PatchSiren

PatchSiren cyber security CVE debrief

CVE-2017-5495 Quagga CVE debrief

CVE-2017-5495 describes a denial-of-service flaw in Quagga’s telnet-based vty CLI. If the CLI is exposed, a remote attacker who can reach the TCP port can send input without a newline and cause the vty buffer to grow without bound, driving unbounded memory allocation. The impact ranges from daemon termination to full host memory exhaustion. The CVE record notes the issue is fixed in Quagga 1.1.1 and the Free Range Routing (FRR) Protocol Suite 2017-01-10.

Vendor
Quagga
Product
CVE-2017-5495
CVSS
HIGH 7.5
CISA KEV
Not listed in stored evidence
Original CVE published
2017-01-24
Original CVE updated
2026-05-13
Advisory published
2017-01-24
Advisory updated
2026-05-13

Who should care

Network operators, Linux distribution maintainers, and administrators running Quagga daemons with telnet vty enabled should treat this as important. It matters most where the management interface is reachable from untrusted networks, even though many distributions restrict it to local access by default.

Technical summary

NVD describes the weakness as CWE-119 with CVSS 3.0 vector AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H. The vulnerable behavior is an unbounded input buffer in the telnet vty CLI: if a newline is never entered, the buffer continues to expand, allowing memory exhaustion. The affected version range in the NVD record is Quagga through 1.1.0, and the CVE description states the issue is fixed in Quagga 1.1.1 and FRR Protocol Suite 2017-01-10.

Defensive priority

High for any environment that exposes Quagga management access beyond localhost; moderate if the interface is confirmed local-only and otherwise isolated. Because exploitation is unauthenticated once the port is reachable, exposure reduction is the key control.

Recommended defensive actions

  • Upgrade Quagga to 1.1.1 or later, or move to a fixed FRR release as noted in the CVE description.
  • Confirm the telnet vty interface is not reachable from untrusted networks; restrict it to localhost or management-only access.
  • Audit firewall and ACL rules for the Quagga management TCP ports and remove unnecessary exposure.
  • Verify whether any packaged Quagga instance is covered by a vendor advisory or backport, such as the referenced Red Hat erratum and Quagga/FRR advisories.
  • Monitor for abnormal Quagga memory growth or daemon restarts that could indicate probing or abuse of the vty interface.

Evidence notes

This debrief is based on the supplied CVE record and its referenced official and vendor-linked sources. The CVE description states the issue affects Quagga versions 0.93 through 1.1.0, occurs in the telnet vty CLI, and can be triggered prior to authentication when the interface is reachable. NVD classifies the issue as CWE-119 and rates it CVSS 3.0 7.5 High. The referenced FRR pull request, Quagga mailing list post, and vendor advisory support the fix and remediation context. No exploit steps are included.

Official resources

CVE published: 2017-01-24T07:59:00.287Z. Source/NVD record last modified: 2026-05-13T00:24:29.033Z. The CVE description indicates the issue was fixed in Quagga 1.1.1 and FRR Protocol Suite 2017-01-10.