[ALSA-2024:0130] Moderate: frr security update
Type:
security
Severity:
moderate
Release date:
2024-01-16
Description:
FRRouting is free software that manages TCP/IP based routing protocols. It supports BGP4, OSPFv2, OSPFv3, ISIS, RIP, RIPng, PIM, NHRP, PBR, EIGRP and BFD. Security Fix(es): * ffr: Flowspec overflow in bgpd/bgp_flowspec.c (CVE-2023-38406) * ffr: Out of bounds read in bgpd/bgp_label.c (CVE-2023-38407) * frr: crash from specially crafted MP_UNREACH_NLRI-containing BGP UPDATE message (CVE-2023-47234) * frr: crash from malformed EOR-containing BGP UPDATE message (CVE-2023-47235) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
References:
Updated packages listed below:
Architecture Package Checksum
aarch64 frr-7.5.1-13.el8_9.3.alma.1.aarch64.rpm 9318b860f712a3a204d1b4d83aca9e5ab66c604e112c01d0aa88a86cc5fa5565
noarch frr-selinux-7.5.1-13.el8_9.3.alma.1.noarch.rpm c97bf7f415118eb98568f3362220c1265a232c748fbda34dd4680b4757a0c67d
ppc64le frr-7.5.1-13.el8_9.3.alma.1.ppc64le.rpm c2e6b8f89c04c5eed4344c14df9f4e676a7900d1c40f8e572a729132943419b6
s390x frr-7.5.1-13.el8_9.3.alma.1.s390x.rpm bd66a457727c082ab4dc04052205f98ea99420ca21b6064e8eaeb3a7d5534615
x86_64 frr-7.5.1-13.el8_9.3.alma.1.x86_64.rpm ce0ad374455bbf66b23331fb9e63e1bcfadd393232b727c438bb9233086fbffd
Notes:
This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.