25 matches found
TencentOS Server 3: frr (TSSA-2024:0184)
The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2024:0184 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities...
RHEL 8 : frr (RHSA-2024:2981)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:2981 advisory. FRRouting is free software that manages TCP/IP based routing protocols. It supports BGP4, OSPFv2, OSPFv3, ISIS, RIP, RIPng, PIM, NHRP, PBR,...
Moderate: Red Hat Security Advisory: frr security update
An update for frr is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CV...
ALSA-2024:2981 Moderate: frr security update
FRRouting is free software that manages TCP/IP based routing protocols. It supports BGP4, OSPFv2, OSPFv3, ISIS, RIP, RIPng, PIM, NHRP, PBR, EIGRP and BFD. Security Fixes: frr: missing length check in bgpattrpsidsub can lead do DoS CVE-2023-31490 frr: processes invalid NLRIs if attribute length is...
CentOS 8 : frr (CESA-2024:2981)
The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2024:2981 advisory. - An issue found in Frrouting bgpd v.8.4.2 allows a remote attacker to cause a denial of service via the bgpattrpsidsub function. CVE-2023-31490 - An...
Oracle Linux 9 : frr (ELSA-2024-2156)
The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-2156 advisory. 8.5.3-4 - Resolves: RHEL-14825 - crafted BGP UPDATE message leading to a crash 8.5.3-3 - Resolves: RHEL-14822 - mishandled malformed data leading to a...
Moderate: Red Hat Security Advisory: frr security update
An update for frr is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CV...
RHEL 9 : frr (RHSA-2024:2156)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:2156 advisory. FRRouting is free software that manages TCP/IP based routing protocols. It supports BGP4, OSPFv2, OSPFv3, ISIS, RIP, RIPng, PIM, NHRP, PBR,...
Moderate: frr security update
FRRouting is free software that manages TCP/IP based routing protocols. It supports BGP4, OSPFv2, OSPFv3, ISIS, RIP, RIPng, PIM, NHRP, PBR, EIGRP and BFD. Security Fixes: frr: incorrect length check in bgpcapabilityllgr can lead do DoS CVE-2023-31489 frr: missing length check in bgpattrpsidsub ca...
openSUSE: Security Advisory for frr (SUSE-SU-2023:3709-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
openSUSE: Security Advisory for frr (SUSE-SU-2023:3762-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora: Security Advisory for frr (FEDORA-2023-ce436d56f8)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora 37 : frr (2023-ce436d56f8)
The remote Fedora 37 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-ce436d56f8 advisory. New version 8.5.3. Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not tested...
Ubuntu: Security Advisory (USN-6436-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Ubuntu 20.04 ESM / 22.04 LTS / 23.04 : FRR vulnerabilities (USN-6436-1)
The remote Ubuntu 20.04 ESM / 22.04 LTS / 23.04 host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-6436-1 advisory. It was discovered that the FRR did not properly check the attribute length in NRLI. A remote attacker could possibly use this issue t...
SUSE: Security Advisory (SUSE-SU-2023:3762-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE-SU-2023:3762-1 Security update for frr
This update for frr fixes the following issues: - CVE-2023-38802: Fixed bad length handling when processing BGP attributes. bsc1213284 - CVE-2023-41358: Fixed a possible crash when processing NLRIs with an attribute length of zero. bsc1214735 - CVE-2023-41909: Fixed NULL pointer dereference due t...
SUSE SLES15: frr / frr-devel / libfrr0 / libfrr_pb0 / libfrrcares0 / etc (SUSE-SU-2023:3709-1)
The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:3709-1 advisory. - CVE-2023-38802: Fixed bad length handling in BGP attribute handling bsc1213284. - CVE-2023-41358: Fixed crash in...
[SECURITY] [DLA 3573-1] frr security update
Debian LTS Advisory DLA-3573-1 [email protected] https://www.debian.org/lts/security/ Markus Koschany September 19, 2023 https://wiki.debian.org/LTS Package : frr Version : 7.5.1-1.1+deb10u1 CVE ID : CVE-2022-36440 CVE-2022-40302 CVE-2022-40318 CVE-2022-43681 CVE-2023-31490 CVE-2023-388...
SUSE CVE-2023-41909
An issue was discovered in FRRouting FRR through 9.0. bgpnlriparseflowspec in bgpd/bgpflowspec.c processes malformed requests with no attributes, leading to a NULL pointer dereference...