rpm package
suse/frr&distro=SUSE Linux Enterprise Module for Server Applications 15 SP4
pkg:rpm/suse/frr&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Server%20Applications%2015%20SP4
Vulnerabilities (7)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2023-46753 | Med | 5.9 | < 7.4-150300.4.20.1 | 7.4-150300.4.20.1 | Oct 26, 2023 | An issue was discovered in FRRouting FRR through 9.0.1. A crash can occur for a crafted BGP UPDATE message without mandatory attributes, e.g., one with only an unknown transit attribute. | |
| CVE-2023-46752 | Med | 5.9 | < 7.4-150300.4.20.1 | 7.4-150300.4.20.1 | Oct 26, 2023 | An issue was discovered in FRRouting FRR through 9.0.1. It mishandles malformed MP_REACH_NLRI data, leading to a crash. | |
| CVE-2023-41909 | Hig | 7.5 | < 7.4-150300.4.17.1 | 7.4-150300.4.17.1 | Sep 5, 2023 | An issue was discovered in FRRouting FRR through 9.0. bgp_nlri_parse_flowspec in bgpd/bgp_flowspec.c processes malformed requests with no attributes, leading to a NULL pointer dereference. | |
| CVE-2023-38802 | Hig | 7.5 | < 7.4-150300.4.17.1 | 7.4-150300.4.17.1 | Aug 29, 2023 | FRRouting FRR 7.5.1 through 9.0 and Pica8 PICOS 4.3.3.2 allow a remote attacker to cause a denial of service via a crafted BGP update with a corrupted attribute 23 (Tunnel Encapsulation). | |
| CVE-2023-41358 | Hig | 7.5 | < 7.4-150300.4.17.1 | 7.4-150300.4.17.1 | Aug 29, 2023 | An issue was discovered in FRRouting FRR through 9.0. bgpd/bgp_packet.c processes NLRIs if the attribute length is zero. | |
| CVE-2022-37032 | Cri | 9.1 | < 7.4-150300.4.7.1 | 7.4-150300.4.7.1 | Sep 19, 2022 | An out-of-bounds read in the BGP daemon of FRRouting FRR before 8.4 may lead to a segmentation fault and denial of service. This occurs in bgp_capability_msg_parse in bgpd/bgp_packet.c. | |
| CVE-2022-37035 | Hig | 8.1 | < 7.4-150300.4.10.1 | 7.4-150300.4.10.1 | Aug 2, 2022 | An issue was discovered in bgpd in FRRouting (FRR) 8.3. In bgp_notify_send_with_data() and bgp_process_packet() in bgp_packet.c, there is a possible use-after-free due to a race condition. This could lead to Remote Code Execution or Information Disclosure by sending crafted BGP p |
- affected < 7.4-150300.4.20.1fixed 7.4-150300.4.20.1
An issue was discovered in FRRouting FRR through 9.0.1. A crash can occur for a crafted BGP UPDATE message without mandatory attributes, e.g., one with only an unknown transit attribute.
- affected < 7.4-150300.4.20.1fixed 7.4-150300.4.20.1
An issue was discovered in FRRouting FRR through 9.0.1. It mishandles malformed MP_REACH_NLRI data, leading to a crash.
- affected < 7.4-150300.4.17.1fixed 7.4-150300.4.17.1
An issue was discovered in FRRouting FRR through 9.0. bgp_nlri_parse_flowspec in bgpd/bgp_flowspec.c processes malformed requests with no attributes, leading to a NULL pointer dereference.
- affected < 7.4-150300.4.17.1fixed 7.4-150300.4.17.1
FRRouting FRR 7.5.1 through 9.0 and Pica8 PICOS 4.3.3.2 allow a remote attacker to cause a denial of service via a crafted BGP update with a corrupted attribute 23 (Tunnel Encapsulation).
- affected < 7.4-150300.4.17.1fixed 7.4-150300.4.17.1
An issue was discovered in FRRouting FRR through 9.0. bgpd/bgp_packet.c processes NLRIs if the attribute length is zero.
- affected < 7.4-150300.4.7.1fixed 7.4-150300.4.7.1
An out-of-bounds read in the BGP daemon of FRRouting FRR before 8.4 may lead to a segmentation fault and denial of service. This occurs in bgp_capability_msg_parse in bgpd/bgp_packet.c.
- affected < 7.4-150300.4.10.1fixed 7.4-150300.4.10.1
An issue was discovered in bgpd in FRRouting (FRR) 8.3. In bgp_notify_send_with_data() and bgp_process_packet() in bgp_packet.c, there is a possible use-after-free due to a race condition. This could lead to Remote Code Execution or Information Disclosure by sending crafted BGP p