RockyLinux 8 : frr (RLSA-2026:24340)

The remote RockyLinux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2026:24340 advisory. frr: denial of service via crafted FlowSpec component CVE-2026-37457 Tenable has extracted the preceding description block directly from the RockyLinux security...

RockyLinux 10 : frr (RLSA-2026:24347)

The remote RockyLinux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:24347 advisory. frr: denial of service via crafted FlowSpec component CVE-2026-37457 frr: denial of service via crafted BGP UPDATE message CVE-2026-37459 Tenable has...

MiracleLinux 8 : frr-7.5.1-24.el8_10 (AXSA:2026-771:01)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2026-771:01 advisory. frr: denial of service via crafted FlowSpec component CVE-2026-37457 Tenable has extracted the preceding description block directly from the MiracleLinux...

AlmaLinux 8 : frr (ALSA-2026:24340)

The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2026:24340 advisory. frr: denial of service via crafted FlowSpec component CVE-2026-37457 Tenable has extracted the preceding description block directly from the AlmaLinux security...

CVE-2025-61100 affecting package frr for versions less than 8.5.5-5

CVE-2025-61100 affecting package frr for versions less than 8.5.5-5. A patched version of the package is available...

MiracleLinux 8 : frr-7.0-10.el8 (AXSA:2021-1317:01)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2021-1317:01 advisory. frr: default permission issue eases information leaks CVE-2020-12831 Tenable has extracted the preceding description block directly from the MiracleLinux...

MiracleLinux 8 : frr-7.5.1-7.el8 (AXSA:2023-5825:03)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2023-5825:03 advisory. frr: out-of-bounds read in the BGP daemon may lead to information disclosure or denial of service CVE-2022-37032 Tenable has extracted the preceding...

TencentOS Server 4: frr (TSSA-2025:0329)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2025:0329 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities:...

SUSE SLES15 / openSUSE 15 Security Update : frr (SUSE-SU-2025:03453-1)

The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2025:03453-1 advisory. - CVE-2024-55553: excessive resource consumption may lead to denial of service due to repeated RIB revalidation when processi...

CBL Mariner 2.0 Security Update: frr (CVE-2024-55553)

The version of frr installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-55553 advisory. - In FRRouting FRR before 10.3 from 6.0 onward, all routes are re-validated if the total size of an update receiv...

CBL Mariner 2.0 Security Update: frr (CVE-2024-34088)

The version of frr installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-34088 advisory. - In FRRouting FRR through 9.1, it is possible for the getedge function in ospfte.c in the OSPF daemon to return ...

CBL Mariner 2.0 Security Update: frr (CVE-2023-41360)

The version of frr installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2023-41360 advisory. - An issue was discovered in FRRouting FRR through 9.0. bgpd/bgppacket.c can read the initial byte of the ORF...

Ubuntu 22.04 LTS / 23.04 : FRR vulnerability (USN-6323-1)

The remote Ubuntu 22.04 LTS / 23.04 host has packages installed that are affected by a vulnerability as referenced in the USN-6323-1 advisory. Ben Cartwright-Cox discovered that FRR did not handle RFC 7606 attributes properly. A remote attacker could possibly use this to cause denial of service...

Buffer Overflow

frr is vulnerable to buffer overflow. The vulnerability exists due to a missing a check on the input packet length in the babelpacketexamin function in babeld/message.c...

Oracle Linux 8 : frr (ELSA-2020-4619)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2020-4619 advisory. 7.0-10 - Resolves: 1867793 - FRR does not conform to the source port range specified in RFC5881 7.0-9 - Resolves: 1852476 - default permission issue eases...