radvd: Multiple vulnerabilities Multiple vulnerabilities have been found in radvd which could potentially lead to privilege escalation, data loss, or a Denial of Service. radvd 2011-11-20 2011-11-20 385967 local, remote 1.8.2 1.8.2

radvd is an IPv6 router advertisement daemon for Linux and BSD.

Multiple vulnerabilities have been discovered in radvd. Please review the CVE identifiers referenced below for details.

A remote unauthenticated attacker may be able to gain escalated privileges, escalate the privileges of the radvd process, overwrite files with specific names, or cause a Denial of Service. Local attackers may be able to overwrite the contents of arbitrary files using symlinks.

There is no known workaround at this time.

All radvd users should upgrade to the latest stable version:

# emerge --sync # emerge --ask --oneshot --verbose ">=net-misc/radvd-1.8.2" CVE-2011-3601 CVE-2011-3602 CVE-2011-3603 CVE-2011-3604 CVE-2011-3605 ago ackle