rpm package
opensuse/frr&distro=openSUSE Leap 15.3
pkg:rpm/opensuse/frr&distro=openSUSE%20Leap%2015.3
Vulnerabilities (7)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2022-37032 | — | < 7.4-150300.4.7.1 | 7.4-150300.4.7.1 | Sep 19, 2022 | An out-of-bounds read in the BGP daemon of FRRouting FRR before 8.4 may lead to a segmentation fault and denial of service. This occurs in bgp_capability_msg_parse in bgpd/bgp_packet.c. | ||
| CVE-2022-37035 | — | < 7.4-150300.4.10.1 | 7.4-150300.4.10.1 | Aug 2, 2022 | An issue was discovered in bgpd in FRRouting (FRR) 8.3. In bgp_notify_send_with_data() and bgp_process_packet() in bgp_packet.c, there is a possible use-after-free due to a race condition. This could lead to Remote Code Execution or Information Disclosure by sending crafted BGP p | ||
| CVE-2022-26129 | — | < 7.4-150300.4.3.1 | 7.4-150300.4.3.1 | Mar 3, 2022 | Buffer overflow vulnerabilities exist in FRRouting through 8.1.0 due to wrong checks on the subtlv length in the functions, parse_hello_subtlv, parse_ihu_subtlv, and parse_update_subtlv in babeld/message.c. | ||
| CVE-2022-26128 | — | < 7.4-150300.4.3.1 | 7.4-150300.4.3.1 | Mar 3, 2022 | A buffer overflow vulnerability exists in FRRouting through 8.1.0 due to a wrong check on the input packet length in the babel_packet_examin function in babeld/message.c. | ||
| CVE-2022-26127 | — | < 7.4-150300.4.3.1 | 7.4-150300.4.3.1 | Mar 3, 2022 | A buffer overflow vulnerability exists in FRRouting through 8.1.0 due to missing a check on the input packet length in the babel_packet_examin function in babeld/message.c. | ||
| CVE-2022-26126 | — | < 7.4-150300.4.3.1 | 7.4-150300.4.3.1 | Mar 3, 2022 | Buffer overflow vulnerabilities exist in FRRouting through 8.1.0 due to the use of strdup with a non-zero-terminated binary string in isis_nb_notifications.c. | ||
| CVE-2022-26125 | — | < 7.4-150300.4.3.1 | 7.4-150300.4.3.1 | Mar 3, 2022 | Buffer overflow vulnerabilities exist in FRRouting through 8.1.0 due to wrong checks on the input packet length in isisd/isis_tlvs.c. |
- CVE-2022-37032Sep 19, 2022affected < 7.4-150300.4.7.1fixed 7.4-150300.4.7.1
An out-of-bounds read in the BGP daemon of FRRouting FRR before 8.4 may lead to a segmentation fault and denial of service. This occurs in bgp_capability_msg_parse in bgpd/bgp_packet.c.
- CVE-2022-37035Aug 2, 2022affected < 7.4-150300.4.10.1fixed 7.4-150300.4.10.1
An issue was discovered in bgpd in FRRouting (FRR) 8.3. In bgp_notify_send_with_data() and bgp_process_packet() in bgp_packet.c, there is a possible use-after-free due to a race condition. This could lead to Remote Code Execution or Information Disclosure by sending crafted BGP p
- CVE-2022-26129Mar 3, 2022affected < 7.4-150300.4.3.1fixed 7.4-150300.4.3.1
Buffer overflow vulnerabilities exist in FRRouting through 8.1.0 due to wrong checks on the subtlv length in the functions, parse_hello_subtlv, parse_ihu_subtlv, and parse_update_subtlv in babeld/message.c.
- CVE-2022-26128Mar 3, 2022affected < 7.4-150300.4.3.1fixed 7.4-150300.4.3.1
A buffer overflow vulnerability exists in FRRouting through 8.1.0 due to a wrong check on the input packet length in the babel_packet_examin function in babeld/message.c.
- CVE-2022-26127Mar 3, 2022affected < 7.4-150300.4.3.1fixed 7.4-150300.4.3.1
A buffer overflow vulnerability exists in FRRouting through 8.1.0 due to missing a check on the input packet length in the babel_packet_examin function in babeld/message.c.
- CVE-2022-26126Mar 3, 2022affected < 7.4-150300.4.3.1fixed 7.4-150300.4.3.1
Buffer overflow vulnerabilities exist in FRRouting through 8.1.0 due to the use of strdup with a non-zero-terminated binary string in isis_nb_notifications.c.
- CVE-2022-26125Mar 3, 2022affected < 7.4-150300.4.3.1fixed 7.4-150300.4.3.1
Buffer overflow vulnerabilities exist in FRRouting through 8.1.0 due to wrong checks on the input packet length in isisd/isis_tlvs.c.