CVE-2011-3601

Name	CVE-2011-3601
Description	Buffer overflow in the process_ra function in the router advertisement daemon (radvd) before 1.8.2 allows remote attackers to execute arbitrary code or cause a denial of service (crash) via a negative value in a label_len value.
Source	CVE (at NVD; CERT, LWN, oss-sec, fulldisc, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, GitHub advisories/code/issues, web search, more)
References	DSA-2323-1
Debian Bugs	644614

Vulnerable and fixed packages

The table below lists information on source packages.

Source Package	Release	Version	Status
radvd (PTS)	bullseye	1:2.18-3	fixed
	bookworm	1:2.19-1	fixed
	sid, trixie	1:2.19-2.1	fixed

The information below is based on the following data on fixed versions.

Package	Type	Release	Fixed Version	Origin	Debian Bugs
radvd	source	lenny	1:1.1-3.1	DSA-2323-1
radvd	source	squeeze	1:1.6-1.1	DSA-2323-1
radvd	source	(unstable)	1:1.8-1.2		644614

Notes

[squeeze] - radvd <not-affected> (No support for ND_OPT_DNSSL_INFORMATION)
[lenny] - radvd <not-affected> (No support for ND_OPT_DNSSL_INFORMATION)
http://seclists.org/oss-sec/2011/q4/30