VYPR

rpm package

suse/frr&distro=SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS

pkg:rpm/suse/frr&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP5-ESPOS

Vulnerabilities (4)

  • CVE-2026-37458MedMay 4, 2026
    affected < 8.5.7-150500.4.43.1fixed 8.5.7-150500.4.43.1

    Missing input validation in the MP_REACH_NLRI component of FRRouting (FRR) stable/10.0 to stable/10.6 allows authenticated attackers to cause a Denial of Service (DoS) via supplying a crafted UPDATE message.

  • CVE-2026-37457HigMay 1, 2026
    affected < 8.5.7-150500.4.43.1fixed 8.5.7-150500.4.43.1

    An off-by-one out-of-bounds write vulnerability in the bgp_flowspec_op_decode() function (bgpd/bgp_flowspec_util.c) of FRRouting (FRR) stable/10.0 allows attackers to cause a Denial of Service (DoS) via supplying a crafted FlowSpec component.

  • CVE-2026-28532MedApr 30, 2026
    affected < 8.5.7-150500.4.43.1fixed 8.5.7-150500.4.43.1

    FRRouting before 10.5.3 contains an integer overflow vulnerability in seven OSPF Traffic Engineering and Segment Routing TLV parser functions where a uint16_t accumulator variable truncates uint32_t values returned by the TLV_SIZE() macro, causing the loop termination condition t

  • CVE-2026-5107MedMar 30, 2026
    affected < 8.5.7-150500.4.43.1fixed 8.5.7-150500.4.43.1

    A vulnerability has been found in FRRouting FRR up to 10.5.1. This affects the function process_type2_route of the file bgpd/bgp_evpn.c of the component EVPN Type-2 Route Handler. The manipulation leads to improper access controls. The attack can be initiated remotely. The attack