[Buildroot] [PATCH 1/1] package/snort: security bump to version 2.9.18.1
Peter Korsgaard
peter at korsgaard.com
Mon Nov 8 15:04:17 UTC 2021
>>>>> "Fabrice" == Fabrice Fontaine <fontaine.fabrice at gmail.com> writes:
> Fix CVE-2021-40114: Multiple Cisco products are affected by a
> vulnerability in the way the Snort detection engine processes ICMP
> traffic that could allow an unauthenticated, remote attacker to cause a
> denial of service (DoS) condition on an affected device. The
> vulnerability is due to improper memory resource management while the
> Snort detection engine is processing ICMP packets. An attacker could
> exploit this vulnerability by sending a series of ICMP packets through
> an affected device. A successful exploit could allow the attacker to
> exhaust resources on the affected device, causing the device to reload.
> https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-snort-dos-s2R7W9UU
> https://www.snort.org/downloads/snort/changelog_2.9.18.1.txt
> Signed-off-by: Fabrice Fontaine <fontaine.fabrice at gmail.com>
Committed to 2021.02.x and 2021.08.x, thanks.
--
Bye, Peter Korsgaard
More information about the buildroot
mailing list