rpm package
suse/frr&distro=SUSE Linux Enterprise Server 15 SP3-LTSS
pkg:rpm/suse/frr&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP3-LTSS
Vulnerabilities (10)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2024-44070 | — | < 7.4-150300.4.29.1 | 7.4-150300.4.29.1 | Aug 19, 2024 | An issue was discovered in FRRouting (FRR) through 10.1. bgp_attr_encap in bgpd/bgp_attr.c does not check the actual remaining stream length before taking the TLV value. | ||
| CVE-2024-31948 | — | < 7.4-150300.4.23.1 | 7.4-150300.4.23.1 | Apr 7, 2024 | In FRRouting (FRR) through 9.1, an attacker using a malformed Prefix SID attribute in a BGP UPDATE packet can cause the bgpd daemon to crash. | ||
| CVE-2023-38407 | — | < 7.4-150300.4.26.1 | 7.4-150300.4.26.1 | Nov 6, 2023 | bgpd/bgp_label.c in FRRouting (FRR) before 8.5 attempts to read beyond the end of the stream during labeled unicast parsing. | ||
| CVE-2023-38406 | — | < 7.4-150300.4.26.1 | 7.4-150300.4.26.1 | Nov 6, 2023 | bgpd/bgp_flowspec.c in FRRouting (FRR) before 8.4.3 mishandles an nlri length of zero, aka a "flowspec overflow." | ||
| CVE-2023-47235 | — | < 7.4-150300.4.26.1 | 7.4-150300.4.26.1 | Nov 3, 2023 | An issue was discovered in FRRouting FRR through 9.0.1. A crash can occur when a malformed BGP UPDATE message with an EOR is processed, because the presence of EOR does not lead to a treat-as-withdraw outcome. | ||
| CVE-2023-47234 | — | < 7.4-150300.4.26.1 | 7.4-150300.4.26.1 | Nov 3, 2023 | An issue was discovered in FRRouting FRR through 9.0.1. A crash can occur when processing a crafted BGP UPDATE message with a MP_UNREACH_NLRI attribute and additional NLRI data (that lacks mandatory path attributes). | ||
| CVE-2023-41909 | — | < 7.4-150300.4.17.1 | 7.4-150300.4.17.1 | Sep 5, 2023 | An issue was discovered in FRRouting FRR through 9.0. bgp_nlri_parse_flowspec in bgpd/bgp_flowspec.c processes malformed requests with no attributes, leading to a NULL pointer dereference. | ||
| CVE-2023-41358 | — | < 7.4-150300.4.17.1 | 7.4-150300.4.17.1 | Aug 29, 2023 | An issue was discovered in FRRouting FRR through 9.0. bgpd/bgp_packet.c processes NLRIs if the attribute length is zero. | ||
| CVE-2023-38802 | — | < 7.4-150300.4.17.1 | 7.4-150300.4.17.1 | Aug 29, 2023 | FRRouting FRR 7.5.1 through 9.0 and Pica8 PICOS 4.3.3.2 allow a remote attacker to cause a denial of service via a crafted BGP update with a corrupted attribute 23 (Tunnel Encapsulation). | ||
| CVE-2017-15865 | Hig | 7.5 | < 7.4-150300.4.32.1 | 7.4-150300.4.32.1 | Nov 8, 2017 | bgpd in FRRouting (FRR) before 2.0.2 and 3.x before 3.0.2, as used in Cumulus Linux before 3.4.3 and other products, allows remote attackers to obtain sensitive information via a malformed BGP UPDATE packet from a connected peer, which triggers transmission of up to a few thousan |
- CVE-2024-44070Aug 19, 2024affected < 7.4-150300.4.29.1fixed 7.4-150300.4.29.1
An issue was discovered in FRRouting (FRR) through 10.1. bgp_attr_encap in bgpd/bgp_attr.c does not check the actual remaining stream length before taking the TLV value.
- CVE-2024-31948Apr 7, 2024affected < 7.4-150300.4.23.1fixed 7.4-150300.4.23.1
In FRRouting (FRR) through 9.1, an attacker using a malformed Prefix SID attribute in a BGP UPDATE packet can cause the bgpd daemon to crash.
- CVE-2023-38407Nov 6, 2023affected < 7.4-150300.4.26.1fixed 7.4-150300.4.26.1
bgpd/bgp_label.c in FRRouting (FRR) before 8.5 attempts to read beyond the end of the stream during labeled unicast parsing.
- CVE-2023-38406Nov 6, 2023affected < 7.4-150300.4.26.1fixed 7.4-150300.4.26.1
bgpd/bgp_flowspec.c in FRRouting (FRR) before 8.4.3 mishandles an nlri length of zero, aka a "flowspec overflow."
- CVE-2023-47235Nov 3, 2023affected < 7.4-150300.4.26.1fixed 7.4-150300.4.26.1
An issue was discovered in FRRouting FRR through 9.0.1. A crash can occur when a malformed BGP UPDATE message with an EOR is processed, because the presence of EOR does not lead to a treat-as-withdraw outcome.
- CVE-2023-47234Nov 3, 2023affected < 7.4-150300.4.26.1fixed 7.4-150300.4.26.1
An issue was discovered in FRRouting FRR through 9.0.1. A crash can occur when processing a crafted BGP UPDATE message with a MP_UNREACH_NLRI attribute and additional NLRI data (that lacks mandatory path attributes).
- CVE-2023-41909Sep 5, 2023affected < 7.4-150300.4.17.1fixed 7.4-150300.4.17.1
An issue was discovered in FRRouting FRR through 9.0. bgp_nlri_parse_flowspec in bgpd/bgp_flowspec.c processes malformed requests with no attributes, leading to a NULL pointer dereference.
- CVE-2023-41358Aug 29, 2023affected < 7.4-150300.4.17.1fixed 7.4-150300.4.17.1
An issue was discovered in FRRouting FRR through 9.0. bgpd/bgp_packet.c processes NLRIs if the attribute length is zero.
- CVE-2023-38802Aug 29, 2023affected < 7.4-150300.4.17.1fixed 7.4-150300.4.17.1
FRRouting FRR 7.5.1 through 9.0 and Pica8 PICOS 4.3.3.2 allow a remote attacker to cause a denial of service via a crafted BGP update with a corrupted attribute 23 (Tunnel Encapsulation).
- affected < 7.4-150300.4.32.1fixed 7.4-150300.4.32.1
bgpd in FRRouting (FRR) before 2.0.2 and 3.x before 3.0.2, as used in Cumulus Linux before 3.4.3 and other products, allows remote attackers to obtain sensitive information via a malformed BGP UPDATE packet from a connected peer, which triggers transmission of up to a few thousan