Alerts This Week
Warning Icon 1 764
Alerts This Week
Warning Icon 1 764

Fedora 40: 2024-1b36a483cc Critical: frr Buffer Length Issue

fedora
Calendar Grey September 19, 2024
Dist Fedora Esm H88
Red Hat 9.6 security notice: CVE-2024-45085 fixed. Patch addresses integer overflow vulnerability effectively.
Fix for CVE-2024-44070

Summary

FRRouting is free software that manages TCP/IP based routing protocols. It takes

a multi-server and multi-threaded approach to resolve the current complexity

of the Internet.

FRRouting supports BGP4, OSPFv2, OSPFv3, ISIS, RIP, RIPng, PIM, NHRP, PBR,

EIGRP and BFD.

FRRouting is a fork of Quagga.

Update Information:

Fix for CVE-2024-44070

Topics%20covered

Topics Covered

security advisory security update fedora software patch frr buffer length issue

Change Log

* Tue Sep 10 2024 Michal Ruprich - 9.1.1-2 - Resolves: #2305662 - Function bgpd/bgp_attr.c does not check the actual remaining stream length

References


[ 1 ] Bug #2305662 - CVE-2024-44070 frr: Function bgpd/bgp_attr.c does not check the actual remaining stream length [fedora-40] https://bugzilla.redhat.com/show_bug.cgi?id=2305662

Update Instructions

This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2024-1b36a483cc' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

Severity
critical
Lowest
Low
Medium
High
Critical

Name: frr
Product: Fedora 40
Version: 9.1.1
Release: 2.fc40
URL: http://www.frrouting.org
Summary: Routing daemon

Topics%20covered

Topics Covered

security advisory security update fedora software patch frr buffer length issue

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here