Alerts This Week
Warning Icon 1 714
Alerts This Week
Warning Icon 1 714

Fedora 39: 2023-514db5339e Critical: FRRouting DoS Issues - Update 8.5.3

fedora
Calendar Grey November 15, 2023
Dist Fedora Esm H88
New release for FRRouting v8.5.3 tackles urgent security vulnerabilities affecting Fedora 39. Ensure to apply the necessary patches and updates immediately!
New version 8.5.3.

Summary

FRRouting is free software that manages TCP/IP based routing protocols. It takes

a multi-server and multi-threaded approach to resolve the current complexity

of the Internet.

FRRouting supports BGP4, OSPFv2, OSPFv3, ISIS, RIP, RIPng, PIM, NHRP, PBR,

EIGRP and BFD.

FRRouting is a fork of Quagga.

Update Information:

New version 8.5.3.

Topics%20covered

Topics Covered

security advisory software update Fedora DoS routing daemon FRRouting

Change Log

* Tue Oct 10 2023 Michal Ruprich - 8.5.3-1 - New version 8.5.3

References


[ 1 ] Bug #2230983 - CVE-2023-38802 frr: Incorrect handling of a error in parsing of an invalid section of a BGP update can de-peer a router https://bugzilla.redhat.com/show_bug.cgi?id=2230983 [ 2 ] Bug #2235839 - CVE-2023-41358 frr: processes invalid NLRIs if attribute length is zero https://bugzilla.redhat.com/show_bug.cgi?id=2235839 [ 3 ] Bug #2235840 - CVE-2023-41359 frr: out of bounds read in bgp_attr_aigp_valid https://bugzilla.redhat.com/show_bug.cgi?id=2235840 [ 4 ] Bug #2235842 - CVE-2023-41360 frr: ahead-of-stream read of ORF header https://bugzilla.redhat.com/show_bug.cgi?id=2235842 [ 5 ] Bug #2237416 - CVE-2023-41909 frr: NULL pointer dereference in bgp_nlri_parse_flowspec() in bgpd/bgp_flowspec.c https://bugzilla.redhat.com/show_bug.cgi?id=2237416 [ 6 ] Bug #2238990 - CVE-2023-31489 frr: incorrect length check in bgp_capability_llgr() can lead do DoS https://bugzilla.redhat.com/show_bug.cgi?id=223899...

Read the Full Advisory

Update Instructions

This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2023-514db5339e' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html

Severity
critical
Lowest
Low
Medium
High
Critical

Name: frr
Product: Fedora 39
Version: 8.5.3
Release: 1.fc39
URL: https://www.frrouting.org/
Summary: Routing daemon

Topics%20covered

Topics Covered

security advisory software update Fedora DoS routing daemon FRRouting

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here