So there’s a buffer overflow in link_ntoa. What does this mean? CERT says an attacker may be able to execute arbitrary code, but who can be an attacker? Where is link_ntoa used?
What does link_ntoa even do? I’ve never heard of this function before.
Networking something or other I guess.
First place to look is in libc itself, where the function lives. The implementation lives in net/linkaddr.c but it’s the declaration that’s of particular interest.
The PROTO_DEPRECATED macro marks a function as exported from the library, but not for use internally. We can also verify with grep that nothing in libc calls link_ntoa, but with the symbol marking we can be confident we haven’t missed any thing.
Moving on to base, we find a few occurrences.
This is used to print route information obtained from the kernel. So if you haven’t patched yet, before you run route show again, make sure you trust the kernel.