9 matches found
MiracleLinux 9 : frr-8.3.1-11.el9.ML.1 (AXSA:2023-6853:07)
The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2023-6853:07 advisory. frr: Reachable assertion in peekforas4capability function CVE-2022-36440 frr: denial of service by crafting a BGP OPEN message with an option of typ...
Moderate: Red Hat Security Advisory: frr security and bug fix update
An update for frr is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CV...
RHEL 9 : frr (RHSA-2023:6434)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:6434 advisory. FRRouting is free software that manages TCP/IP based routing protocols. It supports BGP4, OSPFv2, OSPFv3, ISIS, RIP, RIPng, PIM, NHRP, PBR,...
[SECURITY] [DLA 3573-1] frr security update
Debian LTS Advisory DLA-3573-1 [email protected] https://www.debian.org/lts/security/ Markus Koschany September 19, 2023 https://wiki.debian.org/LTS Package : frr Version : 7.5.1-1.1+deb10u1 CVE ID : CVE-2022-36440 CVE-2022-40302 CVE-2022-40318 CVE-2022-43681 CVE-2023-31490 CVE-2023-388...
CVE-2022-40318
A vulnerability was found in FRRouting. The issue occurs in bgpd in FRRouting FRR. By crafting a BGP OPEN message with an option of type 0xff Extended Length from RFC 9072, attackers may cause a denial of service assertion failure and daemon restart or out-of-bounds read. This flaw is possible du...
CVE-2022-40318
An issue was discovered in bgpd in FRRouting FRR through 8.4. By crafting a BGP OPEN message with an option of type 0xff Extended Length from RFC 9072, attackers may cause a denial of service assertion failure and daemon restart, or out-of-bounds read. This is possible because of inconsistent...
CVE-2022-40318
An issue was discovered in bgpd in FRRouting FRR through 8.4. By crafting a BGP OPEN message with an option of type 0xff Extended Length from RFC 9072, attackers may cause a denial of service assertion failure and daemon restart, or out-of-bounds read. This is possible because of inconsistent...
CVE-2022-40318
CVE-2022-40318 (FRR bgpd) : In FRR up to 8.4, FRR’s bgp_open_option_parse() mishandles an option of type 0xff (Extended Length from RFC 9072), with boundary checks that don’t account for reading 3 bytes, causing denial of service via assertion failure and bgpd restart, or an out-of-bounds read. A...
CVE-2022-40318
An issue was discovered in bgpd in FRRouting FRR through 8.4. By crafting a BGP OPEN message with an option of type 0xff Extended Length from RFC 9072, attackers may cause a denial of service assertion failure and daemon restart, or out-of-bounds read. This is possible because of inconsistent...