This knowledge base has moved to the documentation site. Please visit the knowledge base here for the most up to date content. This site is no longer maintained.

CVE-2017-16227: bgpd Daemon in the FRRouting (FRR) and Quagga Suites Does not Properly Calculate the Length of Multi-segment AS_PATH UPDATE Messages


Note: This issue was announced on the Cumulus Networks security announcement mailing list on November 6, 2017.

As reported in CVE-2017-16227, the bgpd daemon in the FRRouting (FRR) and Quagga suites does not properly calculate the length of multi-segment AS_PATH UPDATE messages, causing bgpd to drop a session and potentially resulting in loss of network connectivity.

The bgpd daemon will be restarted automatically with the shipped configuration for both FRR and Quagga, so the loss in routing connectivity will be brief.

This will be fixed in FRR in Cumulus Linux 3.5.0. Quagga will be fixed in Cumulus Linux 2.5.13.

We recommend that you upgrade Cumulus Linux and Cumulus RMP when the updated versions are available.

For instructions on how to apply the latest security upgrades, please refer to this Help Center article.

Regarding previous Debian security upgrades for Cumulus Linux and Cumulus RMP: The Cumulus Linux and Cumulus RMP binary images by default include all Debian security updates available prior to the build date.

The Cumulus Linux and Cumulus RMP image files use the following naming format: <X.Y.Z release>-<md5sum>-<build date>-final.

Customers can identify security vulnerabilities by correlating a build date with the dates of Debian security updates posted at

If you have any questions, please contact us at support at


This support portal has moved

Cumulus Networks is now part of the NVIDIA Networking Business Unit! The NVIDIA Cumulus Global Support Services (GSS) team has merged its operations with the NVIDIA Mellanox support services team.

You can access NVIDIA Cumulus support content from the Mellanox support portal.

You open and update new cases on the Mellanox support portal. Any previous cases that have been closed have been migrated to the Mellanox support portal.

Cases that are still open on the Cumulus portal will continue to be managed on the Cumulus portal. Once these cases close, they will be moved to the Mellanox support portal.

Powered by Zendesk