Alibaba Cloud Linux 3 : 0120: frr (ALINUX3-SA-2023:0120)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by a vulnerability as referenced in the ALINUX3-SA-2023:0120 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2023-38802: FRRouting FRR 7.5.1 through 9.0 and...

CentOS 8 : frr (CESA-2023:5219)

The remote CentOS Linux 8 host has packages installed that are affected by a vulnerability as referenced in the CESA-2023:5219 advisory. - FRRouting FRR 7.5.1 through 9.0 and Pica8 PICOS 4.3.3.2 allow a remote attacker to cause a denial of service via a crafted BGP update with a corrupted attribu...

Fedora 39 : frr (2023-514db5339e)

The remote Fedora 39 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-514db5339e advisory. New version 8.5.3. Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not tested...

Fedora 37 : frr (2023-ce436d56f8)

The remote Fedora 37 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-ce436d56f8 advisory. New version 8.5.3. Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not tested...

SUSE SLES15: libfpm_pb0 / libospf0 / libospfapiclient0 / libquagga_pb0 / etc (SUSE-SU-2023:3836-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:3836-1 advisory. - CVE-2023-38802: Fixed bad length handling in BGP attribute handling bsc1213284. - CVE-2023-41358: Fixed possible crash when...

SUSE SLES15: libfpm_pb0 / libospf0 / libospfapiclient0 / libquagga_pb0 / etc (SUSE-SU-2023:3839-1)

The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:3839-1 advisory. - CVE-2023-38802: Fixed bad length handling in BGP attribute handling bsc1213284. - CVE-2023-41358: Fixed possible...

SUSE SLES12: libospf0 / libospfapiclient0 / libquagga_pb0 / libzebra1 / quagga / etc (SUSE-SU-2023:3793-1)

The remote SUSE Linux SLES12 / SLESSAP12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:3793-1 advisory. - CVE-2023-38802: Fixed bad length handling in BGP attribute handling bsc1213284. - CVE-2023-41358: Fixed possible crash when...

SUSE SLES15: frr / frr-devel / libfrr0 / libfrr_pb0 / libfrrcares0 / etc (SUSE-SU-2023:3762-1)

The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:3762-1 advisory. - CVE-2023-38802: Fixed bad length handling when processing BGP attributes. bsc1213284 - CVE-2023-41358: Fixed a...

AlmaLinux 9 : frr (ALSA-2023:5194)

The remote AlmaLinux 9 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2023:5194 advisory. - FRRouting FRR 7.5.1 through 9.0 and Pica8 PICOS 4.3.3.2 allow a remote attacker to cause a denial of service via a crafted BGP update with a corrupted attribute ...

AlmaLinux 8 : frr (ALSA-2023:5219)

The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2023:5219 advisory. - FRRouting FRR 7.5.1 through 9.0 and Pica8 PICOS 4.3.3.2 allow a remote attacker to cause a denial of service via a crafted BGP update with a corrupted attribute ...

Oracle Linux 8 : frr (ELSA-2023-5219)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2023-5219 advisory. 7.5.1-7.0.1.2 - Fix BFD crash in FRR running in MetalLB BZ2231829 - Fix for CVE-2023-38802 Tenable has extracted the preceding description block directly from t...

CVE-2023-38802

FRRouting FRR 7.5.1 through 9.0 and Pica8 PICOS 4.3.3.2 allow a remote attacker to cause a denial of service via a crafted BGP update with a corrupted attribute 23 Tunnel Encapsulation...

CVE-2023-38802

FRRouting FRR 7.5.1 through 9.0 and Pica8 PICOS 4.3.3.2 allow a remote attacker to cause a denial of service via a crafted BGP update with a corrupted attribute 23 Tunnel Encapsulation...

CVE-2023-38802

FRRouting FRR 7.5.1 through 9.0 and Pica8 PICOS 4.3.3.2 allow a remote attacker to cause a denial of service via a crafted BGP update with a corrupted attribute 23 Tunnel Encapsulation...

Code injection

FRRouting FRR 7.5.1 through 9.0 and Pica8 PICOS 4.3.3.2 allow a remote attacker to cause a denial of service via a crafted BGP update with a corrupted attribute 23 Tunnel Encapsulation...

CVE-2023-38802

CVE-2023-38802 affects FRRouting FRR 7.5.1–9.0 and Pica8 PICOS 4.3.3.2. A remote attacker can cause a denial of service by sending a crafted BGP update with a corrupted attribute 23 (Tunnel Encapsulation). Underlying cause is improper handling in BGP UPDATE processing. Impact is DoS; CVSS v3.1 ba...

CVE-2023-38802

FRRouting FRR 7.5.1 through 9.0 and Pica8 PICOS 4.3.3.2 allow a remote attacker to cause a denial of service via a crafted BGP update with a corrupted attribute 23 Tunnel Encapsulation...

CVE-2023-38802

FRRouting FRR 7.5.1 through 9.0 and Pica8 PICOS 4.3.3.2 allow a remote attacker to cause a denial of service via a crafted BGP update with a corrupted attribute 23 Tunnel Encapsulation...

CVE-2023-38802

FRRouting FRR 7.5.1 through 9.0 and Pica8 PICOS 4.3.3.2 allow a remote attacker to cause a denial of service via a crafted BGP update with a corrupted attribute 23 Tunnel Encapsulation...