SUSE SLES15: frr / frr-devel / libfrr0 / libfrr_pb0 / libfrrcares0 / etc (SUSE-SU-2024:1475-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2024:1475-1 advisory. - CVE-2024-31948: Fixed denial of service due to malformed Prefix SID attribute in BGP Update packet bsc1222518 Tenable has extracted the...

CVE-2024-34088

In FRRouting FRR through 9.1, it is possible for the getedge function in ospfte.c in the OSPF daemon to return a NULL pointer. In cases where calling functions do not handle the returned NULL value, the OSPF daemon crashes, leading to denial of service...

CVE-2024-34088

In FRRouting FRR through 9.1, it is possible for the getedge function in ospfte.c in the OSPF daemon to return a NULL pointer. In cases where calling functions do not handle the returned NULL value, the OSPF daemon crashes, leading to denial of service...

DEBIAN-CVE-2024-34088

In FRRouting FRR through 9.1, it is possible for the getedge function in ospfte.c in the OSPF daemon to return a NULL pointer. In cases where calling functions do not handle the returned NULL value, the OSPF daemon crashes, leading to denial of service...

UBUNTU-CVE-2024-34088

In FRRouting FRR through 9.1, it is possible for the getedge function in ospfte.c in the OSPF daemon to return a NULL pointer. In cases where calling functions do not handle the returned NULL value, the OSPF daemon crashes, leading to denial of service...

CVE-2024-34088

In FRRouting FRR through 9.1, it is possible for the getedge function in ospfte.c in the OSPF daemon to return a NULL pointer. In cases where calling functions do not handle the returned NULL value, the OSPF daemon crashes, leading to denial of service...

frr: crafted BGP UPDATE message leading to a crash

A flaw was found in FRRouting. A crash can occur for a crafted BGP UPDATE message without mandatory attributes for example, one with only an unknown transit attribute...

Moderate: Red Hat Security Advisory: frr security update

An update for frr is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CV...

CVE-2024-34088

In FRRouting FRR through 9.1, it is possible for the getedge function in ospfte.c in the OSPF daemon to return a NULL pointer. In cases where calling functions do not handle the returned NULL value, the OSPF daemon crashes, leading to denial of service...

Moderate: frr security update

FRRouting is free software that manages TCP/IP based routing protocols. It supports BGP4, OSPFv2, OSPFv3, ISIS, RIP, RIPng, PIM, NHRP, PBR, EIGRP and BFD. Security Fixes: frr: incorrect length check in bgpcapabilityllgr can lead do DoS CVE-2023-31489 frr: missing length check in bgpattrpsidsub ca...

RHEL 9 : frr (RHSA-2024:2156)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:2156 advisory. FRRouting is free software that manages TCP/IP based routing protocols. It supports BGP4, OSPFv2, OSPFv3, ISIS, RIP, RIPng, PIM, NHRP, PBR,...

CVE-2024-34088

In FRRouting FRR through 9.1, it is possible for the getedge function in ospfte.c in the OSPF daemon to return a NULL pointer. In cases where calling functions do not handle the returned NULL value, the OSPF daemon crashes, leading to denial of service...

ALSA-2024:2156 Moderate: frr security update

FRRouting is free software that manages TCP/IP based routing protocols. It supports BGP4, OSPFv2, OSPFv3, ISIS, RIP, RIPng, PIM, NHRP, PBR, EIGRP and BFD. Security Fixes: frr: incorrect length check in bgpcapabilityllgr can lead do DoS CVE-2023-31489 frr: missing length check in bgpattrpsidsub ca...

CVE-2024-34088

In FRRouting FRR through 9.1, it is possible for the getedge function in ospfte.c in the OSPF daemon to return a NULL pointer. In cases where calling functions do not handle the returned NULL value, the OSPF daemon crashes, leading to denial of service...

FRRouting 安全漏洞

FRRouting is an open source network routing software suite from the FRRouting Project that runs on Unix-like platforms. A security vulnerability exists in FRRouting FRR version 9.1 and earlier versions, which stems from a call to a function that does not handle the returned NULL value and the OSP...

CVE-2024-34088

FRRouting (FRR) up to version 9.1 contains a NULL return in the get_edge() function of ospf_te.c within the OSPF daemon. When callers do not guard against a NULL, the OSPF daemon can crash, causing denial of service. Public references in multiple advisories note fixes in FRR releases (e.g., FRR 8...

SUSE SLES15: frr / frr-devel / libfrr0 / libfrr_pb0 / libfrrcares0 / etc (SUSE-SU-2024:1453-1)

The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:1453-1 advisory. - CVE-2024-27913: Fixed a denial of service issue via a malformed OSPF LSA packet bsc1220548. - CVE-2024-31948: Fixed...

[SECURITY] [DLA 3797-1] frr security update

Debian LTS Advisory DLA-3797-1 [email protected] https://www.debian.org/lts/security/ Tobias Frost April 28, 2024 https://wiki.debian.org/LTS Package : frr Version : 7.5.1-1.1+deb10u2 CVE ID : CVE-2022-26125 CVE-2022-26126 CVE-2022-26127 CVE-2022-26128 CVE-2022-26129 CVE-2022-37035...

Denial Of Service (DoS)

FRRouting/frr is vulnerable to Denial of Service DoS. This vulnerability occurs due to improper handling of the Prefix SID attribute in the bgpattrmalformed function within bgpattr.c, leading to a crash of the bgpd daemon...

SUSE CVE-2024-31950

In FRRouting FRR through 9.1, there can be a buffer overflow and daemon crash in ospfteparseri for OSPF LSA packets during an attempt to read Segment Routing subTLVs their size is not validated...