11 matches found
MiracleLinux 9 : frr-8.3.1-11.el9.ML.1 (AXSA:2023-6853:07)
The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2023-6853:07 advisory. frr: Reachable assertion in peekforas4capability function CVE-2022-36440 frr: denial of service by crafting a BGP OPEN message with an option of typ...
Moderate: Red Hat Security Advisory: frr security and bug fix update
An update for frr is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CV...
RHEL 9 : frr (RHSA-2023:6434)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:6434 advisory. FRRouting is free software that manages TCP/IP based routing protocols. It supports BGP4, OSPFv2, OSPFv3, ISIS, RIP, RIPng, PIM, NHRP, PBR,...
[SECURITY] [DLA 3573-1] frr security update
Debian LTS Advisory DLA-3573-1 [email protected] https://www.debian.org/lts/security/ Markus Koschany September 19, 2023 https://wiki.debian.org/LTS Package : frr Version : 7.5.1-1.1+deb10u1 CVE ID : CVE-2022-36440 CVE-2022-40302 CVE-2022-40318 CVE-2022-43681 CVE-2023-31490 CVE-2023-388...
CVE-2022-43681
An out-of-bounds read flaw exists in the BGP daemon of FRRouting. When sending a malformed BGP OPEN message that ends with the option length octet or the option length word, in case of an extended OPEN message, the FRR code reads out of the bounds of the packet, throwing a SIGABRT signal and...
CVE-2022-43681
An out-of-bounds read exists in the BGP daemon of FRRouting FRR through 8.4. When sending a malformed BGP OPEN message that ends with the option length octet or the option length word, in case of an extended OPEN message, the FRR code reads of out of the bounds of the packet, throwing a SIGABRT...
CVE-2022-40318
An issue was discovered in bgpd in FRRouting FRR through 8.4. By crafting a BGP OPEN message with an option of type 0xff Extended Length from RFC 9072, attackers may cause a denial of service assertion failure and daemon restart, or out-of-bounds read. This is possible because of inconsistent...
CVE-2022-43681
CVE-2022-43681 is an out-of-bounds read vulnerability in the FRRouting (FRR) BGP daemon. The issue occurs when parsing a malformed BGP OPEN message that ends with the option length octet (or extended length), causing the code to read beyond the packet and invoke SIGABRT, triggering a bgpd restart...
CVE-2022-43681
An out-of-bounds read exists in the BGP daemon of FRRouting FRR through 8.4. When sending a malformed BGP OPEN message that ends with the option length octet or the option length word, in case of an extended OPEN message, the FRR code reads of out of the bounds of the packet, throwing a SIGABRT...
CVE-2022-43681
An out-of-bounds read exists in the BGP daemon of FRRouting FRR through 8.4. When sending a malformed BGP OPEN message that ends with the option length octet or the option length word, in case of an extended OPEN message, the FRR code reads of out of the bounds of the packet, throwing a SIGABRT...
CVE-2022-43681
An out-of-bounds read exists in the BGP daemon of FRRouting FRR through 8.4. When sending a malformed BGP OPEN message that ends with the option length octet or the option length word, in case of an extended OPEN message, the FRR code reads of out of the bounds of the packet, throwing a SIGABRT...