ELSA-2023-6434

Опубликовано: 11 нояб. 2023

Источник: oracle-oval

Платформа: Oracle Linux 9

Описание

ELSA-2023-6434: frr security and bug fix update (MODERATE)

[8.3.1-11]

Resolves: RHEL-2263 - bgpd: Do not explicitly print MAXTTL value for ebgp-multihop vty output

[8.3.1-10]

Related: #2216912 - adding sys_admin to capabilities

[8.3.1-9]

Resolves: #2215346 - frr policy does not allow the execution of /usr/sbin/ipsec

[8.3.1-8]

Resolves: #2216912 - SELinux is preventing FRR-Zebra to access to network namespaces

[8.3.1-7]

Resolves: #2168855 - BFD not working through VRF

[8.3.1-6]

Resolves: #2184870 - Reachable assertion in peek_for_as4_capability function
Resolves: #2196795 - denial of service by crafting a BGP OPEN message with an option of type 0xff
Resolves: #2196796 - denial of service by crafting a BGP OPEN message with an option of type 0xff
Resolves: #2196794 - out-of-bounds read exists in the BGP daemon of FRRouting

Обновленные пакеты

Oracle Linux 9

Oracle Linux aarch64

frr

8.3.1-11.el9_3

frr-selinux

8.3.1-11.el9_3

Oracle Linux x86_64

frr

8.3.1-11.el9_3

frr-selinux

8.3.1-11.el9_3

Связанные CVE

Ссылки на источники

Связанные уязвимости

ROS-20240403-09

CVSS3: 7.5

redos

около 1 года назад

Множественные уязвимости frr

CVE-2022-40302

CVSS3: 6.5

ubuntu

около 2 лет назад

An issue was discovered in bgpd in FRRouting (FRR) through 8.4. By crafting a BGP OPEN message with an option of type 0xff (Extended Length from RFC 9072), attackers may cause a denial of service (assertion failure and daemon restart, or out-of-bounds read). This is possible because of inconsistent boundary checks that do not account for reading 3 bytes (instead of 2) in this 0xff case.

CVE-2022-40302

CVSS3: 6.5

redhat

около 2 лет назад

CVE-2022-40302

CVSS3: 6.5

nvd

около 2 лет назад

CVE-2022-40302

CVSS3: 6.5

debian

около 2 лет назад

An issue was discovered in bgpd in FRRouting (FRR) through 8.4. By cra ...