ROS-20240904-01

Vulnerability of the getedge function of the ospfte.c file of the OSPF Daemonr component of the software tool for implementing network routing on Unix-like systems FRRouting is related to resource release errors. network routing on Unix-like systems FRRouting is related to resource release errors...

[SECURITY] [DLA 3865-1] frr security update

Debian LTS Advisory DLA-3865-1 [email protected] https://www.debian.org/lts/security/ Tobias Frost September 03, 2024 https://wiki.debian.org/LTS Package : frr Version : 7.5.1-1.1+deb11u3 CVE ID : CVE-2022-26125 CVE-2022-26126 CVE-2022-26127 CVE-2022-26128 CVE-2022-26129 CVE-2022-37035...

SUSE CVE-2024-44070

An issue was discovered in FRRouting FRR through 10.1. bgpattrencap in bgpd/bgpattr.c does not check the actual remaining stream length before taking the TLV value...

CVE-2024-44070

A flaw was found in FRRouting FRR. Improper input validation in the bgpattrencap function in the bgpd/bgpattr.c file of the remaining stream length before assigning the TLV value can cause the bgpd daemon to crash, resulting in a denial of service. Mitigation Mitigation for this issue is either n...

AZL-47862 CVE-2024-44070 affecting package frr for versions less than 8.5.5-1

An issue was discovered in FRRouting FRR through 10.1. bgpattrencap in bgpd/bgpattr.c does not check the actual remaining stream length before taking the TLV value...

CVE-2024-44070

An issue was discovered in FRRouting FRR through 10.1. bgpattrencap in bgpd/bgpattr.c does not check the actual remaining stream length before taking the TLV value...

CVE-2024-44070

An issue was discovered in FRRouting FRR through 10.1. bgpattrencap in bgpd/bgpattr.c does not check the actual remaining stream length before taking the TLV value...

CVE-2024-44070

An issue was discovered in FRRouting FRR through 10.1. bgpattrencap in bgpd/bgpattr.c does not check the actual remaining stream length before taking the TLV value...

UBUNTU-CVE-2024-44070

An issue was discovered in FRRouting FRR through 10.1. bgpattrencap in bgpd/bgpattr.c does not check the actual remaining stream length before taking the TLV value...

CVE-2024-44070

An issue was discovered in FRRouting FRR through 10.1. bgpattrencap in bgpd/bgpattr.c does not check the actual remaining stream length before taking the TLV value...

CVE-2024-44070

An issue was discovered in FRRouting FRR through 10.1. bgpattrencap in bgpd/bgpattr.c does not check the actual remaining stream length before taking the TLV value...

CVE-2024-44070

An issue was discovered in FRRouting FRR through 10.1. bgpattrencap in bgpd/bgpattr.c does not check the actual remaining stream length before taking the TLV value...

CVE-2024-44070

Summary (CVE-2024-44070) FRRouting/FRR (up to 10.1) contains a bug in bgpd/bgp_attr.c where bgp_attr_encap does not verify the remaining stream length before reading a TLV, potentially enabling a crafted BGP UPDATE to cause abnormal processing. The vulnerability is described with high/critical im...

frr - BGP

[email protected] reports: An issue was discovered in FRRouting FRR. bgpattrencap in bgpd/bgpattr.c does not check the actual remaining stream length before taking the TLV value...

FRRouting 安全漏洞

FRRouting is the FRRouting open source suite of network routing software that runs on Unix-like platforms. A security vulnerability exists in FRRouting versions 10.1 and earlier, which stems from bgpattrencap in bgpd/bgpattr.c that does not check the actual remaining stream length before obtainin...

PT-2024-6046 · Frrouting +5 · Frrouting +5

Name of the Vulnerable Software and Affected Versions: FRRouting versions through 10.1 Description: An issue was discovered in the bgp attr encap function in the bgpd/bgp attr.c file, which does not check the actual remaining stream length before taking the TLV value. This can allow a remote...

[SECURITY] Fedora 39 Update: frr-8.5.5-1.fc39

FRRouting is free software that manages TCP/IP based routing protocols. It ta kes a multi-server and multi-threaded approach to resolve the current complexity of the Internet. FRRouting supports BGP4, OSPFv2, OSPFv3, ISIS, RIP, RIPng, PIM, NHRP, PBR, EIGRP and BFD. FRRouting is a fork of Quagga...

Fedora: Security Advisory (FEDORA-2024-0c063be1cc)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] Fedora 40 Update: frr-9.1.1-1.fc40

FRRouting is free software that manages TCP/IP based routing protocols. It ta kes a multi-server and multi-threaded approach to resolve the current complexity of the Internet. FRRouting supports BGP4, OSPFv2, OSPFv3, ISIS, RIP, RIPng, PIM, NHRP, PBR, EIGRP and BFD. FRRouting is a fork of Quagga...

CBL Mariner 2.0 Security Update: frr (CVE-2023-47235)

The version of frr installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2023-47235 advisory. - An issue was discovered in FRRouting FRR through 9.0.1. A crash can occur when a malformed BGP UPDATE message...