23 matches found
Oracle Linux 9 : frr (ELSA-2024-2156)
The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-2156 advisory. 8.5.3-4 - Resolves: RHEL-14825 - crafted BGP UPDATE message leading to a crash 8.5.3-3 - Resolves: RHEL-14822 - mishandled malformed data leading to a...
Moderate: Red Hat Security Advisory: frr security update
An update for frr is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CV...
Moderate: frr security update
FRRouting is free software that manages TCP/IP based routing protocols. It supports BGP4, OSPFv2, OSPFv3, ISIS, RIP, RIPng, PIM, NHRP, PBR, EIGRP and BFD. Security Fixes: frr: incorrect length check in bgpcapabilityllgr can lead do DoS CVE-2023-31489 frr: missing length check in bgpattrpsidsub ca...
RHEL 9 : frr (RHSA-2024:2156)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:2156 advisory. FRRouting is free software that manages TCP/IP based routing protocols. It supports BGP4, OSPFv2, OSPFv3, ISIS, RIP, RIPng, PIM, NHRP, PBR,...
openSUSE: Security Advisory for frr (SUSE-SU-2023:3709-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora: Security Advisory for frr (FEDORA-2023-ce436d56f8)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora 37 : frr (2023-ce436d56f8)
The remote Fedora 37 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-ce436d56f8 advisory. New version 8.5.3. Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not tested...
quagga: Fix of 2 CVEs
CVE-2023-41360: don't read the first byte of ORF header if we are ahead of stream - CVE-2023-41358: do not process NLRIs if the attribute length is zero...
Ubuntu: Security Advisory (USN-6432-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Ubuntu: Security Advisory (USN-6436-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Ubuntu 20.04 ESM / 22.04 LTS / 23.04 : FRR vulnerabilities (USN-6436-1)
The remote Ubuntu 20.04 ESM / 22.04 LTS / 23.04 host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-6436-1 advisory. It was discovered that the FRR did not properly check the attribute length in NRLI. A remote attacker could possibly use this issue t...
Ubuntu 16.04 ESM / 18.04 ESM / 20.04 LTS : Quagga vulnerabilities (USN-6432-1)
The remote Ubuntu 16.04 ESM / 18.04 ESM / 20.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-6432-1 advisory. It was discovered that the Quagga BGP daemon did not properly check the attribute length in NRLI. A remote attacker could possibl...
CBL Mariner 2.0 Security Update: frr (CVE-2023-41360)
The version of frr installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2023-41360 advisory. - An issue was discovered in FRRouting FRR through 9.0. bgpd/bgppacket.c can read the initial byte of the ORF...
CVE-2023-41360 affecting package frr for versions less than 8.5.3-2
CVE-2023-41360 affecting package frr for versions less than 8.5.3-2. An upgraded version of the package is available that resolves this issue...
SUSE SLES15: frr / frr-devel / libfrr0 / libfrr_pb0 / libfrrcares0 / etc (SUSE-SU-2023:3709-1)
The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:3709-1 advisory. - CVE-2023-38802: Fixed bad length handling in BGP attribute handling bsc1213284. - CVE-2023-41358: Fixed crash in...
SUSE-SU-2023:3709-1 Security update for frr
This update for frr fixes the following issues: - CVE-2023-38802: Fixed bad length handling in BGP attribute handling bsc1213284. - CVE-2023-41358: Fixed crash in bgpd/bgppacket.c bsc1214735. - CVE-2023-41360: Fixed out-of-bounds read in bgpd/bgppacket.c bsc1214739. - CVE-2023-3748: Fixed inifini...
[SECURITY] [DLA 3573-1] frr security update
Debian LTS Advisory DLA-3573-1 [email protected] https://www.debian.org/lts/security/ Markus Koschany September 19, 2023 https://wiki.debian.org/LTS Package : frr Version : 7.5.1-1.1+deb10u1 CVE ID : CVE-2022-36440 CVE-2022-40302 CVE-2022-40318 CVE-2022-43681 CVE-2023-31490 CVE-2023-388...
CVE-2023-41360
creationtimestamp| type| source ---|---|--- 2023-08-29 07:17:17+00:00| seen| https://t.me/cibsecurity/69344...
AZL-28617 CVE-2023-41360 affecting package frr for versions less than 8.5.3-2
An issue was discovered in FRRouting FRR through 9.0. bgpd/bgppacket.c can read the initial byte of the ORF header in an ahead-of-stream situation...
CVE-2023-41360
An issue was discovered in FRRouting FRR through 9.0. bgpd/bgppacket.c can read the initial byte of the ORF header in an ahead-of-stream situation...