Alerts This Week
Warning Icon 1 714
Alerts This Week
Warning Icon 1 714

Fedora 37: FEDORA-2023-ce436d56f8 low: FRRouting DoS Threat

fedora
Calendar Grey November 15, 2023
Dist Fedora Esm H88
The latest release of FRRouting in Fedora 37 brings essential updates focused on enhancing BGP performance and refining routing management. Discover all the details!
New version 8.5.3.

Summary

FRRouting is free software that manages TCP/IP based routing protocols. It takes

a multi-server and multi-threaded approach to resolve the current complexity

of the Internet.

FRRouting supports BGP4, OSPFv2, OSPFv3, ISIS, RIP, RIPng, PIM, NHRP, PBR, EIGRP and BFD.

FRRouting is a fork of Quagga.

Update Information:

New version 8.5.3.

Topics%20covered

Topics Covered

security advisory Fedora DoS threat network protocols routing daemon BGP FRRouting

Change Log

* Mon Oct 9 2023 Michal Ruprich - 8.5.3-1 - New version 8.5.3

References


[ 1 ] Bug #2230983 - CVE-2023-38802 frr: Incorrect handling of a error in parsing of an invalid section of a BGP update can de-peer a router https://bugzilla.redhat.com/show_bug.cgi?id=2230983 [ 2 ] Bug #2235839 - CVE-2023-41358 frr: processes invalid NLRIs if attribute length is zero https://bugzilla.redhat.com/show_bug.cgi?id=2235839 [ 3 ] Bug #2235840 - CVE-2023-41359 frr: out of bounds read in bgp_attr_aigp_valid https://bugzilla.redhat.com/show_bug.cgi?id=2235840 [ 4 ] Bug #2235842 - CVE-2023-41360 frr: ahead-of-stream read of ORF header https://bugzilla.redhat.com/show_bug.cgi?id=2235842 [ 5 ] Bug #2237416 - CVE-2023-41909 frr: NULL pointer dereference in bgp_nlri_parse_flowspec() in bgpd/bgp_flowspec.c https://bugzilla.redhat.com/show_bug.cgi?id=2237416 [ 6 ] Bug #2238990 - CVE-2023-31489 frr: incorrect length check in bgp_capability_llgr() can lead do DoS https://bugzilla.redhat.com/show_bug.cgi?id=223899...

Read the Full Advisory

Update Instructions

This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2023-ce436d56f8' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html

Severity
low
Lowest
Low
Medium
High
Critical

Name: frr
Product: Fedora 37
Version: 8.5.3
Release: 1.fc37
URL: https://www.frrouting.org/
Summary: Routing daemon

Topics%20covered

Topics Covered

security advisory Fedora DoS threat network protocols routing daemon BGP FRRouting

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here