rpm package
suse/quagga&distro=SUSE Linux Enterprise Server 15 SP1-LTSS
pkg:rpm/suse/quagga&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP1-LTSS
Vulnerabilities (2)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2023-41358 | — | < 1.1.1-150000.4.3.1 | 1.1.1-150000.4.3.1 | Aug 29, 2023 | An issue was discovered in FRRouting FRR through 9.0. bgpd/bgp_packet.c processes NLRIs if the attribute length is zero. | ||
| CVE-2023-38802 | — | < 1.1.1-150000.4.3.1 | 1.1.1-150000.4.3.1 | Aug 29, 2023 | FRRouting FRR 7.5.1 through 9.0 and Pica8 PICOS 4.3.3.2 allow a remote attacker to cause a denial of service via a crafted BGP update with a corrupted attribute 23 (Tunnel Encapsulation). |
- CVE-2023-41358Aug 29, 2023affected < 1.1.1-150000.4.3.1fixed 1.1.1-150000.4.3.1
An issue was discovered in FRRouting FRR through 9.0. bgpd/bgp_packet.c processes NLRIs if the attribute length is zero.
- CVE-2023-38802Aug 29, 2023affected < 1.1.1-150000.4.3.1fixed 1.1.1-150000.4.3.1
FRRouting FRR 7.5.1 through 9.0 and Pica8 PICOS 4.3.3.2 allow a remote attacker to cause a denial of service via a crafted BGP update with a corrupted attribute 23 (Tunnel Encapsulation).