SUSE-SU-2023:2518-1

Опубликовано: 15 июн. 2023

Источник: suse-cvrf

Описание

Security update for frr

This update for frr fixes the following issues:

CVE-2023-31489: Fixed a remote denial of service via a malformed BGP packet (bsc#1211248).
CVE-2023-31490: Fixed a remote denial of service via a malformed BGP packet (bsc#1211249).

Список пакетов

SUSE Linux Enterprise Module for Server Applications 15 SP5

frr-8.4-150500.4.3.1

frr-devel-8.4-150500.4.3.1

libfrr0-8.4-150500.4.3.1

libfrr_pb0-8.4-150500.4.3.1

libfrrcares0-8.4-150500.4.3.1

libfrrfpm_pb0-8.4-150500.4.3.1

libfrrospfapiclient0-8.4-150500.4.3.1

libfrrsnmp0-8.4-150500.4.3.1

libfrrzmq0-8.4-150500.4.3.1

libmlag_pb0-8.4-150500.4.3.1

openSUSE Leap 15.5

frr-8.4-150500.4.3.1

frr-devel-8.4-150500.4.3.1

libfrr0-8.4-150500.4.3.1

libfrr_pb0-8.4-150500.4.3.1

libfrrcares0-8.4-150500.4.3.1

libfrrfpm_pb0-8.4-150500.4.3.1

libfrrospfapiclient0-8.4-150500.4.3.1

libfrrsnmp0-8.4-150500.4.3.1

libfrrzmq0-8.4-150500.4.3.1

libmlag_pb0-8.4-150500.4.3.1

Ссылки

https://www.suse.com/support/update/announcement/2023/suse-su-20232518-1/
Link for SUSE-SU-2023:2518-1
https://lists.suse.com/pipermail/sle-security-updates/2023-June/015208.html
E-Mail link for SUSE-SU-2023:2518-1
https://www.suse.com/support/security/rating/
SUSE Security Ratings
https://bugzilla.suse.com/1211248
SUSE Bug 1211248
https://bugzilla.suse.com/1211249
SUSE Bug 1211249
https://www.suse.com/security/cve/CVE-2023-31489/
SUSE CVE CVE-2023-31489 page
https://www.suse.com/security/cve/CVE-2023-31490/
SUSE CVE CVE-2023-31490 page

Описание

An issue found in Frrouting bgpd v.8.4.2 allows a remote attacker to cause a denial of service via the bgp_capability_llgr() function.

Затронутые продукты

SUSE Linux Enterprise Module for Server Applications 15 SP5:frr-8.4-150500.4.3.1

SUSE Linux Enterprise Module for Server Applications 15 SP5:frr-devel-8.4-150500.4.3.1

SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrr0-8.4-150500.4.3.1

SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrr_pb0-8.4-150500.4.3.1

Ссылки

https://www.suse.com/security/cve/CVE-2023-31489.html
CVE-2023-31489
https://bugzilla.suse.com/1211248
SUSE Bug 1211248

Описание

An issue found in Frrouting bgpd v.8.4.2 allows a remote attacker to cause a denial of service via the bgp_attr_psid_sub() function.

Затронутые продукты

SUSE Linux Enterprise Module for Server Applications 15 SP5:frr-8.4-150500.4.3.1

SUSE Linux Enterprise Module for Server Applications 15 SP5:frr-devel-8.4-150500.4.3.1

SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrr0-8.4-150500.4.3.1

SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrr_pb0-8.4-150500.4.3.1

Ссылки

https://www.suse.com/security/cve/CVE-2023-31490.html
CVE-2023-31490
https://bugzilla.suse.com/1211249
SUSE Bug 1211249

SUSE-SU-2023:2518-1

Описание

Список пакетов

SUSE Linux Enterprise Module for Server Applications 15 SP5

openSUSE Leap 15.5

Ссылки

Уязвимость: CVE-2023-31489

Описание

Затронутые продукты

Ссылки

Уязвимость: CVE-2023-31490

Описание

Затронутые продукты

Ссылки