MiracleLinux 9 : frr-8.3.1-11.el9_3.2.ML.1 (AXSA:2024-7478:02)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-7478:02 advisory. ffr: Flowspec overflow in bgpd/bgpflowspec.c CVE-2023-38406 ffr: Out of bounds read in bgpd/bgplabel.c CVE-2023-38407 frr: crash from specially...

MiracleLinux 8 : frr-7.5.1-13.el8_9.3.ML.1 (AXSA:2024-7415:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-7415:01 advisory. ffr: Flowspec overflow in bgpd/bgpflowspec.c CVE-2023-38406 ffr: Out of bounds read in bgpd/bgplabel.c CVE-2023-38407 frr: crash from specially...

TencentOS Server 4: frr (TSSA-2024:0606)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2024:0606 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities...

TencentOS Server 3: frr (TSSA-2024:0019)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2024:0019 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities...

Alibaba Cloud Linux 3 : 0086: frr (ALINUX3-SA-2024:0086)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALINUX3-SA-2024:0086 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2023-38406: bgpd/bgpflowspec.c in...

Linux Distros Unpatched Vulnerability : CVE-2023-47235

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in FRRouting FRR through 9.0.1. A crash can occur when a malformed BGP UPDATE message with an EOR is processed, because the presence of...

CBL Mariner 2.0 Security Update: frr (CVE-2023-47235)

The version of frr installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2023-47235 advisory. - An issue was discovered in FRRouting FRR through 9.0.1. A crash can occur when a malformed BGP UPDATE message...

SUSE: Security Advisory (SUSE-SU-2024:2245-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE-SU-2024:2245-1 Security update for frr

This update for frr fixes the following issues: - CVE-2023-38406: Fixed nlri length of zero mishandling, aka 'flowspec overflow'. bsc1216900 - CVE-2023-47235: Fixed a crash on malformed BGP UPDATE message with an EOR, because the presence of EOR does not lead to a treat-as-withdraw outcome...

Ubuntu: Security Advisory (USN-6807-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

USN-6807-1: FRR vulnerabilities

It was discovered that FRR incorrectly handled certain network traffic. A remote attacker could possibly use this issue to cause FRR to crash, resulting in a denial of service. CVE-2022-26126, CVE-2022-26127, CVE-2022-26128, CVE-2022-26129, CVE-2022-37032, CVE-2022-37035, CVE-2023-31490,...

Ubuntu 20.04 LTS : FRR vulnerabilities (USN-6807-1)

The remote Ubuntu 20.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-6807-1 advisory. It was discovered that FRR incorrectly handled certain network traffic. A remote attacker could possibly use this issue to cause FRR to crash, resulting ...

CVE-2021-47235

In the Linux kernel, the following vulnerability has been resolved: net: ethernet: fix potential use-after-free in ecbhfremove static void ecbhfremovestruct pcidev dev ... struct ecbhfpriv priv = netdevprivnetdev; unregisternetdevnetdev; freenetdevnetdev; pciiounmapdev, priv-dmaio; pciiounmapdev,...

CVE-2021-47235

In the Linux kernel, the following vulnerability has been resolved: net: ethernet: fix potential use-after-free in ecbhfremove static void ecbhfremovestruct pcidev dev ... struct ecbhfpriv priv = netdevprivnetdev; unregisternetdevnetdev; freenetdevnetdev; pciiounmapdev, priv-dmaio; pciiounmapdev,...

CVE-2021-47235

In the Linux kernel, the following vulnerability has been resolved: net: ethernet: fix potential use-after-free in ecbhfremove static void ecbhfremovestruct pcidev dev ... struct ecbhfpriv priv = netdevprivnetdev; unregisternetdevnetdev; freenetdevnetdev; pciiounmapdev, priv-dmaio; pciiounmapdev,...

CVE-2023-47235 affecting package frr for versions less than 9.1-2

CVE-2023-47235 affecting package frr for versions less than 9.1-2. An upgraded version of the package is available that resolves this issue...

Debian: Security Advisory (DLA-3797-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Moderate: Red Hat Security Advisory: frr security update

An update for frr is now available for Red Hat Enterprise Linux 8.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

Moderate: Red Hat Security Advisory: frr security update

An update for frr is now available for Red Hat Enterprise Linux 9.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

RHEL 9 : frr (RHSA-2024:1093)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:1093 advisory. FRRouting is free software that manages TCP/IP based routing protocols. It supports BGP4, OSPFv2, OSPFv3, ISIS, RIP, RIPng, PIM, NHRP, PBR,...