Описание
Security update for frr
This update for frr fixes the following issues:
- CVE-2024-34088: Fixed null pointer via get_edge() function can trigger a denial of service (bsc#1223786).
- CVE-2024-31951: Fixed buffer overflow in ospf_te_parse_ext_link (bsc#1222528).
- CVE-2024-31950: Fixed buffer overflow and daemon crash in ospf_te_parse_ri (bsc#1222526).
Список пакетов
SUSE Linux Enterprise Module for Server Applications 15 SP5
SUSE Linux Enterprise Module for Server Applications 15 SP6
openSUSE Leap 15.5
openSUSE Leap 15.6
Ссылки
- Link for SUSE-SU-2024:1971-1
- E-Mail link for SUSE-SU-2024:1971-1
- SUSE Security Ratings
- SUSE Bug 1222526
- SUSE Bug 1222528
- SUSE Bug 1223786
- SUSE CVE CVE-2024-31950 page
- SUSE CVE CVE-2024-31951 page
- SUSE CVE CVE-2024-34088 page
Описание
In FRRouting (FRR) through 9.1, there can be a buffer overflow and daemon crash in ospf_te_parse_ri for OSPF LSA packets during an attempt to read Segment Routing subTLVs (their size is not validated).
Затронутые продукты
Ссылки
- CVE-2024-31950
- SUSE Bug 1222526
Описание
In the Opaque LSA Extended Link parser in FRRouting (FRR) through 9.1, there can be a buffer overflow and daemon crash in ospf_te_parse_ext_link for OSPF LSA packets during an attempt to read Segment Routing Adjacency SID subTLVs (lengths are not validated).
Затронутые продукты
Ссылки
- CVE-2024-31951
- SUSE Bug 1222528
Описание
In FRRouting (FRR) through 9.1, it is possible for the get_edge() function in ospf_te.c in the OSPF daemon to return a NULL pointer. In cases where calling functions do not handle the returned NULL value, the OSPF daemon crashes, leading to denial of service.
Затронутые продукты
Ссылки
- CVE-2024-34088
- SUSE Bug 1223786