CVE-2019-16159
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2019-16159
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2019-16159.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2019-16159
- Downstream
- Related
- Published
- 2019-09-09T15:15:12Z
- Modified
- 2025-11-11T04:55:06.041914Z
- Severity
-
- 7.5 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
- Summary
- [none]
- Details
-
BIRD Internet Routing Daemon 1.6.x through 1.6.7 and 2.x through 2.0.5 has a stack-based buffer overflow. The BGP daemon's support for RFC 8203 administrative shutdown communication messages included an incorrect logical expression when checking the validity of an input message. Sending a shutdown communication with a sufficient message length causes a four-byte overflow to occur while processing the message, where two of the overflow bytes are attacker-controlled and two are fixed.
- References
-
- http://bird.network.cz
- http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00063.html
- http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00065.html
- http://trubka.network.cz/pipermail/bird-users/2019-September/013718.html
- http://trubka.network.cz/pipermail/bird-users/2019-September/013720.html
- http://trubka.network.cz/pipermail/bird-users/2019-September/013722.html
- https://gitlab.labs.nic.cz/labs/bird/commit/1657c41c96b3c07d9265b07dd4912033ead4124b
- https://gitlab.labs.nic.cz/labs/bird/commit/8388f5a7e14108a1458fea35bfbb5a453e2c563c
- https://seclists.org/bugtraq/2019/Sep/34
- https://www.debian.org/security/2019/dsa-4528
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4F23NNAPXX65MGJQBPPTVGRV3T4XCKBV/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MCVNQJBZYGGNAJNGOFEBE3IAJME2QIZB/
Affected packages
Git / gitlab.labs.nic.cz/labs/bird
Affected ranges
- Type
- GIT
- Repo
- https://gitlab.labs.nic.cz/labs/bird
- Events
-
Introduced1e3810f9f8e251d82a8157b39df9be196315c43eIntroducedfa5c09a2e708ed505ca140531b98e695fdaf989c
Affected versions
3.*
3.0-alpha0
v1.*
v1.6.0
v1.6.1
v1.6.2
v1.6.3
v1.6.4
v1.6.5
v1.6.6
v1.6.7
v1.6.8
v2.*
v2.0.0
v2.0.0-pre0
v2.0.0-pre1
v2.0.1
v2.0.10
v2.0.11
v2.0.12
v2.0.2
v2.0.3
v2.0.4
v2.0.5
v2.0.6
v2.0.7
v2.0.8
v2.0.9
v2.13
v2.13.1
v2.14
v2.15
v2.15.1
v2.16
v2.16.1
v2.16.2
v2.17
v2.17.1
v2.17.2
v3.*
v3.0-alpha1
v3.0-alpha2
v3.0.0
v3.0.1
v3.0.2
v3.0.3
v3.0.4
v3.0.5
v3.1.0
v3.1.1
v3.1.2
v3.1.3
v3.1.4
Git / gitlab.nic.cz/labs/bird
Affected ranges
- Type
- GIT
- Repo
- https://gitlab.nic.cz/labs/bird
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedFixed1657c41c96b3c07d9265b07dd4912033ead4124bFixed8388f5a7e14108a1458fea35bfbb5a453e2c563c
Affected versions
v1.*
v1.2.0
v1.2.1
v1.2.2
v1.2.3
v1.3.0
v1.3.1
v1.3.10
v1.3.11
v1.3.2
v1.3.3
v1.3.4
v1.3.5
v1.3.6
v1.3.7
v1.3.8
v1.3.9
v1.4.0
v1.4.1
v1.4.2
v1.4.3
v1.4.4
v1.4.5
v1.5.0
v1.6.0
v1.6.1
v1.6.2
v1.6.3
v1.6.4
v1.6.5
v1.6.6
v1.6.7
v2.*
v2.0.0
v2.0.0-pre0
v2.0.0-pre1
v2.0.1
v2.0.2
v2.0.3
v2.0.4
v2.0.5
Database specific
vanir_signatures
[
{
"id": "CVE-2019-16159-19bde9a3",
"signature_type": "Line",
"source": "https://gitlab.nic.cz/labs/bird@8388f5a7e14108a1458fea35bfbb5a453e2c563c",
"target": {
"file": "proto/bgp/packets.c"
},
"digest": {
"line_hashes": [
"216893417837476986888965276365877246422",
"223445219091451626815491961387763006748",
"321385252695183225000492290604323630133",
"240393356610038048681844503473819906720",
"4383943790272205345412568721163061337",
"276441775111768339359338816026274139390",
"84258977817401017440276937716070434403",
"295253454909988706774094035716076630568"
],
"threshold": 0.9
},
"signature_version": "v1",
"deprecated": false
},
{
"id": "CVE-2019-16159-62d9e0ec",
"signature_type": "Function",
"source": "https://gitlab.nic.cz/labs/bird@8388f5a7e14108a1458fea35bfbb5a453e2c563c",
"target": {
"function": "bgp_handle_message",
"file": "proto/bgp/packets.c"
},
"digest": {
"length": 448.0,
"function_hash": "130779972019287339614087948162341524144"
},
"signature_version": "v1",
"deprecated": false
},
{
"id": "CVE-2019-16159-c1c649bd",
"signature_type": "Line",
"source": "https://gitlab.nic.cz/labs/bird@1657c41c96b3c07d9265b07dd4912033ead4124b",
"target": {
"file": "proto/bgp/packets.c"
},
"digest": {
"line_hashes": [
"216893417837476986888965276365877246422",
"223445219091451626815491961387763006748",
"321385252695183225000492290604323630133",
"240393356610038048681844503473819906720",
"255920384722461930579550090089086617062",
"38099894567800398323843450381818194066",
"84125401342413400062944322038071946879",
"70697898021381015989562920937856652083"
],
"threshold": 0.9
},
"signature_version": "v1",
"deprecated": false
},
{
"id": "CVE-2019-16159-ffdc3bfd",
"signature_type": "Function",
"source": "https://gitlab.nic.cz/labs/bird@1657c41c96b3c07d9265b07dd4912033ead4124b",
"target": {
"function": "bgp_handle_message",
"file": "proto/bgp/packets.c"
},
"digest": {
"length": 448.0,
"function_hash": "130779972019287339614087948162341524144"
},
"signature_version": "v1",
"deprecated": false
}
]