BSA-2017-450

Brocade Fabric OS

2 more products

21651

24 December 2018

17 November 2017

Closed

Low

8.8

N/A

CVE-2017-14492

Summary

Security Advisory ID : BSA-2017-450

Component : IPV6RA

Revision : 2.0: Final

A heap buffer overflow was discovered in dnsmasq in the IPv6 router advertisement (RA) handling code. An attacker on the local network segment could send crafted RAs to dnsmasq which would cause it to crash or, potentially, execute arbitrary code. This issue only affected configurations using one of these options: enable-ra, ra-only, slaac, ra-names, ra-advrouter, or ra-stateless.

Affected Products

No Brocade Fibre Channel technology products from Broadcom are currently known to be affected by this vulnerability.

Workaround

There are no workarounds that address this vulnerability.

Revision History

Version Change Date
1.0 Initial Publication November 17, 2017
2.0 Updated for Fibre Channel Only December 24, 2018