rpm package
suse/quagga&distro=SUSE Linux Enterprise Module for Server Applications 15 SP4
pkg:rpm/suse/quagga&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Server%20Applications%2015%20SP4
Vulnerabilities (2)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2023-41358 | — | < 1.1.1-150400.12.5.1 | 1.1.1-150400.12.5.1 | Aug 29, 2023 | An issue was discovered in FRRouting FRR through 9.0. bgpd/bgp_packet.c processes NLRIs if the attribute length is zero. | ||
| CVE-2023-38802 | — | < 1.1.1-150400.12.5.1 | 1.1.1-150400.12.5.1 | Aug 29, 2023 | FRRouting FRR 7.5.1 through 9.0 and Pica8 PICOS 4.3.3.2 allow a remote attacker to cause a denial of service via a crafted BGP update with a corrupted attribute 23 (Tunnel Encapsulation). |
- CVE-2023-41358Aug 29, 2023affected < 1.1.1-150400.12.5.1fixed 1.1.1-150400.12.5.1
An issue was discovered in FRRouting FRR through 9.0. bgpd/bgp_packet.c processes NLRIs if the attribute length is zero.
- CVE-2023-38802Aug 29, 2023affected < 1.1.1-150400.12.5.1fixed 1.1.1-150400.12.5.1
FRRouting FRR 7.5.1 through 9.0 and Pica8 PICOS 4.3.3.2 allow a remote attacker to cause a denial of service via a crafted BGP update with a corrupted attribute 23 (Tunnel Encapsulation).