12 matches found
Security update for frr
This update for frr fixes the following issue: Arithmetic overflow when parsing attribute of update packet due to regression introduced by the fix for CVE-2017-15865. bsc1230866 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or...
SUSE-SU-2024:3524-1 Security update for frr
This update for frr fixes the following issue: - Arithmetic overflow when parsing attribute of update packet due to regression introduced by the fix for CVE-2017-15865. bsc1230866...
openSUSE Security Advisory (SUSE-SU-2024:3478-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2024:3478-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE SLES15: libfpm_pb0 / libospf0 / libospfapiclient0 / libquagga_pb0 / etc (SUSE-SU-2024:3478-1)
The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:3478-1 advisory. - CVE-2017-15865: sensitive information disclosed when malformed BGP UPDATE packets are processed. bsc1230866 -...
SUSE-SU-2024:3478-1 Security update for quagga
This update for quagga fixes the following issues: - CVE-2017-15865: sensitive information disclosed when malformed BGP UPDATE packets are processed. bsc1230866 - CVE-2024-44070: crash when parsing Tunnel Encap attribute due to no length check. bsc1229438 - CVE-2022-37032: out-of-bounds read when...
SUSE SLES15: libfpm_pb0 / libospf0 / libospfapiclient0 / libquagga_pb0 / etc (SUSE-SU-2024:3433-1)
The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:3433-1 advisory. - CVE-2017-15865: sensitive information disclosed when malformed BGP UPDATE packets are processed. bsc1230866 - CVE-2024-44070: cra...
SUSE: Security Advisory (SUSE-SU-2024:3433-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2024:3426-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE-SU-2024:3426-1 Security update for quagga
This update for quagga fixes the following issues: - CVE-2017-15865: sensitive information disclosed when malformed BGP UPDATE packets are processed. bsc1230866 - CVE-2024-44070: crash when parsing Tunnel Encap attribute due to no length check. bsc1229438 - CVE-2022-37032: out-of-bounds read when...
CVE-2017-15865
CVE-2017-15865 affects FRR (bgpd) in FRRouting before 2.0.2 and in 3.x before 3.0.2, used in Cumulus Linux before 3.4.3. A malformed BGP UPDATE from a connected peer can trigger transmission of up to thousands of unintended bytes, causing information disclosure. The issue stems from mishandled at...
CVE-2017-15865
bgpd in FRRouting FRR before 2.0.2 and 3.x before 3.0.2, as used in Cumulus Linux before 3.4.3 and other products, allows remote attackers to obtain sensitive information via a malformed BGP UPDATE packet from a connected peer, which triggers transmission of up to a few thousand unintended bytes...