CVE-2013-2236

N/A Unknown
Published: October 24, 2013 Modified: April 29, 2026
View on NVD

Description

Stack-based buffer overflow in the new_msg_lsa_change_notify function in the OSPFD API (ospf_api.c) in Quagga before 0.99.22.2, when --enable-opaque-lsa and the -a command line option are used, allows remote attackers to cause a denial of service (crash) via a large LSA.

AI Explanation

Get an AI-powered plain-language explanation of this vulnerability and remediation steps.

Login to generate AI explanation

References to Advisories, Solutions, and Tools

Patch Vendor Advisory Exploit Third Party Advisory
http://git.savannah.gnu.org/gitweb/?p=quagga.git%3Ba=commitdiff%3Bh=3f872fe60463a931c5c766dbf8c36870c0023e88
Source: secalert@redhat.com
http://lists.quagga.net/pipermail/quagga-dev/2013-July/010622.html
Source: secalert@redhat.com
http://nongnu.mirrors.hostinginnederland.nl//quagga/quagga-0.99.22.3.changelog.txt
Source: secalert@redhat.com
http://rhn.redhat.com/errata/RHSA-2017-0794.html
Source: secalert@redhat.com
http://seclists.org/oss-sec/2013/q3/24
Source: secalert@redhat.com
http://www.debian.org/security/2013/dsa-2803
Source: secalert@redhat.com
http://www.securityfocus.com/bid/60955
Source: secalert@redhat.com
http://www.ubuntu.com/usn/USN-2941-1
Source: secalert@redhat.com
http://git.savannah.gnu.org/gitweb/?p=quagga.git%3Ba=commitdiff%3Bh=3f872fe60463a931c5c766dbf8c36870c0023e88
Source: af854a3a-2127-422b-91ae-364da2661108
http://lists.quagga.net/pipermail/quagga-dev/2013-July/010622.html
Source: af854a3a-2127-422b-91ae-364da2661108
http://nongnu.mirrors.hostinginnederland.nl//quagga/quagga-0.99.22.3.changelog.txt
Source: af854a3a-2127-422b-91ae-364da2661108
http://rhn.redhat.com/errata/RHSA-2017-0794.html
Source: af854a3a-2127-422b-91ae-364da2661108
http://seclists.org/oss-sec/2013/q3/24
Source: af854a3a-2127-422b-91ae-364da2661108
http://www.debian.org/security/2013/dsa-2803
Source: af854a3a-2127-422b-91ae-364da2661108
http://www.securityfocus.com/bid/60955
Source: af854a3a-2127-422b-91ae-364da2661108
http://www.ubuntu.com/usn/USN-2941-1
Source: af854a3a-2127-422b-91ae-364da2661108

16 reference(s) from NVD

Quick Stats

CVSS v3 Score
N/A / 10.0
EPSS (Exploit Probability)
1.0%
77th percentile
Exploitation Status
Not in CISA KEV

Weaknesses (CWE)

CWE-119

Affected Vendors

quagga

Related CVEs

CVE-2026-8108 7.8
CVE-2026-5371 7.1
CVE-2026-44548 8.1
CVE-2026-44547 9.6
CVE-2026-44352 N/A