists.quagga.net/pipermail/quagga-dev/2016-January/014699.htmlnvd
- security.gentoo.org/glsa/201701-48nvd
News mentions
0No linked articles in our index yet.