[ALSA-2024:0477] Moderate: frr security update
Type:
security
Severity:
moderate
Release date:
2024-01-25
Description:
FRRouting is free software that manages TCP/IP based routing protocols. It supports BGP4, OSPFv2, OSPFv3, ISIS, RIP, RIPng, PIM, NHRP, PBR, EIGRP and BFD. Security Fix(es): * ffr: Flowspec overflow in bgpd/bgp_flowspec.c (CVE-2023-38406) * ffr: Out of bounds read in bgpd/bgp_label.c (CVE-2023-38407) * frr: crash from specially crafted MP_UNREACH_NLRI-containing BGP UPDATE message (CVE-2023-47234) * frr: crash from malformed EOR-containing BGP UPDATE message (CVE-2023-47235) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
References:
Updated packages listed below:
Architecture Package Checksum
aarch64 frr-8.3.1-11.el9_3.2.alma.1.aarch64.rpm 84e74be50eb983f3ea50234d4a2c903c9543160f00c675d2e5141d38403877a4
noarch frr-selinux-8.3.1-11.el9_3.2.alma.1.noarch.rpm 8160c36eea1ef7ad5822f3878e2c4208786dd99887b0e1526e97519743d5ad4d
ppc64le frr-8.3.1-11.el9_3.2.alma.1.ppc64le.rpm c502b6ae3ad84d82fef4abf061629e00b722c95346c1ef8a07830505493dbefb
s390x frr-8.3.1-11.el9_3.2.alma.1.s390x.rpm cbbdb09e7ee75f4d7acbd5dbcc5d8a8d8bf88134796478c6feb09c5c38415e91
x86_64 frr-8.3.1-11.el9_3.2.alma.1.x86_64.rpm 2d13386c6808c9e9b29e4ca2815d4a3caf281a8a1b1ceb1e3f82e5af13c11d27
Notes:
This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.