CVE-2018-12066

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2018-12066

Import Source

https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2018-12066.json

JSON Data

https://api.test.osv.dev/v1/vulns/CVE-2018-12066

Downstream

DEBIAN-CVE-2018-12066

UBUNTU-CVE-2018-12066

Published

2018-06-08T14:29:00Z

Modified

2025-10-21T08:55:04.948220Z

Severity

5.5 (Medium) CVSS_V3 - CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVSS Calculator

Summary

[none]

Details

BIRD Internet Routing Daemon before 1.6.4 allows local users to cause a denial of service (stack consumption and daemon crash) via BGP mask expressions in birdc.

References

Affected packages

Git / gitlab.labs.nic.cz/labs/bird

Affected ranges

Type: GIT
Repo: https://gitlab.labs.nic.cz/labs/bird
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Fixed

f77fb3f00e2d628224c5397f2ad0198026d4290a

Affected versions

v1.*

v1.2.0

v1.2.1

v1.2.2

v1.2.3

v1.3.0

v1.3.1

v1.3.10

v1.3.11

v1.3.2

v1.3.3

v1.3.4

v1.3.5

v1.3.6

v1.3.7

v1.3.8

v1.3.9

v1.4.0

v1.4.1

v1.4.2

v1.4.3

v1.4.4

v1.4.5

v1.5.0

v1.6.0

v1.6.1

v1.6.2

v1.6.3

Git / gitlab.nic.cz/labs/bird

Affected ranges

Type: GIT
Repo: https://gitlab.nic.cz/labs/bird
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Fixed

e8bc64e308586b6502090da2775af84cd760ed0d

Affected versions

v1.*

v1.2.0

v1.2.1

v1.2.2

v1.2.3

v1.3.0

v1.3.1

v1.3.10

v1.3.11

v1.3.2

v1.3.3

v1.3.4

v1.3.5

v1.3.6

v1.3.7

v1.3.8

v1.3.9

v1.4.0

v1.4.1

v1.4.2

v1.4.3

v1.4.4

v1.4.5

v1.5.0

v1.6.0

v1.6.1

v1.6.2

v1.6.3

Database specific

vanir_signatures

[
    {
        "signature_type": "Function",
        "target": {
            "file": "nest/a-path.c",
            "function": "as_path_match"
        },
        "id": "CVE-2018-12066-2fbb22f9",
        "source": "https://gitlab.nic.cz/labs/bird@e8bc64e308586b6502090da2775af84cd760ed0d",
        "signature_version": "v1",
        "digest": {
            "function_hash": "146601362555529428225448846009350976172",
            "length": 1034.0
        },
        "deprecated": false
    },
    {
        "signature_type": "Function",
        "target": {
            "file": "filter/filter.c",
            "function": "i_same"
        },
        "id": "CVE-2018-12066-3f59bfba",
        "source": "https://gitlab.nic.cz/labs/bird@e8bc64e308586b6502090da2775af84cd760ed0d",
        "signature_version": "v1",
        "digest": {
            "function_hash": "328122108357130587580737899718518771421",
            "length": 2771.0
        },
        "deprecated": false
    },
    {
        "signature_type": "Function",
        "target": {
            "file": "filter/filter.c",
            "function": "interpret"
        },
        "id": "CVE-2018-12066-658ccd9a",
        "source": "https://gitlab.nic.cz/labs/bird@e8bc64e308586b6502090da2775af84cd760ed0d",
        "signature_version": "v1",
        "digest": {
            "function_hash": "160882589842029641195456702785023564419",
            "length": 21057.0
        },
        "deprecated": false
    },
    {
        "signature_type": "Function",
        "target": {
            "file": "filter/filter.c",
            "function": "f_eval_asn"
        },
        "id": "CVE-2018-12066-7e0bd7f0",
        "source": "https://gitlab.nic.cz/labs/bird@e8bc64e308586b6502090da2775af84cd760ed0d",
        "signature_version": "v1",
        "digest": {
            "function_hash": "316225394627571859507331782686704520530",
            "length": 122.0
        },
        "deprecated": false
    },
    {
        "signature_type": "Line",
        "target": {
            "file": "nest/a-path.c"
        },
        "id": "CVE-2018-12066-9db83597",
        "source": "https://gitlab.nic.cz/labs/bird@e8bc64e308586b6502090da2775af84cd760ed0d",
        "signature_version": "v1",
        "digest": {
            "threshold": 0.9,
            "line_hashes": [
                "287862476659046073978004275006007956086",
                "113292440691920669444679834715440830190",
                "50873894112161123260697295781140835043",
                "7239184518715717027838194962807117733",
                "297591327582498492581541829546215028387"
            ]
        },
        "deprecated": false
    },
    {
        "signature_type": "Line",
        "target": {
            "file": "filter/filter.c"
        },
        "id": "CVE-2018-12066-b830361b",
        "source": "https://gitlab.nic.cz/labs/bird@e8bc64e308586b6502090da2775af84cd760ed0d",
        "signature_version": "v1",
        "digest": {
            "threshold": 0.9,
            "line_hashes": [
                "126185139693833772406049631436311002020",
                "149564655093689242767364284659268463275",
                "37166222210635255550429610522269772722",
                "153412446262756251259990061334464500877",
                "330064056278221281734198606566277364297",
                "166574194679954843989340061617998353070",
                "93601887649986582048475595271247633159",
                "54808317546777211648578610497395441687",
                "106625478119096928780702545058808239167",
                "60469423383802778564433977572495758058",
                "317898035497896594802745245025280181215",
                "187264691412407051826630392988286572988",
                "296936897057747663152874402802403898138",
                "151631982063373834451900802616487983493",
                "4571632843198620844513451161110155752",
                "311470986553228883664402569320282724053",
                "314836375565953746820858828748098903145",
                "191656233115714168024520401765755294006",
                "114006497461564571575159556817426384571",
                "125210581463776752866244426985558427920"
            ]
        },
        "deprecated": false
    },
    {
        "signature_type": "Line",
        "target": {
            "file": "filter/filter.h"
        },
        "id": "CVE-2018-12066-d46984d5",
        "source": "https://gitlab.nic.cz/labs/bird@e8bc64e308586b6502090da2775af84cd760ed0d",
        "signature_version": "v1",
        "digest": {
            "threshold": 0.9,
            "line_hashes": [
                "143936555563971586843506317824471559619",
                "180543273020735071829022542449107712998",
                "131191414462074678538321510803651897422",
                "282779912912035370691950140486964988897",
                "37146484244005892865304822453988088709",
                "108366404304384912473369888486603291392",
                "37467392589188327719096061009745904642",
                "148237640665932378037843992922078195715"
            ]
        },
        "deprecated": false
    },
    {
        "signature_type": "Function",
        "target": {
            "file": "filter/filter.c",
            "function": "pm_format"
        },
        "id": "CVE-2018-12066-e09dca80",
        "source": "https://gitlab.nic.cz/labs/bird@e8bc64e308586b6502090da2775af84cd760ed0d",
        "signature_version": "v1",
        "digest": {
            "function_hash": "132998610197193378671409307832334484852",
            "length": 553.0
        },
        "deprecated": false
    }
]