Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

suse-cvrf логотип

SUSE-SU-2023:3709-1

Опубликовано: 20 сент. 2023
Источник: suse-cvrf

Описание

Security update for frr

This update for frr fixes the following issues:

  • CVE-2023-38802: Fixed bad length handling in BGP attribute handling (bsc#1213284).
  • CVE-2023-41358: Fixed crash in bgpd/bgp_packet.c (bsc#1214735).
  • CVE-2023-41360: Fixed out-of-bounds read in bgpd/bgp_packet.c (bsc#1214739).
  • CVE-2023-3748: Fixed inifinite loop in babld message parsing may cause DoS (bsc#1213434).
  • CVE-2023-41909: Fixed NULL pointer dereference due to processing in bgp_nlri_parse_flowspec (bsc#1215065).

Список пакетов

SUSE Linux Enterprise Module for Server Applications 15 SP5
frr-8.4-150500.4.8.1
frr-devel-8.4-150500.4.8.1
libfrr0-8.4-150500.4.8.1
libfrr_pb0-8.4-150500.4.8.1
libfrrcares0-8.4-150500.4.8.1
libfrrfpm_pb0-8.4-150500.4.8.1
libfrrospfapiclient0-8.4-150500.4.8.1
libfrrsnmp0-8.4-150500.4.8.1
libfrrzmq0-8.4-150500.4.8.1
libmlag_pb0-8.4-150500.4.8.1
openSUSE Leap 15.5
frr-8.4-150500.4.8.1
frr-devel-8.4-150500.4.8.1
libfrr0-8.4-150500.4.8.1
libfrr_pb0-8.4-150500.4.8.1
libfrrcares0-8.4-150500.4.8.1
libfrrfpm_pb0-8.4-150500.4.8.1
libfrrospfapiclient0-8.4-150500.4.8.1
libfrrsnmp0-8.4-150500.4.8.1
libfrrzmq0-8.4-150500.4.8.1
libmlag_pb0-8.4-150500.4.8.1

Ссылки

Описание

A flaw was found in FRRouting when parsing certain babeld unicast hello messages that are intended to be ignored. This issue may allow an attacker to send specially crafted hello messages with the unicast flag set, the interval field set to 0, or any TLV that contains a sub-TLV with the Mandatory flag set to enter an infinite loop and cause a denial of service.

Затронутые продукты
SUSE Linux Enterprise Module for Server Applications 15 SP5:frr-8.4-150500.4.8.1
SUSE Linux Enterprise Module for Server Applications 15 SP5:frr-devel-8.4-150500.4.8.1
SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrr0-8.4-150500.4.8.1
SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrr_pb0-8.4-150500.4.8.1
Ссылки

Описание

FRRouting FRR 7.5.1 through 9.0 and Pica8 PICOS 4.3.3.2 allow a remote attacker to cause a denial of service via a crafted BGP update with a corrupted attribute 23 (Tunnel Encapsulation).

Затронутые продукты
SUSE Linux Enterprise Module for Server Applications 15 SP5:frr-8.4-150500.4.8.1
SUSE Linux Enterprise Module for Server Applications 15 SP5:frr-devel-8.4-150500.4.8.1
SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrr0-8.4-150500.4.8.1
SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrr_pb0-8.4-150500.4.8.1
Ссылки

Описание

An issue was discovered in FRRouting FRR through 9.0. bgpd/bgp_packet.c processes NLRIs if the attribute length is zero.

Затронутые продукты
SUSE Linux Enterprise Module for Server Applications 15 SP5:frr-8.4-150500.4.8.1
SUSE Linux Enterprise Module for Server Applications 15 SP5:frr-devel-8.4-150500.4.8.1
SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrr0-8.4-150500.4.8.1
SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrr_pb0-8.4-150500.4.8.1
Ссылки

Описание

An issue was discovered in FRRouting FRR through 9.0. bgpd/bgp_packet.c can read the initial byte of the ORF header in an ahead-of-stream situation.

Затронутые продукты
SUSE Linux Enterprise Module for Server Applications 15 SP5:frr-8.4-150500.4.8.1
SUSE Linux Enterprise Module for Server Applications 15 SP5:frr-devel-8.4-150500.4.8.1
SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrr0-8.4-150500.4.8.1
SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrr_pb0-8.4-150500.4.8.1
Ссылки

Описание

An issue was discovered in FRRouting FRR through 9.0. bgp_nlri_parse_flowspec in bgpd/bgp_flowspec.c processes malformed requests with no attributes, leading to a NULL pointer dereference.

Затронутые продукты
SUSE Linux Enterprise Module for Server Applications 15 SP5:frr-8.4-150500.4.8.1
SUSE Linux Enterprise Module for Server Applications 15 SP5:frr-devel-8.4-150500.4.8.1
SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrr0-8.4-150500.4.8.1
SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrr_pb0-8.4-150500.4.8.1
Ссылки
Уязвимость SUSE-SU-2023:3709-1