Security Issues and Announcements
Subscribe to our security announcements mailing list to learn about these issues as soon as we post them: https://lists.cumulusnetworks.com/listinfo/cumulus-security-announce
- ★ All Switches Installed from the Same Cumulus Linux 4.0.0 and 4.1.0 Image Have the Same SSH Host Keys
- ★ Spectre and Meltdown Vulnerability Fixes
- ★ Meltdown and Spectre: Modern CPU Vulnerabilities
- CVE-2017-15865: Malformed BGP UPDATE Triggers Information Disclosure
- CVE-2017-16227: bgpd Daemon in the FRRouting (FRR) and Quagga Suites Does not Properly Calculate the Length of Multi-segment AS_PATH UPDATE Messages
- Is Cumulus Linux Susceptible to the sudo Security Issue Described in CVE-2017-1000367?
- Cumulus Linux Is Susceptible to Kernel Vulnerability CVE-2016-5195 (Dirty CoW)
- Security Update for CVE-2015-7547: glibc getaddrinfo Stack-based Buffer Overflow Vulnerability
- Cumulus Linux Is not Susceptible to the Kernel Vulnerability CVE-2016-0728
- VLAN 1 Flood Traffic Flooded out from Ports Designated as Access Ports of other VLANs
- Security Update for CVE-2015-5699 (Configuring sudo Access to Several cl-* Commands Results in Local Privilege Escalation Vulnerability)
- Cumulus Linux Is not Susceptible to the OpenSSL Vulnerability CVE-2015-1793
- Is Cumulus Linux Susceptible to the Leap Second Bug?
- Security Update OpenSSL crypto Library Vulnerabilities: FREAK Fix
- Security Update for libc* and multiarch-support Packages: Ghost Fix
- Security Update for apt and bash Packages: Shellshock Fix
- Cumulus Networks Security Announcements
- Installing and Utilizing Scapy on Cumulus Linux
- Adding MD5-enabled BGP Neighbors