Alerts This Week
Warning Icon 1 764
Alerts This Week
Warning Icon 1 764

Fedora 38: FEDORA-2023-61abba57d8 Critical: frr DoS Issues Resolved

fedora
Calendar Grey November 15, 2023
Dist Fedora Esm H88
Fedora 38 brings an important update with FRRouting (frr) version 8.3, focusing on fixing routing issues to enhance stability and performance across networks
New version 8.5.3.

Summary

FRRouting is free software that manages TCP/IP based routing protocols. It takes

a multi-server and multi-threaded approach to resolve the current complexity

of the Internet.

FRRouting supports BGP4, OSPFv2, OSPFv3, ISIS, RIP, RIPng, PIM, NHRP, PBR, EIGRP and BFD.

FRRouting is a fork of Quagga.

Update Information:

New version 8.5.3.

Topics%20covered

Topics Covered

security advisory update Fedora bug fix DoS routing daemon frr

Change Log

* Tue Oct 10 2023 Michal Ruprich - 8.5.3-1 - New version 8.5.3

References


[ 1 ] Bug #2230983 - CVE-2023-38802 frr: Incorrect handling of a error in parsing of an invalid section of a BGP update can de-peer a router https://bugzilla.redhat.com/show_bug.cgi?id=2230983 [ 2 ] Bug #2235839 - CVE-2023-41358 frr: processes invalid NLRIs if attribute length is zero https://bugzilla.redhat.com/show_bug.cgi?id=2235839 [ 3 ] Bug #2235840 - CVE-2023-41359 frr: out of bounds read in bgp_attr_aigp_valid https://bugzilla.redhat.com/show_bug.cgi?id=2235840 [ 4 ] Bug #2235842 - CVE-2023-41360 frr: ahead-of-stream read of ORF header https://bugzilla.redhat.com/show_bug.cgi?id=2235842 [ 5 ] Bug #2237416 - CVE-2023-41909 frr: NULL pointer dereference in bgp_nlri_parse_flowspec() in bgpd/bgp_flowspec.c https://bugzilla.redhat.com/show_bug.cgi?id=2237416 [ 6 ] Bug #2238990 - CVE-2023-31489 frr: incorrect length check in bgp_capability_llgr() can lead do DoS https://bugzilla.redhat.com/show_bug.cgi?id=223899...

Read the Full Advisory

Update Instructions

This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2023-61abba57d8' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html

Severity
critical
Lowest
Low
Medium
High
Critical

Name: frr
Product: Fedora 38
Version: 8.5.3
Release: 1.fc38
URL: https://www.frrouting.org/
Summary: Routing daemon

Topics%20covered

Topics Covered

security advisory update Fedora bug fix DoS routing daemon frr

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here