radvd: Multiple vulnerabilities
Gentoo Linux Security Advisory
||GLSA 201111-08 / radvd
||November 20, 2011
||November 20, 2011: 1
All supported architectures
Multiple vulnerabilities have been found in radvd which could
potentially lead to privilege escalation, data loss, or a Denial of
radvd is an IPv6 router advertisement daemon for Linux and BSD.
Multiple vulnerabilities have been discovered in radvd. Please review
the CVE identifiers referenced below for details.
A remote unauthenticated attacker may be able to gain escalated
privileges, escalate the privileges of the radvd process, overwrite files
with specific names, or cause a Denial of Service. Local attackers may be
able to overwrite the contents of arbitrary files using symlinks.
There is no known workaround at this time.
All radvd users should upgrade to the latest stable version:
Code Listing 3.1: Resolution
# emerge --sync
# emerge --ask --oneshot --verbose ">=net-misc/radvd-1.8.2"