Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2023-38407 (GCVE-0-2023-38407)
Vulnerability from cvelistv5 – Published: 2023-11-06 00:00 – Updated: 2025-11-04 16:10
VLAI
EPSS
Summary
bgpd/bgp_label.c in FRRouting (FRR) before 8.5 attempts to read beyond the end of the stream during labeled unicast parsing.
Severity
7.5 (High)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- n/a
Assigner
References
Impacted products
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:frrouting:frrouting:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "frrouting",
"vendor": "frrouting",
"versions": [
{
"lessThan": "8.5",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2023-38407",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-05-01T14:53:35.844035Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-05T20:28:40.231Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2025-11-04T16:10:15.810Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://github.com/FRRouting/frr/pull/12951"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/FRRouting/frr/pull/12956"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/FRRouting/frr/compare/frr-8.5-rc...frr-8.5"
},
{
"name": "[debian-lts-announce] 20240428 [SECURITY] [DLA 3797-1] frr security update",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2024/04/msg00019.html"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2024/09/msg00007.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "bgpd/bgp_label.c in FRRouting (FRR) before 8.5 attempts to read beyond the end of the stream during labeled unicast parsing."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-04-28T07:06:10.226Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://github.com/FRRouting/frr/pull/12951"
},
{
"url": "https://github.com/FRRouting/frr/pull/12956"
},
{
"url": "https://github.com/FRRouting/frr/compare/frr-8.5-rc...frr-8.5"
},
{
"name": "[debian-lts-announce] 20240428 [SECURITY] [DLA 3797-1] frr security update",
"tags": [
"mailing-list"
],
"url": "https://lists.debian.org/debian-lts-announce/2024/04/msg00019.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2023-38407",
"datePublished": "2023-11-06T00:00:00.000Z",
"dateReserved": "2023-07-17T00:00:00.000Z",
"dateUpdated": "2025-11-04T16:10:15.810Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2",
"vulnerability-lookup:meta": {
"epss": {
"cve": "CVE-2023-38407",
"date": "2026-06-06",
"epss": "0.00205",
"percentile": "0.42716"
},
"fkie_nvd": {
"configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:frrouting:frrouting:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"8.5\", \"matchCriteriaId\": \"AB0E7F12-AAE7-48DA-B684-585BA3188B28\"}]}]}]",
"descriptions": "[{\"lang\": \"en\", \"value\": \"bgpd/bgp_label.c in FRRouting (FRR) before 8.5 attempts to read beyond the end of the stream during labeled unicast parsing.\"}, {\"lang\": \"es\", \"value\": \"bgpd/bgp_label.c en FRRouting (FRR) antes de 8.5 intenta leer m\\u00e1s all\\u00e1 del final de la secuencia durante el an\\u00e1lisis de unicast etiquetado.\"}]",
"id": "CVE-2023-38407",
"lastModified": "2024-11-21T08:13:30.293",
"metrics": "{\"cvssMetricV31\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\", \"baseScore\": 7.5, \"baseSeverity\": \"HIGH\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 3.9, \"impactScore\": 3.6}, {\"source\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"type\": \"Secondary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\", \"baseScore\": 7.5, \"baseSeverity\": \"HIGH\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 3.9, \"impactScore\": 3.6}]}",
"published": "2023-11-06T06:15:40.907",
"references": "[{\"url\": \"https://github.com/FRRouting/frr/compare/frr-8.5-rc...frr-8.5\", \"source\": \"cve@mitre.org\", \"tags\": [\"Patch\"]}, {\"url\": \"https://github.com/FRRouting/frr/pull/12951\", \"source\": \"cve@mitre.org\", \"tags\": [\"Patch\"]}, {\"url\": \"https://github.com/FRRouting/frr/pull/12956\", \"source\": \"cve@mitre.org\", \"tags\": [\"Patch\"]}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2024/04/msg00019.html\", \"source\": \"cve@mitre.org\"}, {\"url\": \"https://github.com/FRRouting/frr/compare/frr-8.5-rc...frr-8.5\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\"]}, {\"url\": \"https://github.com/FRRouting/frr/pull/12951\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\"]}, {\"url\": \"https://github.com/FRRouting/frr/pull/12956\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\"]}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2024/04/msg00019.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}]",
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"NVD-CWE-noinfo\"}]}]"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2023-38407\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2023-11-06T06:15:40.907\",\"lastModified\":\"2025-11-04T17:15:37.820\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"bgpd/bgp_label.c in FRRouting (FRR) before 8.5 attempts to read beyond the end of the stream during labeled unicast parsing.\"},{\"lang\":\"es\",\"value\":\"bgpd/bgp_label.c en FRRouting (FRR) antes de 8.5 intenta leer m\u00e1s all\u00e1 del final de la secuencia durante el an\u00e1lisis de unicast etiquetado.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":7.5,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":3.6},{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":7.5,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":3.6}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"NVD-CWE-noinfo\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:frrouting:frrouting:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"8.5\",\"matchCriteriaId\":\"AB0E7F12-AAE7-48DA-B684-585BA3188B28\"}]}]}],\"references\":[{\"url\":\"https://github.com/FRRouting/frr/compare/frr-8.5-rc...frr-8.5\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\"]},{\"url\":\"https://github.com/FRRouting/frr/pull/12951\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\"]},{\"url\":\"https://github.com/FRRouting/frr/pull/12956\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2024/04/msg00019.html\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://github.com/FRRouting/frr/compare/frr-8.5-rc...frr-8.5\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"https://github.com/FRRouting/frr/pull/12951\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"https://github.com/FRRouting/frr/pull/12956\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2024/04/msg00019.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.debian.org/debian-lts-announce/2024/09/msg00007.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}",
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://github.com/FRRouting/frr/pull/12951\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/FRRouting/frr/pull/12956\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/FRRouting/frr/compare/frr-8.5-rc...frr-8.5\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2024/04/msg00019.html\", \"name\": \"[debian-lts-announce] 20240428 [SECURITY] [DLA 3797-1] frr security update\", \"tags\": [\"mailing-list\", \"x_transferred\"]}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2024/09/msg00007.html\"}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2025-11-04T16:10:15.810Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 7.5, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\", \"integrityImpact\": \"NONE\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"NONE\"}}, {\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2023-38407\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2024-05-01T14:53:35.844035Z\"}}}], \"affected\": [{\"cpes\": [\"cpe:2.3:a:frrouting:frrouting:*:*:*:*:*:*:*:*\"], \"vendor\": \"frrouting\", \"product\": \"frrouting\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"8.5\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2024-05-01T15:08:37.484Z\"}}], \"cna\": {\"affected\": [{\"vendor\": \"n/a\", \"product\": \"n/a\", \"versions\": [{\"status\": \"affected\", \"version\": \"n/a\"}]}], \"references\": [{\"url\": \"https://github.com/FRRouting/frr/pull/12951\"}, {\"url\": \"https://github.com/FRRouting/frr/pull/12956\"}, {\"url\": \"https://github.com/FRRouting/frr/compare/frr-8.5-rc...frr-8.5\"}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2024/04/msg00019.html\", \"name\": \"[debian-lts-announce] 20240428 [SECURITY] [DLA 3797-1] frr security update\", \"tags\": [\"mailing-list\"]}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"bgpd/bgp_label.c in FRRouting (FRR) before 8.5 attempts to read beyond the end of the stream during labeled unicast parsing.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"text\", \"description\": \"n/a\"}]}], \"providerMetadata\": {\"orgId\": \"8254265b-2729-46b6-b9e3-3dfca2d5bfca\", \"shortName\": \"mitre\", \"dateUpdated\": \"2024-04-28T07:06:10.226Z\"}}}",
"cveMetadata": "{\"cveId\": \"CVE-2023-38407\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-11-04T16:10:15.810Z\", \"dateReserved\": \"2023-07-17T00:00:00.000Z\", \"assignerOrgId\": \"8254265b-2729-46b6-b9e3-3dfca2d5bfca\", \"datePublished\": \"2023-11-06T00:00:00.000Z\", \"assignerShortName\": \"mitre\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
}
}
RHSA-2024:1093
Vulnerability from csaf_redhat - Published: 2024-03-05 08:23 - Updated: 2026-03-18 02:33Summary
Red Hat Security Advisory: frr security update
Severity
Moderate
Notes
Topic: An update for frr is now available for Red Hat Enterprise Linux 9.2 Extended Update Support.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details: FRRouting is free software that manages TCP/IP based routing protocols. It supports BGP4, OSPFv2, OSPFv3, ISIS, RIP, RIPng, PIM, NHRP, PBR, EIGRP and BFD.
Security Fix(es):
* ffr: Flowspec overflow in bgpd/bgp_flowspec.c (CVE-2023-38406)
* ffr: Out of bounds read in bgpd/bgp_label.c (CVE-2023-38407)
* frr: crash from specially crafted MP_UNREACH_NLRI-containing BGP UPDATE message (CVE-2023-47234)
* frr: crash from malformed EOR-containing BGP UPDATE message (CVE-2023-47235)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A flaw was found in bgpd/bgp_flowspec.c in the FFrouting BGP protocol code. An overflow may occur while processing zero length NLRI messages.
7.5 (High)
Affected products
Fixed
14 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-9.2.0.Z.EUS:frr-0:8.3.1-5.el9_2.4.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.EUS:frr-0:8.3.1-5.el9_2.4.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.EUS:frr-0:8.3.1-5.el9_2.4.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.EUS:frr-0:8.3.1-5.el9_2.4.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.EUS:frr-0:8.3.1-5.el9_2.4.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.EUS:frr-debuginfo-0:8.3.1-5.el9_2.4.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.EUS:frr-debuginfo-0:8.3.1-5.el9_2.4.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.EUS:frr-debuginfo-0:8.3.1-5.el9_2.4.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.EUS:frr-debuginfo-0:8.3.1-5.el9_2.4.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.EUS:frr-debugsource-0:8.3.1-5.el9_2.4.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.EUS:frr-debugsource-0:8.3.1-5.el9_2.4.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.EUS:frr-debugsource-0:8.3.1-5.el9_2.4.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.EUS:frr-debugsource-0:8.3.1-5.el9_2.4.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.EUS:frr-selinux-0:8.3.1-5.el9_2.4.noarch | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
An out-of-bounds read flaw was found in FFrounting beyond the end of the stream during labeled unicast parsing. This issue may lead to application crash and denial of service.
7.5 (High)
Affected products
Fixed
14 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-9.2.0.Z.EUS:frr-0:8.3.1-5.el9_2.4.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.EUS:frr-0:8.3.1-5.el9_2.4.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.EUS:frr-0:8.3.1-5.el9_2.4.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.EUS:frr-0:8.3.1-5.el9_2.4.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.EUS:frr-0:8.3.1-5.el9_2.4.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.EUS:frr-debuginfo-0:8.3.1-5.el9_2.4.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.EUS:frr-debuginfo-0:8.3.1-5.el9_2.4.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.EUS:frr-debuginfo-0:8.3.1-5.el9_2.4.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.EUS:frr-debuginfo-0:8.3.1-5.el9_2.4.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.EUS:frr-debugsource-0:8.3.1-5.el9_2.4.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.EUS:frr-debugsource-0:8.3.1-5.el9_2.4.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.EUS:frr-debugsource-0:8.3.1-5.el9_2.4.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.EUS:frr-debugsource-0:8.3.1-5.el9_2.4.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.EUS:frr-selinux-0:8.3.1-5.el9_2.4.noarch | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
A flaw was found in frr. A crash can occur when processing a crafted BGP UPDATE message with a MP_UNREACH_NLRI attribute and additional NLRI data that lacks mandatory path attributes.
7.5 (High)
Affected products
Fixed
14 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-9.2.0.Z.EUS:frr-0:8.3.1-5.el9_2.4.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.EUS:frr-0:8.3.1-5.el9_2.4.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.EUS:frr-0:8.3.1-5.el9_2.4.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.EUS:frr-0:8.3.1-5.el9_2.4.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.EUS:frr-0:8.3.1-5.el9_2.4.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.EUS:frr-debuginfo-0:8.3.1-5.el9_2.4.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.EUS:frr-debuginfo-0:8.3.1-5.el9_2.4.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.EUS:frr-debuginfo-0:8.3.1-5.el9_2.4.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.EUS:frr-debuginfo-0:8.3.1-5.el9_2.4.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.EUS:frr-debugsource-0:8.3.1-5.el9_2.4.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.EUS:frr-debugsource-0:8.3.1-5.el9_2.4.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.EUS:frr-debugsource-0:8.3.1-5.el9_2.4.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.EUS:frr-debugsource-0:8.3.1-5.el9_2.4.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.EUS:frr-selinux-0:8.3.1-5.el9_2.4.noarch | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
An issue was found in FRRouting FRR, where a crash may occur when processing a malformed BGP UPDATE message with an EOR.
7.5 (High)
Affected products
Fixed
14 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-9.2.0.Z.EUS:frr-0:8.3.1-5.el9_2.4.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.EUS:frr-0:8.3.1-5.el9_2.4.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.EUS:frr-0:8.3.1-5.el9_2.4.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.EUS:frr-0:8.3.1-5.el9_2.4.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.EUS:frr-0:8.3.1-5.el9_2.4.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.EUS:frr-debuginfo-0:8.3.1-5.el9_2.4.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.EUS:frr-debuginfo-0:8.3.1-5.el9_2.4.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.EUS:frr-debuginfo-0:8.3.1-5.el9_2.4.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.EUS:frr-debuginfo-0:8.3.1-5.el9_2.4.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.EUS:frr-debugsource-0:8.3.1-5.el9_2.4.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.EUS:frr-debugsource-0:8.3.1-5.el9_2.4.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.EUS:frr-debugsource-0:8.3.1-5.el9_2.4.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.EUS:frr-debugsource-0:8.3.1-5.el9_2.4.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.EUS:frr-selinux-0:8.3.1-5.el9_2.4.noarch | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
References
26 references
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for frr is now available for Red Hat Enterprise Linux 9.2 Extended Update Support.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "FRRouting is free software that manages TCP/IP based routing protocols. It supports BGP4, OSPFv2, OSPFv3, ISIS, RIP, RIPng, PIM, NHRP, PBR, EIGRP and BFD. \n\nSecurity Fix(es):\n\n* ffr: Flowspec overflow in bgpd/bgp_flowspec.c (CVE-2023-38406)\n\n* ffr: Out of bounds read in bgpd/bgp_label.c (CVE-2023-38407)\n\n* frr: crash from specially crafted MP_UNREACH_NLRI-containing BGP UPDATE message (CVE-2023-47234)\n\n* frr: crash from malformed EOR-containing BGP UPDATE message (CVE-2023-47235)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2024:1093",
"url": "https://access.redhat.com/errata/RHSA-2024:1093"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "2248207",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2248207"
},
{
"category": "external",
"summary": "2248208",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2248208"
},
{
"category": "external",
"summary": "2248526",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2248526"
},
{
"category": "external",
"summary": "2248528",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2248528"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_1093.json"
}
],
"title": "Red Hat Security Advisory: frr security update",
"tracking": {
"current_release_date": "2026-03-18T02:33:03+00:00",
"generator": {
"date": "2026-03-18T02:33:03+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.7.3"
}
},
"id": "RHSA-2024:1093",
"initial_release_date": "2024-03-05T08:23:20+00:00",
"revision_history": [
{
"date": "2024-03-05T08:23:20+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2024-03-05T08:23:20+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-03-18T02:33:03+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux AppStream EUS (v.9.2)",
"product": {
"name": "Red Hat Enterprise Linux AppStream EUS (v.9.2)",
"product_id": "AppStream-9.2.0.Z.EUS",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_eus:9.2::appstream"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "frr-0:8.3.1-5.el9_2.4.src",
"product": {
"name": "frr-0:8.3.1-5.el9_2.4.src",
"product_id": "frr-0:8.3.1-5.el9_2.4.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/frr@8.3.1-5.el9_2.4?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "frr-0:8.3.1-5.el9_2.4.aarch64",
"product": {
"name": "frr-0:8.3.1-5.el9_2.4.aarch64",
"product_id": "frr-0:8.3.1-5.el9_2.4.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/frr@8.3.1-5.el9_2.4?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "frr-debugsource-0:8.3.1-5.el9_2.4.aarch64",
"product": {
"name": "frr-debugsource-0:8.3.1-5.el9_2.4.aarch64",
"product_id": "frr-debugsource-0:8.3.1-5.el9_2.4.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/frr-debugsource@8.3.1-5.el9_2.4?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "frr-debuginfo-0:8.3.1-5.el9_2.4.aarch64",
"product": {
"name": "frr-debuginfo-0:8.3.1-5.el9_2.4.aarch64",
"product_id": "frr-debuginfo-0:8.3.1-5.el9_2.4.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/frr-debuginfo@8.3.1-5.el9_2.4?arch=aarch64"
}
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "frr-0:8.3.1-5.el9_2.4.ppc64le",
"product": {
"name": "frr-0:8.3.1-5.el9_2.4.ppc64le",
"product_id": "frr-0:8.3.1-5.el9_2.4.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/frr@8.3.1-5.el9_2.4?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "frr-debugsource-0:8.3.1-5.el9_2.4.ppc64le",
"product": {
"name": "frr-debugsource-0:8.3.1-5.el9_2.4.ppc64le",
"product_id": "frr-debugsource-0:8.3.1-5.el9_2.4.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/frr-debugsource@8.3.1-5.el9_2.4?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "frr-debuginfo-0:8.3.1-5.el9_2.4.ppc64le",
"product": {
"name": "frr-debuginfo-0:8.3.1-5.el9_2.4.ppc64le",
"product_id": "frr-debuginfo-0:8.3.1-5.el9_2.4.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/frr-debuginfo@8.3.1-5.el9_2.4?arch=ppc64le"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "frr-0:8.3.1-5.el9_2.4.x86_64",
"product": {
"name": "frr-0:8.3.1-5.el9_2.4.x86_64",
"product_id": "frr-0:8.3.1-5.el9_2.4.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/frr@8.3.1-5.el9_2.4?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "frr-debugsource-0:8.3.1-5.el9_2.4.x86_64",
"product": {
"name": "frr-debugsource-0:8.3.1-5.el9_2.4.x86_64",
"product_id": "frr-debugsource-0:8.3.1-5.el9_2.4.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/frr-debugsource@8.3.1-5.el9_2.4?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "frr-debuginfo-0:8.3.1-5.el9_2.4.x86_64",
"product": {
"name": "frr-debuginfo-0:8.3.1-5.el9_2.4.x86_64",
"product_id": "frr-debuginfo-0:8.3.1-5.el9_2.4.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/frr-debuginfo@8.3.1-5.el9_2.4?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "frr-0:8.3.1-5.el9_2.4.s390x",
"product": {
"name": "frr-0:8.3.1-5.el9_2.4.s390x",
"product_id": "frr-0:8.3.1-5.el9_2.4.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/frr@8.3.1-5.el9_2.4?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "frr-debugsource-0:8.3.1-5.el9_2.4.s390x",
"product": {
"name": "frr-debugsource-0:8.3.1-5.el9_2.4.s390x",
"product_id": "frr-debugsource-0:8.3.1-5.el9_2.4.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/frr-debugsource@8.3.1-5.el9_2.4?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "frr-debuginfo-0:8.3.1-5.el9_2.4.s390x",
"product": {
"name": "frr-debuginfo-0:8.3.1-5.el9_2.4.s390x",
"product_id": "frr-debuginfo-0:8.3.1-5.el9_2.4.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/frr-debuginfo@8.3.1-5.el9_2.4?arch=s390x"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "frr-selinux-0:8.3.1-5.el9_2.4.noarch",
"product": {
"name": "frr-selinux-0:8.3.1-5.el9_2.4.noarch",
"product_id": "frr-selinux-0:8.3.1-5.el9_2.4.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/frr-selinux@8.3.1-5.el9_2.4?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "frr-0:8.3.1-5.el9_2.4.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)",
"product_id": "AppStream-9.2.0.Z.EUS:frr-0:8.3.1-5.el9_2.4.aarch64"
},
"product_reference": "frr-0:8.3.1-5.el9_2.4.aarch64",
"relates_to_product_reference": "AppStream-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "frr-0:8.3.1-5.el9_2.4.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)",
"product_id": "AppStream-9.2.0.Z.EUS:frr-0:8.3.1-5.el9_2.4.ppc64le"
},
"product_reference": "frr-0:8.3.1-5.el9_2.4.ppc64le",
"relates_to_product_reference": "AppStream-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "frr-0:8.3.1-5.el9_2.4.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)",
"product_id": "AppStream-9.2.0.Z.EUS:frr-0:8.3.1-5.el9_2.4.s390x"
},
"product_reference": "frr-0:8.3.1-5.el9_2.4.s390x",
"relates_to_product_reference": "AppStream-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "frr-0:8.3.1-5.el9_2.4.src as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)",
"product_id": "AppStream-9.2.0.Z.EUS:frr-0:8.3.1-5.el9_2.4.src"
},
"product_reference": "frr-0:8.3.1-5.el9_2.4.src",
"relates_to_product_reference": "AppStream-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "frr-0:8.3.1-5.el9_2.4.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)",
"product_id": "AppStream-9.2.0.Z.EUS:frr-0:8.3.1-5.el9_2.4.x86_64"
},
"product_reference": "frr-0:8.3.1-5.el9_2.4.x86_64",
"relates_to_product_reference": "AppStream-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "frr-debuginfo-0:8.3.1-5.el9_2.4.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)",
"product_id": "AppStream-9.2.0.Z.EUS:frr-debuginfo-0:8.3.1-5.el9_2.4.aarch64"
},
"product_reference": "frr-debuginfo-0:8.3.1-5.el9_2.4.aarch64",
"relates_to_product_reference": "AppStream-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "frr-debuginfo-0:8.3.1-5.el9_2.4.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)",
"product_id": "AppStream-9.2.0.Z.EUS:frr-debuginfo-0:8.3.1-5.el9_2.4.ppc64le"
},
"product_reference": "frr-debuginfo-0:8.3.1-5.el9_2.4.ppc64le",
"relates_to_product_reference": "AppStream-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "frr-debuginfo-0:8.3.1-5.el9_2.4.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)",
"product_id": "AppStream-9.2.0.Z.EUS:frr-debuginfo-0:8.3.1-5.el9_2.4.s390x"
},
"product_reference": "frr-debuginfo-0:8.3.1-5.el9_2.4.s390x",
"relates_to_product_reference": "AppStream-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "frr-debuginfo-0:8.3.1-5.el9_2.4.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)",
"product_id": "AppStream-9.2.0.Z.EUS:frr-debuginfo-0:8.3.1-5.el9_2.4.x86_64"
},
"product_reference": "frr-debuginfo-0:8.3.1-5.el9_2.4.x86_64",
"relates_to_product_reference": "AppStream-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "frr-debugsource-0:8.3.1-5.el9_2.4.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)",
"product_id": "AppStream-9.2.0.Z.EUS:frr-debugsource-0:8.3.1-5.el9_2.4.aarch64"
},
"product_reference": "frr-debugsource-0:8.3.1-5.el9_2.4.aarch64",
"relates_to_product_reference": "AppStream-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "frr-debugsource-0:8.3.1-5.el9_2.4.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)",
"product_id": "AppStream-9.2.0.Z.EUS:frr-debugsource-0:8.3.1-5.el9_2.4.ppc64le"
},
"product_reference": "frr-debugsource-0:8.3.1-5.el9_2.4.ppc64le",
"relates_to_product_reference": "AppStream-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "frr-debugsource-0:8.3.1-5.el9_2.4.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)",
"product_id": "AppStream-9.2.0.Z.EUS:frr-debugsource-0:8.3.1-5.el9_2.4.s390x"
},
"product_reference": "frr-debugsource-0:8.3.1-5.el9_2.4.s390x",
"relates_to_product_reference": "AppStream-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "frr-debugsource-0:8.3.1-5.el9_2.4.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)",
"product_id": "AppStream-9.2.0.Z.EUS:frr-debugsource-0:8.3.1-5.el9_2.4.x86_64"
},
"product_reference": "frr-debugsource-0:8.3.1-5.el9_2.4.x86_64",
"relates_to_product_reference": "AppStream-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "frr-selinux-0:8.3.1-5.el9_2.4.noarch as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)",
"product_id": "AppStream-9.2.0.Z.EUS:frr-selinux-0:8.3.1-5.el9_2.4.noarch"
},
"product_reference": "frr-selinux-0:8.3.1-5.el9_2.4.noarch",
"relates_to_product_reference": "AppStream-9.2.0.Z.EUS"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-38406",
"cwe": {
"id": "CWE-119",
"name": "Improper Restriction of Operations within the Bounds of a Memory Buffer"
},
"discovery_date": "2023-11-06T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2248526"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in bgpd/bgp_flowspec.c in the FFrouting BGP protocol code. An overflow may occur while processing zero length NLRI messages.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "ffr: Flowspec overflow in bgpd/bgp_flowspec.c",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat OpenStack Platform does not ship its own version of the frr package, instead using the version from the underlying Red Hat Enterprise Linux. RHOSP is marked as Not Affected as no changes need to be made by the OpenStack engineering team. System administrators of OpenStack deployments should apply updates once available in RHEL.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.2.0.Z.EUS:frr-0:8.3.1-5.el9_2.4.aarch64",
"AppStream-9.2.0.Z.EUS:frr-0:8.3.1-5.el9_2.4.ppc64le",
"AppStream-9.2.0.Z.EUS:frr-0:8.3.1-5.el9_2.4.s390x",
"AppStream-9.2.0.Z.EUS:frr-0:8.3.1-5.el9_2.4.src",
"AppStream-9.2.0.Z.EUS:frr-0:8.3.1-5.el9_2.4.x86_64",
"AppStream-9.2.0.Z.EUS:frr-debuginfo-0:8.3.1-5.el9_2.4.aarch64",
"AppStream-9.2.0.Z.EUS:frr-debuginfo-0:8.3.1-5.el9_2.4.ppc64le",
"AppStream-9.2.0.Z.EUS:frr-debuginfo-0:8.3.1-5.el9_2.4.s390x",
"AppStream-9.2.0.Z.EUS:frr-debuginfo-0:8.3.1-5.el9_2.4.x86_64",
"AppStream-9.2.0.Z.EUS:frr-debugsource-0:8.3.1-5.el9_2.4.aarch64",
"AppStream-9.2.0.Z.EUS:frr-debugsource-0:8.3.1-5.el9_2.4.ppc64le",
"AppStream-9.2.0.Z.EUS:frr-debugsource-0:8.3.1-5.el9_2.4.s390x",
"AppStream-9.2.0.Z.EUS:frr-debugsource-0:8.3.1-5.el9_2.4.x86_64",
"AppStream-9.2.0.Z.EUS:frr-selinux-0:8.3.1-5.el9_2.4.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-38406"
},
{
"category": "external",
"summary": "RHBZ#2248526",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2248526"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-38406",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38406"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-38406",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-38406"
},
{
"category": "external",
"summary": "https://github.com/FRRouting/frr/pull/12884",
"url": "https://github.com/FRRouting/frr/pull/12884"
}
],
"release_date": "2023-02-24T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-03-05T08:23:20+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.2.0.Z.EUS:frr-0:8.3.1-5.el9_2.4.aarch64",
"AppStream-9.2.0.Z.EUS:frr-0:8.3.1-5.el9_2.4.ppc64le",
"AppStream-9.2.0.Z.EUS:frr-0:8.3.1-5.el9_2.4.s390x",
"AppStream-9.2.0.Z.EUS:frr-0:8.3.1-5.el9_2.4.src",
"AppStream-9.2.0.Z.EUS:frr-0:8.3.1-5.el9_2.4.x86_64",
"AppStream-9.2.0.Z.EUS:frr-debuginfo-0:8.3.1-5.el9_2.4.aarch64",
"AppStream-9.2.0.Z.EUS:frr-debuginfo-0:8.3.1-5.el9_2.4.ppc64le",
"AppStream-9.2.0.Z.EUS:frr-debuginfo-0:8.3.1-5.el9_2.4.s390x",
"AppStream-9.2.0.Z.EUS:frr-debuginfo-0:8.3.1-5.el9_2.4.x86_64",
"AppStream-9.2.0.Z.EUS:frr-debugsource-0:8.3.1-5.el9_2.4.aarch64",
"AppStream-9.2.0.Z.EUS:frr-debugsource-0:8.3.1-5.el9_2.4.ppc64le",
"AppStream-9.2.0.Z.EUS:frr-debugsource-0:8.3.1-5.el9_2.4.s390x",
"AppStream-9.2.0.Z.EUS:frr-debugsource-0:8.3.1-5.el9_2.4.x86_64",
"AppStream-9.2.0.Z.EUS:frr-selinux-0:8.3.1-5.el9_2.4.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:1093"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"AppStream-9.2.0.Z.EUS:frr-0:8.3.1-5.el9_2.4.aarch64",
"AppStream-9.2.0.Z.EUS:frr-0:8.3.1-5.el9_2.4.ppc64le",
"AppStream-9.2.0.Z.EUS:frr-0:8.3.1-5.el9_2.4.s390x",
"AppStream-9.2.0.Z.EUS:frr-0:8.3.1-5.el9_2.4.src",
"AppStream-9.2.0.Z.EUS:frr-0:8.3.1-5.el9_2.4.x86_64",
"AppStream-9.2.0.Z.EUS:frr-debuginfo-0:8.3.1-5.el9_2.4.aarch64",
"AppStream-9.2.0.Z.EUS:frr-debuginfo-0:8.3.1-5.el9_2.4.ppc64le",
"AppStream-9.2.0.Z.EUS:frr-debuginfo-0:8.3.1-5.el9_2.4.s390x",
"AppStream-9.2.0.Z.EUS:frr-debuginfo-0:8.3.1-5.el9_2.4.x86_64",
"AppStream-9.2.0.Z.EUS:frr-debugsource-0:8.3.1-5.el9_2.4.aarch64",
"AppStream-9.2.0.Z.EUS:frr-debugsource-0:8.3.1-5.el9_2.4.ppc64le",
"AppStream-9.2.0.Z.EUS:frr-debugsource-0:8.3.1-5.el9_2.4.s390x",
"AppStream-9.2.0.Z.EUS:frr-debugsource-0:8.3.1-5.el9_2.4.x86_64",
"AppStream-9.2.0.Z.EUS:frr-selinux-0:8.3.1-5.el9_2.4.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-9.2.0.Z.EUS:frr-0:8.3.1-5.el9_2.4.aarch64",
"AppStream-9.2.0.Z.EUS:frr-0:8.3.1-5.el9_2.4.ppc64le",
"AppStream-9.2.0.Z.EUS:frr-0:8.3.1-5.el9_2.4.s390x",
"AppStream-9.2.0.Z.EUS:frr-0:8.3.1-5.el9_2.4.src",
"AppStream-9.2.0.Z.EUS:frr-0:8.3.1-5.el9_2.4.x86_64",
"AppStream-9.2.0.Z.EUS:frr-debuginfo-0:8.3.1-5.el9_2.4.aarch64",
"AppStream-9.2.0.Z.EUS:frr-debuginfo-0:8.3.1-5.el9_2.4.ppc64le",
"AppStream-9.2.0.Z.EUS:frr-debuginfo-0:8.3.1-5.el9_2.4.s390x",
"AppStream-9.2.0.Z.EUS:frr-debuginfo-0:8.3.1-5.el9_2.4.x86_64",
"AppStream-9.2.0.Z.EUS:frr-debugsource-0:8.3.1-5.el9_2.4.aarch64",
"AppStream-9.2.0.Z.EUS:frr-debugsource-0:8.3.1-5.el9_2.4.ppc64le",
"AppStream-9.2.0.Z.EUS:frr-debugsource-0:8.3.1-5.el9_2.4.s390x",
"AppStream-9.2.0.Z.EUS:frr-debugsource-0:8.3.1-5.el9_2.4.x86_64",
"AppStream-9.2.0.Z.EUS:frr-selinux-0:8.3.1-5.el9_2.4.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "ffr: Flowspec overflow in bgpd/bgp_flowspec.c"
},
{
"cve": "CVE-2023-38407",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"discovery_date": "2023-11-06T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2248528"
}
],
"notes": [
{
"category": "description",
"text": "An out-of-bounds read flaw was found in FFrounting beyond the end of the stream during labeled unicast parsing. This issue may lead to application crash and denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "ffr: Out of bounds read in bgpd/bgp_label.c",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat OpenStack Platform does not ship its own version of the frr package, instead using the version from the underlying Red Hat Enterprise Linux. RHOSP is marked as Not Affected as no changes need to be made by the OpenStack engineering team. System administrators of OpenStack deployments should apply updates once available in RHEL.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.2.0.Z.EUS:frr-0:8.3.1-5.el9_2.4.aarch64",
"AppStream-9.2.0.Z.EUS:frr-0:8.3.1-5.el9_2.4.ppc64le",
"AppStream-9.2.0.Z.EUS:frr-0:8.3.1-5.el9_2.4.s390x",
"AppStream-9.2.0.Z.EUS:frr-0:8.3.1-5.el9_2.4.src",
"AppStream-9.2.0.Z.EUS:frr-0:8.3.1-5.el9_2.4.x86_64",
"AppStream-9.2.0.Z.EUS:frr-debuginfo-0:8.3.1-5.el9_2.4.aarch64",
"AppStream-9.2.0.Z.EUS:frr-debuginfo-0:8.3.1-5.el9_2.4.ppc64le",
"AppStream-9.2.0.Z.EUS:frr-debuginfo-0:8.3.1-5.el9_2.4.s390x",
"AppStream-9.2.0.Z.EUS:frr-debuginfo-0:8.3.1-5.el9_2.4.x86_64",
"AppStream-9.2.0.Z.EUS:frr-debugsource-0:8.3.1-5.el9_2.4.aarch64",
"AppStream-9.2.0.Z.EUS:frr-debugsource-0:8.3.1-5.el9_2.4.ppc64le",
"AppStream-9.2.0.Z.EUS:frr-debugsource-0:8.3.1-5.el9_2.4.s390x",
"AppStream-9.2.0.Z.EUS:frr-debugsource-0:8.3.1-5.el9_2.4.x86_64",
"AppStream-9.2.0.Z.EUS:frr-selinux-0:8.3.1-5.el9_2.4.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-38407"
},
{
"category": "external",
"summary": "RHBZ#2248528",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2248528"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-38407",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38407"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-38407",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-38407"
},
{
"category": "external",
"summary": "https://github.com/FRRouting/frr/pull/12951",
"url": "https://github.com/FRRouting/frr/pull/12951"
},
{
"category": "external",
"summary": "https://github.com/FRRouting/frr/pull/12956",
"url": "https://github.com/FRRouting/frr/pull/12956"
}
],
"release_date": "2023-03-05T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-03-05T08:23:20+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.2.0.Z.EUS:frr-0:8.3.1-5.el9_2.4.aarch64",
"AppStream-9.2.0.Z.EUS:frr-0:8.3.1-5.el9_2.4.ppc64le",
"AppStream-9.2.0.Z.EUS:frr-0:8.3.1-5.el9_2.4.s390x",
"AppStream-9.2.0.Z.EUS:frr-0:8.3.1-5.el9_2.4.src",
"AppStream-9.2.0.Z.EUS:frr-0:8.3.1-5.el9_2.4.x86_64",
"AppStream-9.2.0.Z.EUS:frr-debuginfo-0:8.3.1-5.el9_2.4.aarch64",
"AppStream-9.2.0.Z.EUS:frr-debuginfo-0:8.3.1-5.el9_2.4.ppc64le",
"AppStream-9.2.0.Z.EUS:frr-debuginfo-0:8.3.1-5.el9_2.4.s390x",
"AppStream-9.2.0.Z.EUS:frr-debuginfo-0:8.3.1-5.el9_2.4.x86_64",
"AppStream-9.2.0.Z.EUS:frr-debugsource-0:8.3.1-5.el9_2.4.aarch64",
"AppStream-9.2.0.Z.EUS:frr-debugsource-0:8.3.1-5.el9_2.4.ppc64le",
"AppStream-9.2.0.Z.EUS:frr-debugsource-0:8.3.1-5.el9_2.4.s390x",
"AppStream-9.2.0.Z.EUS:frr-debugsource-0:8.3.1-5.el9_2.4.x86_64",
"AppStream-9.2.0.Z.EUS:frr-selinux-0:8.3.1-5.el9_2.4.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:1093"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"AppStream-9.2.0.Z.EUS:frr-0:8.3.1-5.el9_2.4.aarch64",
"AppStream-9.2.0.Z.EUS:frr-0:8.3.1-5.el9_2.4.ppc64le",
"AppStream-9.2.0.Z.EUS:frr-0:8.3.1-5.el9_2.4.s390x",
"AppStream-9.2.0.Z.EUS:frr-0:8.3.1-5.el9_2.4.src",
"AppStream-9.2.0.Z.EUS:frr-0:8.3.1-5.el9_2.4.x86_64",
"AppStream-9.2.0.Z.EUS:frr-debuginfo-0:8.3.1-5.el9_2.4.aarch64",
"AppStream-9.2.0.Z.EUS:frr-debuginfo-0:8.3.1-5.el9_2.4.ppc64le",
"AppStream-9.2.0.Z.EUS:frr-debuginfo-0:8.3.1-5.el9_2.4.s390x",
"AppStream-9.2.0.Z.EUS:frr-debuginfo-0:8.3.1-5.el9_2.4.x86_64",
"AppStream-9.2.0.Z.EUS:frr-debugsource-0:8.3.1-5.el9_2.4.aarch64",
"AppStream-9.2.0.Z.EUS:frr-debugsource-0:8.3.1-5.el9_2.4.ppc64le",
"AppStream-9.2.0.Z.EUS:frr-debugsource-0:8.3.1-5.el9_2.4.s390x",
"AppStream-9.2.0.Z.EUS:frr-debugsource-0:8.3.1-5.el9_2.4.x86_64",
"AppStream-9.2.0.Z.EUS:frr-selinux-0:8.3.1-5.el9_2.4.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-9.2.0.Z.EUS:frr-0:8.3.1-5.el9_2.4.aarch64",
"AppStream-9.2.0.Z.EUS:frr-0:8.3.1-5.el9_2.4.ppc64le",
"AppStream-9.2.0.Z.EUS:frr-0:8.3.1-5.el9_2.4.s390x",
"AppStream-9.2.0.Z.EUS:frr-0:8.3.1-5.el9_2.4.src",
"AppStream-9.2.0.Z.EUS:frr-0:8.3.1-5.el9_2.4.x86_64",
"AppStream-9.2.0.Z.EUS:frr-debuginfo-0:8.3.1-5.el9_2.4.aarch64",
"AppStream-9.2.0.Z.EUS:frr-debuginfo-0:8.3.1-5.el9_2.4.ppc64le",
"AppStream-9.2.0.Z.EUS:frr-debuginfo-0:8.3.1-5.el9_2.4.s390x",
"AppStream-9.2.0.Z.EUS:frr-debuginfo-0:8.3.1-5.el9_2.4.x86_64",
"AppStream-9.2.0.Z.EUS:frr-debugsource-0:8.3.1-5.el9_2.4.aarch64",
"AppStream-9.2.0.Z.EUS:frr-debugsource-0:8.3.1-5.el9_2.4.ppc64le",
"AppStream-9.2.0.Z.EUS:frr-debugsource-0:8.3.1-5.el9_2.4.s390x",
"AppStream-9.2.0.Z.EUS:frr-debugsource-0:8.3.1-5.el9_2.4.x86_64",
"AppStream-9.2.0.Z.EUS:frr-selinux-0:8.3.1-5.el9_2.4.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "ffr: Out of bounds read in bgpd/bgp_label.c"
},
{
"cve": "CVE-2023-47234",
"discovery_date": "2023-11-06T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2248208"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in frr. A crash can occur when processing a crafted BGP UPDATE message with a MP_UNREACH_NLRI attribute and additional NLRI data that lacks mandatory path attributes.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "frr: crash from specially crafted MP_UNREACH_NLRI-containing BGP UPDATE message",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat OpenStack Platform does not ship its own version of the frr package, instead using the version from the underlying Red Hat Enterprise Linux. RHOSP is marked as Not Affected as no changes need to be made by the OpenStack engineering team. System administrators of OpenStack deployments should apply updates once available in RHEL.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.2.0.Z.EUS:frr-0:8.3.1-5.el9_2.4.aarch64",
"AppStream-9.2.0.Z.EUS:frr-0:8.3.1-5.el9_2.4.ppc64le",
"AppStream-9.2.0.Z.EUS:frr-0:8.3.1-5.el9_2.4.s390x",
"AppStream-9.2.0.Z.EUS:frr-0:8.3.1-5.el9_2.4.src",
"AppStream-9.2.0.Z.EUS:frr-0:8.3.1-5.el9_2.4.x86_64",
"AppStream-9.2.0.Z.EUS:frr-debuginfo-0:8.3.1-5.el9_2.4.aarch64",
"AppStream-9.2.0.Z.EUS:frr-debuginfo-0:8.3.1-5.el9_2.4.ppc64le",
"AppStream-9.2.0.Z.EUS:frr-debuginfo-0:8.3.1-5.el9_2.4.s390x",
"AppStream-9.2.0.Z.EUS:frr-debuginfo-0:8.3.1-5.el9_2.4.x86_64",
"AppStream-9.2.0.Z.EUS:frr-debugsource-0:8.3.1-5.el9_2.4.aarch64",
"AppStream-9.2.0.Z.EUS:frr-debugsource-0:8.3.1-5.el9_2.4.ppc64le",
"AppStream-9.2.0.Z.EUS:frr-debugsource-0:8.3.1-5.el9_2.4.s390x",
"AppStream-9.2.0.Z.EUS:frr-debugsource-0:8.3.1-5.el9_2.4.x86_64",
"AppStream-9.2.0.Z.EUS:frr-selinux-0:8.3.1-5.el9_2.4.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-47234"
},
{
"category": "external",
"summary": "RHBZ#2248208",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2248208"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-47234",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-47234"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-47234",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-47234"
}
],
"release_date": "2023-11-03T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-03-05T08:23:20+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.2.0.Z.EUS:frr-0:8.3.1-5.el9_2.4.aarch64",
"AppStream-9.2.0.Z.EUS:frr-0:8.3.1-5.el9_2.4.ppc64le",
"AppStream-9.2.0.Z.EUS:frr-0:8.3.1-5.el9_2.4.s390x",
"AppStream-9.2.0.Z.EUS:frr-0:8.3.1-5.el9_2.4.src",
"AppStream-9.2.0.Z.EUS:frr-0:8.3.1-5.el9_2.4.x86_64",
"AppStream-9.2.0.Z.EUS:frr-debuginfo-0:8.3.1-5.el9_2.4.aarch64",
"AppStream-9.2.0.Z.EUS:frr-debuginfo-0:8.3.1-5.el9_2.4.ppc64le",
"AppStream-9.2.0.Z.EUS:frr-debuginfo-0:8.3.1-5.el9_2.4.s390x",
"AppStream-9.2.0.Z.EUS:frr-debuginfo-0:8.3.1-5.el9_2.4.x86_64",
"AppStream-9.2.0.Z.EUS:frr-debugsource-0:8.3.1-5.el9_2.4.aarch64",
"AppStream-9.2.0.Z.EUS:frr-debugsource-0:8.3.1-5.el9_2.4.ppc64le",
"AppStream-9.2.0.Z.EUS:frr-debugsource-0:8.3.1-5.el9_2.4.s390x",
"AppStream-9.2.0.Z.EUS:frr-debugsource-0:8.3.1-5.el9_2.4.x86_64",
"AppStream-9.2.0.Z.EUS:frr-selinux-0:8.3.1-5.el9_2.4.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:1093"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"AppStream-9.2.0.Z.EUS:frr-0:8.3.1-5.el9_2.4.aarch64",
"AppStream-9.2.0.Z.EUS:frr-0:8.3.1-5.el9_2.4.ppc64le",
"AppStream-9.2.0.Z.EUS:frr-0:8.3.1-5.el9_2.4.s390x",
"AppStream-9.2.0.Z.EUS:frr-0:8.3.1-5.el9_2.4.src",
"AppStream-9.2.0.Z.EUS:frr-0:8.3.1-5.el9_2.4.x86_64",
"AppStream-9.2.0.Z.EUS:frr-debuginfo-0:8.3.1-5.el9_2.4.aarch64",
"AppStream-9.2.0.Z.EUS:frr-debuginfo-0:8.3.1-5.el9_2.4.ppc64le",
"AppStream-9.2.0.Z.EUS:frr-debuginfo-0:8.3.1-5.el9_2.4.s390x",
"AppStream-9.2.0.Z.EUS:frr-debuginfo-0:8.3.1-5.el9_2.4.x86_64",
"AppStream-9.2.0.Z.EUS:frr-debugsource-0:8.3.1-5.el9_2.4.aarch64",
"AppStream-9.2.0.Z.EUS:frr-debugsource-0:8.3.1-5.el9_2.4.ppc64le",
"AppStream-9.2.0.Z.EUS:frr-debugsource-0:8.3.1-5.el9_2.4.s390x",
"AppStream-9.2.0.Z.EUS:frr-debugsource-0:8.3.1-5.el9_2.4.x86_64",
"AppStream-9.2.0.Z.EUS:frr-selinux-0:8.3.1-5.el9_2.4.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-9.2.0.Z.EUS:frr-0:8.3.1-5.el9_2.4.aarch64",
"AppStream-9.2.0.Z.EUS:frr-0:8.3.1-5.el9_2.4.ppc64le",
"AppStream-9.2.0.Z.EUS:frr-0:8.3.1-5.el9_2.4.s390x",
"AppStream-9.2.0.Z.EUS:frr-0:8.3.1-5.el9_2.4.src",
"AppStream-9.2.0.Z.EUS:frr-0:8.3.1-5.el9_2.4.x86_64",
"AppStream-9.2.0.Z.EUS:frr-debuginfo-0:8.3.1-5.el9_2.4.aarch64",
"AppStream-9.2.0.Z.EUS:frr-debuginfo-0:8.3.1-5.el9_2.4.ppc64le",
"AppStream-9.2.0.Z.EUS:frr-debuginfo-0:8.3.1-5.el9_2.4.s390x",
"AppStream-9.2.0.Z.EUS:frr-debuginfo-0:8.3.1-5.el9_2.4.x86_64",
"AppStream-9.2.0.Z.EUS:frr-debugsource-0:8.3.1-5.el9_2.4.aarch64",
"AppStream-9.2.0.Z.EUS:frr-debugsource-0:8.3.1-5.el9_2.4.ppc64le",
"AppStream-9.2.0.Z.EUS:frr-debugsource-0:8.3.1-5.el9_2.4.s390x",
"AppStream-9.2.0.Z.EUS:frr-debugsource-0:8.3.1-5.el9_2.4.x86_64",
"AppStream-9.2.0.Z.EUS:frr-selinux-0:8.3.1-5.el9_2.4.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "frr: crash from specially crafted MP_UNREACH_NLRI-containing BGP UPDATE message"
},
{
"cve": "CVE-2023-47235",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2023-11-06T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2248207"
}
],
"notes": [
{
"category": "description",
"text": "An issue was found in FRRouting FRR, where a crash may occur when processing a malformed BGP UPDATE message with an EOR.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "frr: crash from malformed EOR-containing BGP UPDATE message",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "A moderate severity issue has been identified in FRRouting FRR, where a crash may occur when processing a malformed BGP UPDATE message with an EOR. It\u0027s important to note that Red Hat OpenStack Platform (RHOSP) is not directly affected, as it utilises the version from the underlying Red Hat Enterprise Linux and is marked as Not Affected, with no changes required by the OpenStack engineering team. However, system administrators of OpenStack deployments are advised to apply updates once available in RHEL to mitigate potential risks. Additionally, this flaw is discovered through fuzzing, where, in normal cases, such packets cannot exist.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.2.0.Z.EUS:frr-0:8.3.1-5.el9_2.4.aarch64",
"AppStream-9.2.0.Z.EUS:frr-0:8.3.1-5.el9_2.4.ppc64le",
"AppStream-9.2.0.Z.EUS:frr-0:8.3.1-5.el9_2.4.s390x",
"AppStream-9.2.0.Z.EUS:frr-0:8.3.1-5.el9_2.4.src",
"AppStream-9.2.0.Z.EUS:frr-0:8.3.1-5.el9_2.4.x86_64",
"AppStream-9.2.0.Z.EUS:frr-debuginfo-0:8.3.1-5.el9_2.4.aarch64",
"AppStream-9.2.0.Z.EUS:frr-debuginfo-0:8.3.1-5.el9_2.4.ppc64le",
"AppStream-9.2.0.Z.EUS:frr-debuginfo-0:8.3.1-5.el9_2.4.s390x",
"AppStream-9.2.0.Z.EUS:frr-debuginfo-0:8.3.1-5.el9_2.4.x86_64",
"AppStream-9.2.0.Z.EUS:frr-debugsource-0:8.3.1-5.el9_2.4.aarch64",
"AppStream-9.2.0.Z.EUS:frr-debugsource-0:8.3.1-5.el9_2.4.ppc64le",
"AppStream-9.2.0.Z.EUS:frr-debugsource-0:8.3.1-5.el9_2.4.s390x",
"AppStream-9.2.0.Z.EUS:frr-debugsource-0:8.3.1-5.el9_2.4.x86_64",
"AppStream-9.2.0.Z.EUS:frr-selinux-0:8.3.1-5.el9_2.4.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-47235"
},
{
"category": "external",
"summary": "RHBZ#2248207",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2248207"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-47235",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-47235"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-47235",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-47235"
}
],
"release_date": "2023-11-03T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-03-05T08:23:20+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.2.0.Z.EUS:frr-0:8.3.1-5.el9_2.4.aarch64",
"AppStream-9.2.0.Z.EUS:frr-0:8.3.1-5.el9_2.4.ppc64le",
"AppStream-9.2.0.Z.EUS:frr-0:8.3.1-5.el9_2.4.s390x",
"AppStream-9.2.0.Z.EUS:frr-0:8.3.1-5.el9_2.4.src",
"AppStream-9.2.0.Z.EUS:frr-0:8.3.1-5.el9_2.4.x86_64",
"AppStream-9.2.0.Z.EUS:frr-debuginfo-0:8.3.1-5.el9_2.4.aarch64",
"AppStream-9.2.0.Z.EUS:frr-debuginfo-0:8.3.1-5.el9_2.4.ppc64le",
"AppStream-9.2.0.Z.EUS:frr-debuginfo-0:8.3.1-5.el9_2.4.s390x",
"AppStream-9.2.0.Z.EUS:frr-debuginfo-0:8.3.1-5.el9_2.4.x86_64",
"AppStream-9.2.0.Z.EUS:frr-debugsource-0:8.3.1-5.el9_2.4.aarch64",
"AppStream-9.2.0.Z.EUS:frr-debugsource-0:8.3.1-5.el9_2.4.ppc64le",
"AppStream-9.2.0.Z.EUS:frr-debugsource-0:8.3.1-5.el9_2.4.s390x",
"AppStream-9.2.0.Z.EUS:frr-debugsource-0:8.3.1-5.el9_2.4.x86_64",
"AppStream-9.2.0.Z.EUS:frr-selinux-0:8.3.1-5.el9_2.4.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:1093"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"AppStream-9.2.0.Z.EUS:frr-0:8.3.1-5.el9_2.4.aarch64",
"AppStream-9.2.0.Z.EUS:frr-0:8.3.1-5.el9_2.4.ppc64le",
"AppStream-9.2.0.Z.EUS:frr-0:8.3.1-5.el9_2.4.s390x",
"AppStream-9.2.0.Z.EUS:frr-0:8.3.1-5.el9_2.4.src",
"AppStream-9.2.0.Z.EUS:frr-0:8.3.1-5.el9_2.4.x86_64",
"AppStream-9.2.0.Z.EUS:frr-debuginfo-0:8.3.1-5.el9_2.4.aarch64",
"AppStream-9.2.0.Z.EUS:frr-debuginfo-0:8.3.1-5.el9_2.4.ppc64le",
"AppStream-9.2.0.Z.EUS:frr-debuginfo-0:8.3.1-5.el9_2.4.s390x",
"AppStream-9.2.0.Z.EUS:frr-debuginfo-0:8.3.1-5.el9_2.4.x86_64",
"AppStream-9.2.0.Z.EUS:frr-debugsource-0:8.3.1-5.el9_2.4.aarch64",
"AppStream-9.2.0.Z.EUS:frr-debugsource-0:8.3.1-5.el9_2.4.ppc64le",
"AppStream-9.2.0.Z.EUS:frr-debugsource-0:8.3.1-5.el9_2.4.s390x",
"AppStream-9.2.0.Z.EUS:frr-debugsource-0:8.3.1-5.el9_2.4.x86_64",
"AppStream-9.2.0.Z.EUS:frr-selinux-0:8.3.1-5.el9_2.4.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-9.2.0.Z.EUS:frr-0:8.3.1-5.el9_2.4.aarch64",
"AppStream-9.2.0.Z.EUS:frr-0:8.3.1-5.el9_2.4.ppc64le",
"AppStream-9.2.0.Z.EUS:frr-0:8.3.1-5.el9_2.4.s390x",
"AppStream-9.2.0.Z.EUS:frr-0:8.3.1-5.el9_2.4.src",
"AppStream-9.2.0.Z.EUS:frr-0:8.3.1-5.el9_2.4.x86_64",
"AppStream-9.2.0.Z.EUS:frr-debuginfo-0:8.3.1-5.el9_2.4.aarch64",
"AppStream-9.2.0.Z.EUS:frr-debuginfo-0:8.3.1-5.el9_2.4.ppc64le",
"AppStream-9.2.0.Z.EUS:frr-debuginfo-0:8.3.1-5.el9_2.4.s390x",
"AppStream-9.2.0.Z.EUS:frr-debuginfo-0:8.3.1-5.el9_2.4.x86_64",
"AppStream-9.2.0.Z.EUS:frr-debugsource-0:8.3.1-5.el9_2.4.aarch64",
"AppStream-9.2.0.Z.EUS:frr-debugsource-0:8.3.1-5.el9_2.4.ppc64le",
"AppStream-9.2.0.Z.EUS:frr-debugsource-0:8.3.1-5.el9_2.4.s390x",
"AppStream-9.2.0.Z.EUS:frr-debugsource-0:8.3.1-5.el9_2.4.x86_64",
"AppStream-9.2.0.Z.EUS:frr-selinux-0:8.3.1-5.el9_2.4.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "frr: crash from malformed EOR-containing BGP UPDATE message"
}
]
}
RHSA-2024:1113
Vulnerability from csaf_redhat - Published: 2024-03-05 15:10 - Updated: 2026-03-18 02:33Summary
Red Hat Security Advisory: frr security update
Severity
Moderate
Notes
Topic: An update for frr is now available for Red Hat Enterprise Linux 8.6 Extended Update Support.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details: FRRouting is free software that manages TCP/IP based routing protocols. It supports BGP4, OSPFv2, OSPFv3, ISIS, RIP, RIPng, PIM, NHRP, PBR, EIGRP and BFD.
Security Fix(es):
* ffr: Flowspec overflow in bgpd/bgp_flowspec.c (CVE-2023-38406)
* ffr: Out of bounds read in bgpd/bgp_label.c (CVE-2023-38407)
* frr: crash from specially crafted MP_UNREACH_NLRI-containing BGP UPDATE message (CVE-2023-47234)
* frr: crash from malformed EOR-containing BGP UPDATE message (CVE-2023-47235)
Bug Fix(es):
* Zebra not fetching host routes (RHEL-24695)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A flaw was found in bgpd/bgp_flowspec.c in the FFrouting BGP protocol code. An overflow may occur while processing zero length NLRI messages.
7.5 (High)
Affected products
Fixed
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-8.6.0.Z.EUS:frr-0:7.5-11.el8_6.7.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.Z.EUS:frr-0:7.5-11.el8_6.7.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.Z.EUS:frr-0:7.5-11.el8_6.7.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.Z.EUS:frr-0:7.5-11.el8_6.7.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.Z.EUS:frr-0:7.5-11.el8_6.7.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.Z.EUS:frr-debuginfo-0:7.5-11.el8_6.7.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.Z.EUS:frr-debuginfo-0:7.5-11.el8_6.7.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.Z.EUS:frr-debuginfo-0:7.5-11.el8_6.7.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.Z.EUS:frr-debuginfo-0:7.5-11.el8_6.7.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.Z.EUS:frr-debugsource-0:7.5-11.el8_6.7.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.Z.EUS:frr-debugsource-0:7.5-11.el8_6.7.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.Z.EUS:frr-debugsource-0:7.5-11.el8_6.7.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.Z.EUS:frr-debugsource-0:7.5-11.el8_6.7.x86_64 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
An out-of-bounds read flaw was found in FFrounting beyond the end of the stream during labeled unicast parsing. This issue may lead to application crash and denial of service.
7.5 (High)
Affected products
Fixed
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-8.6.0.Z.EUS:frr-0:7.5-11.el8_6.7.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.Z.EUS:frr-0:7.5-11.el8_6.7.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.Z.EUS:frr-0:7.5-11.el8_6.7.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.Z.EUS:frr-0:7.5-11.el8_6.7.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.Z.EUS:frr-0:7.5-11.el8_6.7.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.Z.EUS:frr-debuginfo-0:7.5-11.el8_6.7.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.Z.EUS:frr-debuginfo-0:7.5-11.el8_6.7.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.Z.EUS:frr-debuginfo-0:7.5-11.el8_6.7.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.Z.EUS:frr-debuginfo-0:7.5-11.el8_6.7.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.Z.EUS:frr-debugsource-0:7.5-11.el8_6.7.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.Z.EUS:frr-debugsource-0:7.5-11.el8_6.7.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.Z.EUS:frr-debugsource-0:7.5-11.el8_6.7.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.Z.EUS:frr-debugsource-0:7.5-11.el8_6.7.x86_64 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
A flaw was found in frr. A crash can occur when processing a crafted BGP UPDATE message with a MP_UNREACH_NLRI attribute and additional NLRI data that lacks mandatory path attributes.
7.5 (High)
Affected products
Fixed
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-8.6.0.Z.EUS:frr-0:7.5-11.el8_6.7.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.Z.EUS:frr-0:7.5-11.el8_6.7.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.Z.EUS:frr-0:7.5-11.el8_6.7.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.Z.EUS:frr-0:7.5-11.el8_6.7.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.Z.EUS:frr-0:7.5-11.el8_6.7.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.Z.EUS:frr-debuginfo-0:7.5-11.el8_6.7.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.Z.EUS:frr-debuginfo-0:7.5-11.el8_6.7.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.Z.EUS:frr-debuginfo-0:7.5-11.el8_6.7.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.Z.EUS:frr-debuginfo-0:7.5-11.el8_6.7.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.Z.EUS:frr-debugsource-0:7.5-11.el8_6.7.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.Z.EUS:frr-debugsource-0:7.5-11.el8_6.7.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.Z.EUS:frr-debugsource-0:7.5-11.el8_6.7.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.Z.EUS:frr-debugsource-0:7.5-11.el8_6.7.x86_64 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
An issue was found in FRRouting FRR, where a crash may occur when processing a malformed BGP UPDATE message with an EOR.
7.5 (High)
Affected products
Fixed
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-8.6.0.Z.EUS:frr-0:7.5-11.el8_6.7.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.Z.EUS:frr-0:7.5-11.el8_6.7.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.Z.EUS:frr-0:7.5-11.el8_6.7.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.Z.EUS:frr-0:7.5-11.el8_6.7.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.Z.EUS:frr-0:7.5-11.el8_6.7.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.Z.EUS:frr-debuginfo-0:7.5-11.el8_6.7.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.Z.EUS:frr-debuginfo-0:7.5-11.el8_6.7.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.Z.EUS:frr-debuginfo-0:7.5-11.el8_6.7.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.Z.EUS:frr-debuginfo-0:7.5-11.el8_6.7.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.Z.EUS:frr-debugsource-0:7.5-11.el8_6.7.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.Z.EUS:frr-debugsource-0:7.5-11.el8_6.7.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.Z.EUS:frr-debugsource-0:7.5-11.el8_6.7.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.Z.EUS:frr-debugsource-0:7.5-11.el8_6.7.x86_64 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
References
26 references
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for frr is now available for Red Hat Enterprise Linux 8.6 Extended Update Support.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "FRRouting is free software that manages TCP/IP based routing protocols. It supports BGP4, OSPFv2, OSPFv3, ISIS, RIP, RIPng, PIM, NHRP, PBR, EIGRP and BFD. \n\nSecurity Fix(es):\n\n* ffr: Flowspec overflow in bgpd/bgp_flowspec.c (CVE-2023-38406)\n\n* ffr: Out of bounds read in bgpd/bgp_label.c (CVE-2023-38407)\n\n* frr: crash from specially crafted MP_UNREACH_NLRI-containing BGP UPDATE message (CVE-2023-47234)\n\n* frr: crash from malformed EOR-containing BGP UPDATE message (CVE-2023-47235)\n\nBug Fix(es):\n\n* Zebra not fetching host routes (RHEL-24695)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2024:1113",
"url": "https://access.redhat.com/errata/RHSA-2024:1113"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "2248207",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2248207"
},
{
"category": "external",
"summary": "2248208",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2248208"
},
{
"category": "external",
"summary": "2248526",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2248526"
},
{
"category": "external",
"summary": "2248528",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2248528"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_1113.json"
}
],
"title": "Red Hat Security Advisory: frr security update",
"tracking": {
"current_release_date": "2026-03-18T02:33:03+00:00",
"generator": {
"date": "2026-03-18T02:33:03+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.7.3"
}
},
"id": "RHSA-2024:1113",
"initial_release_date": "2024-03-05T15:10:22+00:00",
"revision_history": [
{
"date": "2024-03-05T15:10:22+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2024-03-05T15:10:22+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-03-18T02:33:03+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux AppStream EUS (v.8.6)",
"product": {
"name": "Red Hat Enterprise Linux AppStream EUS (v.8.6)",
"product_id": "AppStream-8.6.0.Z.EUS",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_eus:8.6::appstream"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "frr-0:7.5-11.el8_6.7.src",
"product": {
"name": "frr-0:7.5-11.el8_6.7.src",
"product_id": "frr-0:7.5-11.el8_6.7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/frr@7.5-11.el8_6.7?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "frr-0:7.5-11.el8_6.7.aarch64",
"product": {
"name": "frr-0:7.5-11.el8_6.7.aarch64",
"product_id": "frr-0:7.5-11.el8_6.7.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/frr@7.5-11.el8_6.7?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "frr-debugsource-0:7.5-11.el8_6.7.aarch64",
"product": {
"name": "frr-debugsource-0:7.5-11.el8_6.7.aarch64",
"product_id": "frr-debugsource-0:7.5-11.el8_6.7.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/frr-debugsource@7.5-11.el8_6.7?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "frr-debuginfo-0:7.5-11.el8_6.7.aarch64",
"product": {
"name": "frr-debuginfo-0:7.5-11.el8_6.7.aarch64",
"product_id": "frr-debuginfo-0:7.5-11.el8_6.7.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/frr-debuginfo@7.5-11.el8_6.7?arch=aarch64"
}
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "frr-0:7.5-11.el8_6.7.ppc64le",
"product": {
"name": "frr-0:7.5-11.el8_6.7.ppc64le",
"product_id": "frr-0:7.5-11.el8_6.7.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/frr@7.5-11.el8_6.7?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "frr-debugsource-0:7.5-11.el8_6.7.ppc64le",
"product": {
"name": "frr-debugsource-0:7.5-11.el8_6.7.ppc64le",
"product_id": "frr-debugsource-0:7.5-11.el8_6.7.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/frr-debugsource@7.5-11.el8_6.7?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "frr-debuginfo-0:7.5-11.el8_6.7.ppc64le",
"product": {
"name": "frr-debuginfo-0:7.5-11.el8_6.7.ppc64le",
"product_id": "frr-debuginfo-0:7.5-11.el8_6.7.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/frr-debuginfo@7.5-11.el8_6.7?arch=ppc64le"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "frr-0:7.5-11.el8_6.7.x86_64",
"product": {
"name": "frr-0:7.5-11.el8_6.7.x86_64",
"product_id": "frr-0:7.5-11.el8_6.7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/frr@7.5-11.el8_6.7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "frr-debugsource-0:7.5-11.el8_6.7.x86_64",
"product": {
"name": "frr-debugsource-0:7.5-11.el8_6.7.x86_64",
"product_id": "frr-debugsource-0:7.5-11.el8_6.7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/frr-debugsource@7.5-11.el8_6.7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "frr-debuginfo-0:7.5-11.el8_6.7.x86_64",
"product": {
"name": "frr-debuginfo-0:7.5-11.el8_6.7.x86_64",
"product_id": "frr-debuginfo-0:7.5-11.el8_6.7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/frr-debuginfo@7.5-11.el8_6.7?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "frr-0:7.5-11.el8_6.7.s390x",
"product": {
"name": "frr-0:7.5-11.el8_6.7.s390x",
"product_id": "frr-0:7.5-11.el8_6.7.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/frr@7.5-11.el8_6.7?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "frr-debugsource-0:7.5-11.el8_6.7.s390x",
"product": {
"name": "frr-debugsource-0:7.5-11.el8_6.7.s390x",
"product_id": "frr-debugsource-0:7.5-11.el8_6.7.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/frr-debugsource@7.5-11.el8_6.7?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "frr-debuginfo-0:7.5-11.el8_6.7.s390x",
"product": {
"name": "frr-debuginfo-0:7.5-11.el8_6.7.s390x",
"product_id": "frr-debuginfo-0:7.5-11.el8_6.7.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/frr-debuginfo@7.5-11.el8_6.7?arch=s390x"
}
}
}
],
"category": "architecture",
"name": "s390x"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "frr-0:7.5-11.el8_6.7.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.6)",
"product_id": "AppStream-8.6.0.Z.EUS:frr-0:7.5-11.el8_6.7.aarch64"
},
"product_reference": "frr-0:7.5-11.el8_6.7.aarch64",
"relates_to_product_reference": "AppStream-8.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "frr-0:7.5-11.el8_6.7.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.8.6)",
"product_id": "AppStream-8.6.0.Z.EUS:frr-0:7.5-11.el8_6.7.ppc64le"
},
"product_reference": "frr-0:7.5-11.el8_6.7.ppc64le",
"relates_to_product_reference": "AppStream-8.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "frr-0:7.5-11.el8_6.7.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.8.6)",
"product_id": "AppStream-8.6.0.Z.EUS:frr-0:7.5-11.el8_6.7.s390x"
},
"product_reference": "frr-0:7.5-11.el8_6.7.s390x",
"relates_to_product_reference": "AppStream-8.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "frr-0:7.5-11.el8_6.7.src as a component of Red Hat Enterprise Linux AppStream EUS (v.8.6)",
"product_id": "AppStream-8.6.0.Z.EUS:frr-0:7.5-11.el8_6.7.src"
},
"product_reference": "frr-0:7.5-11.el8_6.7.src",
"relates_to_product_reference": "AppStream-8.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "frr-0:7.5-11.el8_6.7.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.6)",
"product_id": "AppStream-8.6.0.Z.EUS:frr-0:7.5-11.el8_6.7.x86_64"
},
"product_reference": "frr-0:7.5-11.el8_6.7.x86_64",
"relates_to_product_reference": "AppStream-8.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "frr-debuginfo-0:7.5-11.el8_6.7.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.6)",
"product_id": "AppStream-8.6.0.Z.EUS:frr-debuginfo-0:7.5-11.el8_6.7.aarch64"
},
"product_reference": "frr-debuginfo-0:7.5-11.el8_6.7.aarch64",
"relates_to_product_reference": "AppStream-8.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "frr-debuginfo-0:7.5-11.el8_6.7.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.8.6)",
"product_id": "AppStream-8.6.0.Z.EUS:frr-debuginfo-0:7.5-11.el8_6.7.ppc64le"
},
"product_reference": "frr-debuginfo-0:7.5-11.el8_6.7.ppc64le",
"relates_to_product_reference": "AppStream-8.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "frr-debuginfo-0:7.5-11.el8_6.7.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.8.6)",
"product_id": "AppStream-8.6.0.Z.EUS:frr-debuginfo-0:7.5-11.el8_6.7.s390x"
},
"product_reference": "frr-debuginfo-0:7.5-11.el8_6.7.s390x",
"relates_to_product_reference": "AppStream-8.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "frr-debuginfo-0:7.5-11.el8_6.7.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.6)",
"product_id": "AppStream-8.6.0.Z.EUS:frr-debuginfo-0:7.5-11.el8_6.7.x86_64"
},
"product_reference": "frr-debuginfo-0:7.5-11.el8_6.7.x86_64",
"relates_to_product_reference": "AppStream-8.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "frr-debugsource-0:7.5-11.el8_6.7.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.6)",
"product_id": "AppStream-8.6.0.Z.EUS:frr-debugsource-0:7.5-11.el8_6.7.aarch64"
},
"product_reference": "frr-debugsource-0:7.5-11.el8_6.7.aarch64",
"relates_to_product_reference": "AppStream-8.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "frr-debugsource-0:7.5-11.el8_6.7.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.8.6)",
"product_id": "AppStream-8.6.0.Z.EUS:frr-debugsource-0:7.5-11.el8_6.7.ppc64le"
},
"product_reference": "frr-debugsource-0:7.5-11.el8_6.7.ppc64le",
"relates_to_product_reference": "AppStream-8.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "frr-debugsource-0:7.5-11.el8_6.7.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.8.6)",
"product_id": "AppStream-8.6.0.Z.EUS:frr-debugsource-0:7.5-11.el8_6.7.s390x"
},
"product_reference": "frr-debugsource-0:7.5-11.el8_6.7.s390x",
"relates_to_product_reference": "AppStream-8.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "frr-debugsource-0:7.5-11.el8_6.7.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.6)",
"product_id": "AppStream-8.6.0.Z.EUS:frr-debugsource-0:7.5-11.el8_6.7.x86_64"
},
"product_reference": "frr-debugsource-0:7.5-11.el8_6.7.x86_64",
"relates_to_product_reference": "AppStream-8.6.0.Z.EUS"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-38406",
"cwe": {
"id": "CWE-119",
"name": "Improper Restriction of Operations within the Bounds of a Memory Buffer"
},
"discovery_date": "2023-11-06T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2248526"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in bgpd/bgp_flowspec.c in the FFrouting BGP protocol code. An overflow may occur while processing zero length NLRI messages.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "ffr: Flowspec overflow in bgpd/bgp_flowspec.c",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat OpenStack Platform does not ship its own version of the frr package, instead using the version from the underlying Red Hat Enterprise Linux. RHOSP is marked as Not Affected as no changes need to be made by the OpenStack engineering team. System administrators of OpenStack deployments should apply updates once available in RHEL.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.6.0.Z.EUS:frr-0:7.5-11.el8_6.7.aarch64",
"AppStream-8.6.0.Z.EUS:frr-0:7.5-11.el8_6.7.ppc64le",
"AppStream-8.6.0.Z.EUS:frr-0:7.5-11.el8_6.7.s390x",
"AppStream-8.6.0.Z.EUS:frr-0:7.5-11.el8_6.7.src",
"AppStream-8.6.0.Z.EUS:frr-0:7.5-11.el8_6.7.x86_64",
"AppStream-8.6.0.Z.EUS:frr-debuginfo-0:7.5-11.el8_6.7.aarch64",
"AppStream-8.6.0.Z.EUS:frr-debuginfo-0:7.5-11.el8_6.7.ppc64le",
"AppStream-8.6.0.Z.EUS:frr-debuginfo-0:7.5-11.el8_6.7.s390x",
"AppStream-8.6.0.Z.EUS:frr-debuginfo-0:7.5-11.el8_6.7.x86_64",
"AppStream-8.6.0.Z.EUS:frr-debugsource-0:7.5-11.el8_6.7.aarch64",
"AppStream-8.6.0.Z.EUS:frr-debugsource-0:7.5-11.el8_6.7.ppc64le",
"AppStream-8.6.0.Z.EUS:frr-debugsource-0:7.5-11.el8_6.7.s390x",
"AppStream-8.6.0.Z.EUS:frr-debugsource-0:7.5-11.el8_6.7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-38406"
},
{
"category": "external",
"summary": "RHBZ#2248526",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2248526"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-38406",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38406"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-38406",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-38406"
},
{
"category": "external",
"summary": "https://github.com/FRRouting/frr/pull/12884",
"url": "https://github.com/FRRouting/frr/pull/12884"
}
],
"release_date": "2023-02-24T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-03-05T15:10:22+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.6.0.Z.EUS:frr-0:7.5-11.el8_6.7.aarch64",
"AppStream-8.6.0.Z.EUS:frr-0:7.5-11.el8_6.7.ppc64le",
"AppStream-8.6.0.Z.EUS:frr-0:7.5-11.el8_6.7.s390x",
"AppStream-8.6.0.Z.EUS:frr-0:7.5-11.el8_6.7.src",
"AppStream-8.6.0.Z.EUS:frr-0:7.5-11.el8_6.7.x86_64",
"AppStream-8.6.0.Z.EUS:frr-debuginfo-0:7.5-11.el8_6.7.aarch64",
"AppStream-8.6.0.Z.EUS:frr-debuginfo-0:7.5-11.el8_6.7.ppc64le",
"AppStream-8.6.0.Z.EUS:frr-debuginfo-0:7.5-11.el8_6.7.s390x",
"AppStream-8.6.0.Z.EUS:frr-debuginfo-0:7.5-11.el8_6.7.x86_64",
"AppStream-8.6.0.Z.EUS:frr-debugsource-0:7.5-11.el8_6.7.aarch64",
"AppStream-8.6.0.Z.EUS:frr-debugsource-0:7.5-11.el8_6.7.ppc64le",
"AppStream-8.6.0.Z.EUS:frr-debugsource-0:7.5-11.el8_6.7.s390x",
"AppStream-8.6.0.Z.EUS:frr-debugsource-0:7.5-11.el8_6.7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:1113"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"AppStream-8.6.0.Z.EUS:frr-0:7.5-11.el8_6.7.aarch64",
"AppStream-8.6.0.Z.EUS:frr-0:7.5-11.el8_6.7.ppc64le",
"AppStream-8.6.0.Z.EUS:frr-0:7.5-11.el8_6.7.s390x",
"AppStream-8.6.0.Z.EUS:frr-0:7.5-11.el8_6.7.src",
"AppStream-8.6.0.Z.EUS:frr-0:7.5-11.el8_6.7.x86_64",
"AppStream-8.6.0.Z.EUS:frr-debuginfo-0:7.5-11.el8_6.7.aarch64",
"AppStream-8.6.0.Z.EUS:frr-debuginfo-0:7.5-11.el8_6.7.ppc64le",
"AppStream-8.6.0.Z.EUS:frr-debuginfo-0:7.5-11.el8_6.7.s390x",
"AppStream-8.6.0.Z.EUS:frr-debuginfo-0:7.5-11.el8_6.7.x86_64",
"AppStream-8.6.0.Z.EUS:frr-debugsource-0:7.5-11.el8_6.7.aarch64",
"AppStream-8.6.0.Z.EUS:frr-debugsource-0:7.5-11.el8_6.7.ppc64le",
"AppStream-8.6.0.Z.EUS:frr-debugsource-0:7.5-11.el8_6.7.s390x",
"AppStream-8.6.0.Z.EUS:frr-debugsource-0:7.5-11.el8_6.7.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-8.6.0.Z.EUS:frr-0:7.5-11.el8_6.7.aarch64",
"AppStream-8.6.0.Z.EUS:frr-0:7.5-11.el8_6.7.ppc64le",
"AppStream-8.6.0.Z.EUS:frr-0:7.5-11.el8_6.7.s390x",
"AppStream-8.6.0.Z.EUS:frr-0:7.5-11.el8_6.7.src",
"AppStream-8.6.0.Z.EUS:frr-0:7.5-11.el8_6.7.x86_64",
"AppStream-8.6.0.Z.EUS:frr-debuginfo-0:7.5-11.el8_6.7.aarch64",
"AppStream-8.6.0.Z.EUS:frr-debuginfo-0:7.5-11.el8_6.7.ppc64le",
"AppStream-8.6.0.Z.EUS:frr-debuginfo-0:7.5-11.el8_6.7.s390x",
"AppStream-8.6.0.Z.EUS:frr-debuginfo-0:7.5-11.el8_6.7.x86_64",
"AppStream-8.6.0.Z.EUS:frr-debugsource-0:7.5-11.el8_6.7.aarch64",
"AppStream-8.6.0.Z.EUS:frr-debugsource-0:7.5-11.el8_6.7.ppc64le",
"AppStream-8.6.0.Z.EUS:frr-debugsource-0:7.5-11.el8_6.7.s390x",
"AppStream-8.6.0.Z.EUS:frr-debugsource-0:7.5-11.el8_6.7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "ffr: Flowspec overflow in bgpd/bgp_flowspec.c"
},
{
"cve": "CVE-2023-38407",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"discovery_date": "2023-11-06T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2248528"
}
],
"notes": [
{
"category": "description",
"text": "An out-of-bounds read flaw was found in FFrounting beyond the end of the stream during labeled unicast parsing. This issue may lead to application crash and denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "ffr: Out of bounds read in bgpd/bgp_label.c",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat OpenStack Platform does not ship its own version of the frr package, instead using the version from the underlying Red Hat Enterprise Linux. RHOSP is marked as Not Affected as no changes need to be made by the OpenStack engineering team. System administrators of OpenStack deployments should apply updates once available in RHEL.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.6.0.Z.EUS:frr-0:7.5-11.el8_6.7.aarch64",
"AppStream-8.6.0.Z.EUS:frr-0:7.5-11.el8_6.7.ppc64le",
"AppStream-8.6.0.Z.EUS:frr-0:7.5-11.el8_6.7.s390x",
"AppStream-8.6.0.Z.EUS:frr-0:7.5-11.el8_6.7.src",
"AppStream-8.6.0.Z.EUS:frr-0:7.5-11.el8_6.7.x86_64",
"AppStream-8.6.0.Z.EUS:frr-debuginfo-0:7.5-11.el8_6.7.aarch64",
"AppStream-8.6.0.Z.EUS:frr-debuginfo-0:7.5-11.el8_6.7.ppc64le",
"AppStream-8.6.0.Z.EUS:frr-debuginfo-0:7.5-11.el8_6.7.s390x",
"AppStream-8.6.0.Z.EUS:frr-debuginfo-0:7.5-11.el8_6.7.x86_64",
"AppStream-8.6.0.Z.EUS:frr-debugsource-0:7.5-11.el8_6.7.aarch64",
"AppStream-8.6.0.Z.EUS:frr-debugsource-0:7.5-11.el8_6.7.ppc64le",
"AppStream-8.6.0.Z.EUS:frr-debugsource-0:7.5-11.el8_6.7.s390x",
"AppStream-8.6.0.Z.EUS:frr-debugsource-0:7.5-11.el8_6.7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-38407"
},
{
"category": "external",
"summary": "RHBZ#2248528",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2248528"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-38407",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38407"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-38407",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-38407"
},
{
"category": "external",
"summary": "https://github.com/FRRouting/frr/pull/12951",
"url": "https://github.com/FRRouting/frr/pull/12951"
},
{
"category": "external",
"summary": "https://github.com/FRRouting/frr/pull/12956",
"url": "https://github.com/FRRouting/frr/pull/12956"
}
],
"release_date": "2023-03-05T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-03-05T15:10:22+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.6.0.Z.EUS:frr-0:7.5-11.el8_6.7.aarch64",
"AppStream-8.6.0.Z.EUS:frr-0:7.5-11.el8_6.7.ppc64le",
"AppStream-8.6.0.Z.EUS:frr-0:7.5-11.el8_6.7.s390x",
"AppStream-8.6.0.Z.EUS:frr-0:7.5-11.el8_6.7.src",
"AppStream-8.6.0.Z.EUS:frr-0:7.5-11.el8_6.7.x86_64",
"AppStream-8.6.0.Z.EUS:frr-debuginfo-0:7.5-11.el8_6.7.aarch64",
"AppStream-8.6.0.Z.EUS:frr-debuginfo-0:7.5-11.el8_6.7.ppc64le",
"AppStream-8.6.0.Z.EUS:frr-debuginfo-0:7.5-11.el8_6.7.s390x",
"AppStream-8.6.0.Z.EUS:frr-debuginfo-0:7.5-11.el8_6.7.x86_64",
"AppStream-8.6.0.Z.EUS:frr-debugsource-0:7.5-11.el8_6.7.aarch64",
"AppStream-8.6.0.Z.EUS:frr-debugsource-0:7.5-11.el8_6.7.ppc64le",
"AppStream-8.6.0.Z.EUS:frr-debugsource-0:7.5-11.el8_6.7.s390x",
"AppStream-8.6.0.Z.EUS:frr-debugsource-0:7.5-11.el8_6.7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:1113"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"AppStream-8.6.0.Z.EUS:frr-0:7.5-11.el8_6.7.aarch64",
"AppStream-8.6.0.Z.EUS:frr-0:7.5-11.el8_6.7.ppc64le",
"AppStream-8.6.0.Z.EUS:frr-0:7.5-11.el8_6.7.s390x",
"AppStream-8.6.0.Z.EUS:frr-0:7.5-11.el8_6.7.src",
"AppStream-8.6.0.Z.EUS:frr-0:7.5-11.el8_6.7.x86_64",
"AppStream-8.6.0.Z.EUS:frr-debuginfo-0:7.5-11.el8_6.7.aarch64",
"AppStream-8.6.0.Z.EUS:frr-debuginfo-0:7.5-11.el8_6.7.ppc64le",
"AppStream-8.6.0.Z.EUS:frr-debuginfo-0:7.5-11.el8_6.7.s390x",
"AppStream-8.6.0.Z.EUS:frr-debuginfo-0:7.5-11.el8_6.7.x86_64",
"AppStream-8.6.0.Z.EUS:frr-debugsource-0:7.5-11.el8_6.7.aarch64",
"AppStream-8.6.0.Z.EUS:frr-debugsource-0:7.5-11.el8_6.7.ppc64le",
"AppStream-8.6.0.Z.EUS:frr-debugsource-0:7.5-11.el8_6.7.s390x",
"AppStream-8.6.0.Z.EUS:frr-debugsource-0:7.5-11.el8_6.7.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-8.6.0.Z.EUS:frr-0:7.5-11.el8_6.7.aarch64",
"AppStream-8.6.0.Z.EUS:frr-0:7.5-11.el8_6.7.ppc64le",
"AppStream-8.6.0.Z.EUS:frr-0:7.5-11.el8_6.7.s390x",
"AppStream-8.6.0.Z.EUS:frr-0:7.5-11.el8_6.7.src",
"AppStream-8.6.0.Z.EUS:frr-0:7.5-11.el8_6.7.x86_64",
"AppStream-8.6.0.Z.EUS:frr-debuginfo-0:7.5-11.el8_6.7.aarch64",
"AppStream-8.6.0.Z.EUS:frr-debuginfo-0:7.5-11.el8_6.7.ppc64le",
"AppStream-8.6.0.Z.EUS:frr-debuginfo-0:7.5-11.el8_6.7.s390x",
"AppStream-8.6.0.Z.EUS:frr-debuginfo-0:7.5-11.el8_6.7.x86_64",
"AppStream-8.6.0.Z.EUS:frr-debugsource-0:7.5-11.el8_6.7.aarch64",
"AppStream-8.6.0.Z.EUS:frr-debugsource-0:7.5-11.el8_6.7.ppc64le",
"AppStream-8.6.0.Z.EUS:frr-debugsource-0:7.5-11.el8_6.7.s390x",
"AppStream-8.6.0.Z.EUS:frr-debugsource-0:7.5-11.el8_6.7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "ffr: Out of bounds read in bgpd/bgp_label.c"
},
{
"cve": "CVE-2023-47234",
"discovery_date": "2023-11-06T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2248208"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in frr. A crash can occur when processing a crafted BGP UPDATE message with a MP_UNREACH_NLRI attribute and additional NLRI data that lacks mandatory path attributes.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "frr: crash from specially crafted MP_UNREACH_NLRI-containing BGP UPDATE message",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat OpenStack Platform does not ship its own version of the frr package, instead using the version from the underlying Red Hat Enterprise Linux. RHOSP is marked as Not Affected as no changes need to be made by the OpenStack engineering team. System administrators of OpenStack deployments should apply updates once available in RHEL.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.6.0.Z.EUS:frr-0:7.5-11.el8_6.7.aarch64",
"AppStream-8.6.0.Z.EUS:frr-0:7.5-11.el8_6.7.ppc64le",
"AppStream-8.6.0.Z.EUS:frr-0:7.5-11.el8_6.7.s390x",
"AppStream-8.6.0.Z.EUS:frr-0:7.5-11.el8_6.7.src",
"AppStream-8.6.0.Z.EUS:frr-0:7.5-11.el8_6.7.x86_64",
"AppStream-8.6.0.Z.EUS:frr-debuginfo-0:7.5-11.el8_6.7.aarch64",
"AppStream-8.6.0.Z.EUS:frr-debuginfo-0:7.5-11.el8_6.7.ppc64le",
"AppStream-8.6.0.Z.EUS:frr-debuginfo-0:7.5-11.el8_6.7.s390x",
"AppStream-8.6.0.Z.EUS:frr-debuginfo-0:7.5-11.el8_6.7.x86_64",
"AppStream-8.6.0.Z.EUS:frr-debugsource-0:7.5-11.el8_6.7.aarch64",
"AppStream-8.6.0.Z.EUS:frr-debugsource-0:7.5-11.el8_6.7.ppc64le",
"AppStream-8.6.0.Z.EUS:frr-debugsource-0:7.5-11.el8_6.7.s390x",
"AppStream-8.6.0.Z.EUS:frr-debugsource-0:7.5-11.el8_6.7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-47234"
},
{
"category": "external",
"summary": "RHBZ#2248208",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2248208"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-47234",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-47234"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-47234",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-47234"
}
],
"release_date": "2023-11-03T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-03-05T15:10:22+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.6.0.Z.EUS:frr-0:7.5-11.el8_6.7.aarch64",
"AppStream-8.6.0.Z.EUS:frr-0:7.5-11.el8_6.7.ppc64le",
"AppStream-8.6.0.Z.EUS:frr-0:7.5-11.el8_6.7.s390x",
"AppStream-8.6.0.Z.EUS:frr-0:7.5-11.el8_6.7.src",
"AppStream-8.6.0.Z.EUS:frr-0:7.5-11.el8_6.7.x86_64",
"AppStream-8.6.0.Z.EUS:frr-debuginfo-0:7.5-11.el8_6.7.aarch64",
"AppStream-8.6.0.Z.EUS:frr-debuginfo-0:7.5-11.el8_6.7.ppc64le",
"AppStream-8.6.0.Z.EUS:frr-debuginfo-0:7.5-11.el8_6.7.s390x",
"AppStream-8.6.0.Z.EUS:frr-debuginfo-0:7.5-11.el8_6.7.x86_64",
"AppStream-8.6.0.Z.EUS:frr-debugsource-0:7.5-11.el8_6.7.aarch64",
"AppStream-8.6.0.Z.EUS:frr-debugsource-0:7.5-11.el8_6.7.ppc64le",
"AppStream-8.6.0.Z.EUS:frr-debugsource-0:7.5-11.el8_6.7.s390x",
"AppStream-8.6.0.Z.EUS:frr-debugsource-0:7.5-11.el8_6.7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:1113"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"AppStream-8.6.0.Z.EUS:frr-0:7.5-11.el8_6.7.aarch64",
"AppStream-8.6.0.Z.EUS:frr-0:7.5-11.el8_6.7.ppc64le",
"AppStream-8.6.0.Z.EUS:frr-0:7.5-11.el8_6.7.s390x",
"AppStream-8.6.0.Z.EUS:frr-0:7.5-11.el8_6.7.src",
"AppStream-8.6.0.Z.EUS:frr-0:7.5-11.el8_6.7.x86_64",
"AppStream-8.6.0.Z.EUS:frr-debuginfo-0:7.5-11.el8_6.7.aarch64",
"AppStream-8.6.0.Z.EUS:frr-debuginfo-0:7.5-11.el8_6.7.ppc64le",
"AppStream-8.6.0.Z.EUS:frr-debuginfo-0:7.5-11.el8_6.7.s390x",
"AppStream-8.6.0.Z.EUS:frr-debuginfo-0:7.5-11.el8_6.7.x86_64",
"AppStream-8.6.0.Z.EUS:frr-debugsource-0:7.5-11.el8_6.7.aarch64",
"AppStream-8.6.0.Z.EUS:frr-debugsource-0:7.5-11.el8_6.7.ppc64le",
"AppStream-8.6.0.Z.EUS:frr-debugsource-0:7.5-11.el8_6.7.s390x",
"AppStream-8.6.0.Z.EUS:frr-debugsource-0:7.5-11.el8_6.7.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-8.6.0.Z.EUS:frr-0:7.5-11.el8_6.7.aarch64",
"AppStream-8.6.0.Z.EUS:frr-0:7.5-11.el8_6.7.ppc64le",
"AppStream-8.6.0.Z.EUS:frr-0:7.5-11.el8_6.7.s390x",
"AppStream-8.6.0.Z.EUS:frr-0:7.5-11.el8_6.7.src",
"AppStream-8.6.0.Z.EUS:frr-0:7.5-11.el8_6.7.x86_64",
"AppStream-8.6.0.Z.EUS:frr-debuginfo-0:7.5-11.el8_6.7.aarch64",
"AppStream-8.6.0.Z.EUS:frr-debuginfo-0:7.5-11.el8_6.7.ppc64le",
"AppStream-8.6.0.Z.EUS:frr-debuginfo-0:7.5-11.el8_6.7.s390x",
"AppStream-8.6.0.Z.EUS:frr-debuginfo-0:7.5-11.el8_6.7.x86_64",
"AppStream-8.6.0.Z.EUS:frr-debugsource-0:7.5-11.el8_6.7.aarch64",
"AppStream-8.6.0.Z.EUS:frr-debugsource-0:7.5-11.el8_6.7.ppc64le",
"AppStream-8.6.0.Z.EUS:frr-debugsource-0:7.5-11.el8_6.7.s390x",
"AppStream-8.6.0.Z.EUS:frr-debugsource-0:7.5-11.el8_6.7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "frr: crash from specially crafted MP_UNREACH_NLRI-containing BGP UPDATE message"
},
{
"cve": "CVE-2023-47235",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2023-11-06T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2248207"
}
],
"notes": [
{
"category": "description",
"text": "An issue was found in FRRouting FRR, where a crash may occur when processing a malformed BGP UPDATE message with an EOR.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "frr: crash from malformed EOR-containing BGP UPDATE message",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "A moderate severity issue has been identified in FRRouting FRR, where a crash may occur when processing a malformed BGP UPDATE message with an EOR. It\u0027s important to note that Red Hat OpenStack Platform (RHOSP) is not directly affected, as it utilises the version from the underlying Red Hat Enterprise Linux and is marked as Not Affected, with no changes required by the OpenStack engineering team. However, system administrators of OpenStack deployments are advised to apply updates once available in RHEL to mitigate potential risks. Additionally, this flaw is discovered through fuzzing, where, in normal cases, such packets cannot exist.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.6.0.Z.EUS:frr-0:7.5-11.el8_6.7.aarch64",
"AppStream-8.6.0.Z.EUS:frr-0:7.5-11.el8_6.7.ppc64le",
"AppStream-8.6.0.Z.EUS:frr-0:7.5-11.el8_6.7.s390x",
"AppStream-8.6.0.Z.EUS:frr-0:7.5-11.el8_6.7.src",
"AppStream-8.6.0.Z.EUS:frr-0:7.5-11.el8_6.7.x86_64",
"AppStream-8.6.0.Z.EUS:frr-debuginfo-0:7.5-11.el8_6.7.aarch64",
"AppStream-8.6.0.Z.EUS:frr-debuginfo-0:7.5-11.el8_6.7.ppc64le",
"AppStream-8.6.0.Z.EUS:frr-debuginfo-0:7.5-11.el8_6.7.s390x",
"AppStream-8.6.0.Z.EUS:frr-debuginfo-0:7.5-11.el8_6.7.x86_64",
"AppStream-8.6.0.Z.EUS:frr-debugsource-0:7.5-11.el8_6.7.aarch64",
"AppStream-8.6.0.Z.EUS:frr-debugsource-0:7.5-11.el8_6.7.ppc64le",
"AppStream-8.6.0.Z.EUS:frr-debugsource-0:7.5-11.el8_6.7.s390x",
"AppStream-8.6.0.Z.EUS:frr-debugsource-0:7.5-11.el8_6.7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-47235"
},
{
"category": "external",
"summary": "RHBZ#2248207",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2248207"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-47235",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-47235"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-47235",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-47235"
}
],
"release_date": "2023-11-03T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-03-05T15:10:22+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.6.0.Z.EUS:frr-0:7.5-11.el8_6.7.aarch64",
"AppStream-8.6.0.Z.EUS:frr-0:7.5-11.el8_6.7.ppc64le",
"AppStream-8.6.0.Z.EUS:frr-0:7.5-11.el8_6.7.s390x",
"AppStream-8.6.0.Z.EUS:frr-0:7.5-11.el8_6.7.src",
"AppStream-8.6.0.Z.EUS:frr-0:7.5-11.el8_6.7.x86_64",
"AppStream-8.6.0.Z.EUS:frr-debuginfo-0:7.5-11.el8_6.7.aarch64",
"AppStream-8.6.0.Z.EUS:frr-debuginfo-0:7.5-11.el8_6.7.ppc64le",
"AppStream-8.6.0.Z.EUS:frr-debuginfo-0:7.5-11.el8_6.7.s390x",
"AppStream-8.6.0.Z.EUS:frr-debuginfo-0:7.5-11.el8_6.7.x86_64",
"AppStream-8.6.0.Z.EUS:frr-debugsource-0:7.5-11.el8_6.7.aarch64",
"AppStream-8.6.0.Z.EUS:frr-debugsource-0:7.5-11.el8_6.7.ppc64le",
"AppStream-8.6.0.Z.EUS:frr-debugsource-0:7.5-11.el8_6.7.s390x",
"AppStream-8.6.0.Z.EUS:frr-debugsource-0:7.5-11.el8_6.7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:1113"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"AppStream-8.6.0.Z.EUS:frr-0:7.5-11.el8_6.7.aarch64",
"AppStream-8.6.0.Z.EUS:frr-0:7.5-11.el8_6.7.ppc64le",
"AppStream-8.6.0.Z.EUS:frr-0:7.5-11.el8_6.7.s390x",
"AppStream-8.6.0.Z.EUS:frr-0:7.5-11.el8_6.7.src",
"AppStream-8.6.0.Z.EUS:frr-0:7.5-11.el8_6.7.x86_64",
"AppStream-8.6.0.Z.EUS:frr-debuginfo-0:7.5-11.el8_6.7.aarch64",
"AppStream-8.6.0.Z.EUS:frr-debuginfo-0:7.5-11.el8_6.7.ppc64le",
"AppStream-8.6.0.Z.EUS:frr-debuginfo-0:7.5-11.el8_6.7.s390x",
"AppStream-8.6.0.Z.EUS:frr-debuginfo-0:7.5-11.el8_6.7.x86_64",
"AppStream-8.6.0.Z.EUS:frr-debugsource-0:7.5-11.el8_6.7.aarch64",
"AppStream-8.6.0.Z.EUS:frr-debugsource-0:7.5-11.el8_6.7.ppc64le",
"AppStream-8.6.0.Z.EUS:frr-debugsource-0:7.5-11.el8_6.7.s390x",
"AppStream-8.6.0.Z.EUS:frr-debugsource-0:7.5-11.el8_6.7.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-8.6.0.Z.EUS:frr-0:7.5-11.el8_6.7.aarch64",
"AppStream-8.6.0.Z.EUS:frr-0:7.5-11.el8_6.7.ppc64le",
"AppStream-8.6.0.Z.EUS:frr-0:7.5-11.el8_6.7.s390x",
"AppStream-8.6.0.Z.EUS:frr-0:7.5-11.el8_6.7.src",
"AppStream-8.6.0.Z.EUS:frr-0:7.5-11.el8_6.7.x86_64",
"AppStream-8.6.0.Z.EUS:frr-debuginfo-0:7.5-11.el8_6.7.aarch64",
"AppStream-8.6.0.Z.EUS:frr-debuginfo-0:7.5-11.el8_6.7.ppc64le",
"AppStream-8.6.0.Z.EUS:frr-debuginfo-0:7.5-11.el8_6.7.s390x",
"AppStream-8.6.0.Z.EUS:frr-debuginfo-0:7.5-11.el8_6.7.x86_64",
"AppStream-8.6.0.Z.EUS:frr-debugsource-0:7.5-11.el8_6.7.aarch64",
"AppStream-8.6.0.Z.EUS:frr-debugsource-0:7.5-11.el8_6.7.ppc64le",
"AppStream-8.6.0.Z.EUS:frr-debugsource-0:7.5-11.el8_6.7.s390x",
"AppStream-8.6.0.Z.EUS:frr-debugsource-0:7.5-11.el8_6.7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "frr: crash from malformed EOR-containing BGP UPDATE message"
}
]
}
RHSA-2024:1152
Vulnerability from csaf_redhat - Published: 2024-03-05 18:05 - Updated: 2026-03-18 02:33Summary
Red Hat Security Advisory: frr security update
Severity
Moderate
Notes
Topic: An update for frr is now available for Red Hat Enterprise Linux 9.0 Extended Update Support.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details: FRRouting is free software that manages TCP/IP based routing protocols. It supports BGP4, OSPFv2, OSPFv3, ISIS, RIP, RIPng, PIM, NHRP, PBR, EIGRP and BFD.
Security Fix(es):
* ffr: Flowspec overflow in bgpd/bgp_flowspec.c (CVE-2023-38406)
* ffr: Out of bounds read in bgpd/bgp_label.c (CVE-2023-38407)
* frr: crash from specially crafted MP_UNREACH_NLRI-containing BGP UPDATE message (CVE-2023-47234)
* frr: crash from malformed EOR-containing BGP UPDATE message (CVE-2023-47235)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A flaw was found in bgpd/bgp_flowspec.c in the FFrouting BGP protocol code. An overflow may occur while processing zero length NLRI messages.
7.5 (High)
Affected products
Fixed
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-9.0.0.Z.EUS:frr-0:8.0-5.el9_0.3.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:frr-0:8.0-5.el9_0.3.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:frr-0:8.0-5.el9_0.3.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:frr-0:8.0-5.el9_0.3.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:frr-0:8.0-5.el9_0.3.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:frr-debuginfo-0:8.0-5.el9_0.3.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:frr-debuginfo-0:8.0-5.el9_0.3.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:frr-debuginfo-0:8.0-5.el9_0.3.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:frr-debuginfo-0:8.0-5.el9_0.3.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:frr-debugsource-0:8.0-5.el9_0.3.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:frr-debugsource-0:8.0-5.el9_0.3.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:frr-debugsource-0:8.0-5.el9_0.3.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:frr-debugsource-0:8.0-5.el9_0.3.x86_64 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
An out-of-bounds read flaw was found in FFrounting beyond the end of the stream during labeled unicast parsing. This issue may lead to application crash and denial of service.
7.5 (High)
Affected products
Fixed
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-9.0.0.Z.EUS:frr-0:8.0-5.el9_0.3.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:frr-0:8.0-5.el9_0.3.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:frr-0:8.0-5.el9_0.3.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:frr-0:8.0-5.el9_0.3.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:frr-0:8.0-5.el9_0.3.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:frr-debuginfo-0:8.0-5.el9_0.3.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:frr-debuginfo-0:8.0-5.el9_0.3.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:frr-debuginfo-0:8.0-5.el9_0.3.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:frr-debuginfo-0:8.0-5.el9_0.3.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:frr-debugsource-0:8.0-5.el9_0.3.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:frr-debugsource-0:8.0-5.el9_0.3.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:frr-debugsource-0:8.0-5.el9_0.3.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:frr-debugsource-0:8.0-5.el9_0.3.x86_64 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
A flaw was found in frr. A crash can occur when processing a crafted BGP UPDATE message with a MP_UNREACH_NLRI attribute and additional NLRI data that lacks mandatory path attributes.
7.5 (High)
Affected products
Fixed
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-9.0.0.Z.EUS:frr-0:8.0-5.el9_0.3.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:frr-0:8.0-5.el9_0.3.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:frr-0:8.0-5.el9_0.3.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:frr-0:8.0-5.el9_0.3.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:frr-0:8.0-5.el9_0.3.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:frr-debuginfo-0:8.0-5.el9_0.3.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:frr-debuginfo-0:8.0-5.el9_0.3.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:frr-debuginfo-0:8.0-5.el9_0.3.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:frr-debuginfo-0:8.0-5.el9_0.3.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:frr-debugsource-0:8.0-5.el9_0.3.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:frr-debugsource-0:8.0-5.el9_0.3.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:frr-debugsource-0:8.0-5.el9_0.3.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:frr-debugsource-0:8.0-5.el9_0.3.x86_64 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
An issue was found in FRRouting FRR, where a crash may occur when processing a malformed BGP UPDATE message with an EOR.
7.5 (High)
Affected products
Fixed
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-9.0.0.Z.EUS:frr-0:8.0-5.el9_0.3.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:frr-0:8.0-5.el9_0.3.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:frr-0:8.0-5.el9_0.3.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:frr-0:8.0-5.el9_0.3.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:frr-0:8.0-5.el9_0.3.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:frr-debuginfo-0:8.0-5.el9_0.3.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:frr-debuginfo-0:8.0-5.el9_0.3.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:frr-debuginfo-0:8.0-5.el9_0.3.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:frr-debuginfo-0:8.0-5.el9_0.3.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:frr-debugsource-0:8.0-5.el9_0.3.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:frr-debugsource-0:8.0-5.el9_0.3.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:frr-debugsource-0:8.0-5.el9_0.3.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:frr-debugsource-0:8.0-5.el9_0.3.x86_64 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
References
26 references
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for frr is now available for Red Hat Enterprise Linux 9.0 Extended Update Support.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "FRRouting is free software that manages TCP/IP based routing protocols. It supports BGP4, OSPFv2, OSPFv3, ISIS, RIP, RIPng, PIM, NHRP, PBR, EIGRP and BFD. \n\nSecurity Fix(es):\n\n* ffr: Flowspec overflow in bgpd/bgp_flowspec.c (CVE-2023-38406)\n\n* ffr: Out of bounds read in bgpd/bgp_label.c (CVE-2023-38407)\n\n* frr: crash from specially crafted MP_UNREACH_NLRI-containing BGP UPDATE message (CVE-2023-47234)\n\n* frr: crash from malformed EOR-containing BGP UPDATE message (CVE-2023-47235)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2024:1152",
"url": "https://access.redhat.com/errata/RHSA-2024:1152"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "2248207",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2248207"
},
{
"category": "external",
"summary": "2248208",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2248208"
},
{
"category": "external",
"summary": "2248526",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2248526"
},
{
"category": "external",
"summary": "2248528",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2248528"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_1152.json"
}
],
"title": "Red Hat Security Advisory: frr security update",
"tracking": {
"current_release_date": "2026-03-18T02:33:03+00:00",
"generator": {
"date": "2026-03-18T02:33:03+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.7.3"
}
},
"id": "RHSA-2024:1152",
"initial_release_date": "2024-03-05T18:05:37+00:00",
"revision_history": [
{
"date": "2024-03-05T18:05:37+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2024-03-05T18:05:37+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-03-18T02:33:03+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux AppStream EUS (v.9.0)",
"product": {
"name": "Red Hat Enterprise Linux AppStream EUS (v.9.0)",
"product_id": "AppStream-9.0.0.Z.EUS",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_eus:9.0::appstream"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "frr-0:8.0-5.el9_0.3.src",
"product": {
"name": "frr-0:8.0-5.el9_0.3.src",
"product_id": "frr-0:8.0-5.el9_0.3.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/frr@8.0-5.el9_0.3?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "frr-0:8.0-5.el9_0.3.aarch64",
"product": {
"name": "frr-0:8.0-5.el9_0.3.aarch64",
"product_id": "frr-0:8.0-5.el9_0.3.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/frr@8.0-5.el9_0.3?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "frr-debugsource-0:8.0-5.el9_0.3.aarch64",
"product": {
"name": "frr-debugsource-0:8.0-5.el9_0.3.aarch64",
"product_id": "frr-debugsource-0:8.0-5.el9_0.3.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/frr-debugsource@8.0-5.el9_0.3?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "frr-debuginfo-0:8.0-5.el9_0.3.aarch64",
"product": {
"name": "frr-debuginfo-0:8.0-5.el9_0.3.aarch64",
"product_id": "frr-debuginfo-0:8.0-5.el9_0.3.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/frr-debuginfo@8.0-5.el9_0.3?arch=aarch64"
}
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "frr-0:8.0-5.el9_0.3.ppc64le",
"product": {
"name": "frr-0:8.0-5.el9_0.3.ppc64le",
"product_id": "frr-0:8.0-5.el9_0.3.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/frr@8.0-5.el9_0.3?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "frr-debugsource-0:8.0-5.el9_0.3.ppc64le",
"product": {
"name": "frr-debugsource-0:8.0-5.el9_0.3.ppc64le",
"product_id": "frr-debugsource-0:8.0-5.el9_0.3.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/frr-debugsource@8.0-5.el9_0.3?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "frr-debuginfo-0:8.0-5.el9_0.3.ppc64le",
"product": {
"name": "frr-debuginfo-0:8.0-5.el9_0.3.ppc64le",
"product_id": "frr-debuginfo-0:8.0-5.el9_0.3.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/frr-debuginfo@8.0-5.el9_0.3?arch=ppc64le"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "frr-0:8.0-5.el9_0.3.x86_64",
"product": {
"name": "frr-0:8.0-5.el9_0.3.x86_64",
"product_id": "frr-0:8.0-5.el9_0.3.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/frr@8.0-5.el9_0.3?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "frr-debugsource-0:8.0-5.el9_0.3.x86_64",
"product": {
"name": "frr-debugsource-0:8.0-5.el9_0.3.x86_64",
"product_id": "frr-debugsource-0:8.0-5.el9_0.3.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/frr-debugsource@8.0-5.el9_0.3?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "frr-debuginfo-0:8.0-5.el9_0.3.x86_64",
"product": {
"name": "frr-debuginfo-0:8.0-5.el9_0.3.x86_64",
"product_id": "frr-debuginfo-0:8.0-5.el9_0.3.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/frr-debuginfo@8.0-5.el9_0.3?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "frr-0:8.0-5.el9_0.3.s390x",
"product": {
"name": "frr-0:8.0-5.el9_0.3.s390x",
"product_id": "frr-0:8.0-5.el9_0.3.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/frr@8.0-5.el9_0.3?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "frr-debugsource-0:8.0-5.el9_0.3.s390x",
"product": {
"name": "frr-debugsource-0:8.0-5.el9_0.3.s390x",
"product_id": "frr-debugsource-0:8.0-5.el9_0.3.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/frr-debugsource@8.0-5.el9_0.3?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "frr-debuginfo-0:8.0-5.el9_0.3.s390x",
"product": {
"name": "frr-debuginfo-0:8.0-5.el9_0.3.s390x",
"product_id": "frr-debuginfo-0:8.0-5.el9_0.3.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/frr-debuginfo@8.0-5.el9_0.3?arch=s390x"
}
}
}
],
"category": "architecture",
"name": "s390x"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "frr-0:8.0-5.el9_0.3.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.0)",
"product_id": "AppStream-9.0.0.Z.EUS:frr-0:8.0-5.el9_0.3.aarch64"
},
"product_reference": "frr-0:8.0-5.el9_0.3.aarch64",
"relates_to_product_reference": "AppStream-9.0.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "frr-0:8.0-5.el9_0.3.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.9.0)",
"product_id": "AppStream-9.0.0.Z.EUS:frr-0:8.0-5.el9_0.3.ppc64le"
},
"product_reference": "frr-0:8.0-5.el9_0.3.ppc64le",
"relates_to_product_reference": "AppStream-9.0.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "frr-0:8.0-5.el9_0.3.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.9.0)",
"product_id": "AppStream-9.0.0.Z.EUS:frr-0:8.0-5.el9_0.3.s390x"
},
"product_reference": "frr-0:8.0-5.el9_0.3.s390x",
"relates_to_product_reference": "AppStream-9.0.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "frr-0:8.0-5.el9_0.3.src as a component of Red Hat Enterprise Linux AppStream EUS (v.9.0)",
"product_id": "AppStream-9.0.0.Z.EUS:frr-0:8.0-5.el9_0.3.src"
},
"product_reference": "frr-0:8.0-5.el9_0.3.src",
"relates_to_product_reference": "AppStream-9.0.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "frr-0:8.0-5.el9_0.3.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.0)",
"product_id": "AppStream-9.0.0.Z.EUS:frr-0:8.0-5.el9_0.3.x86_64"
},
"product_reference": "frr-0:8.0-5.el9_0.3.x86_64",
"relates_to_product_reference": "AppStream-9.0.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "frr-debuginfo-0:8.0-5.el9_0.3.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.0)",
"product_id": "AppStream-9.0.0.Z.EUS:frr-debuginfo-0:8.0-5.el9_0.3.aarch64"
},
"product_reference": "frr-debuginfo-0:8.0-5.el9_0.3.aarch64",
"relates_to_product_reference": "AppStream-9.0.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "frr-debuginfo-0:8.0-5.el9_0.3.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.9.0)",
"product_id": "AppStream-9.0.0.Z.EUS:frr-debuginfo-0:8.0-5.el9_0.3.ppc64le"
},
"product_reference": "frr-debuginfo-0:8.0-5.el9_0.3.ppc64le",
"relates_to_product_reference": "AppStream-9.0.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "frr-debuginfo-0:8.0-5.el9_0.3.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.9.0)",
"product_id": "AppStream-9.0.0.Z.EUS:frr-debuginfo-0:8.0-5.el9_0.3.s390x"
},
"product_reference": "frr-debuginfo-0:8.0-5.el9_0.3.s390x",
"relates_to_product_reference": "AppStream-9.0.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "frr-debuginfo-0:8.0-5.el9_0.3.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.0)",
"product_id": "AppStream-9.0.0.Z.EUS:frr-debuginfo-0:8.0-5.el9_0.3.x86_64"
},
"product_reference": "frr-debuginfo-0:8.0-5.el9_0.3.x86_64",
"relates_to_product_reference": "AppStream-9.0.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "frr-debugsource-0:8.0-5.el9_0.3.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.0)",
"product_id": "AppStream-9.0.0.Z.EUS:frr-debugsource-0:8.0-5.el9_0.3.aarch64"
},
"product_reference": "frr-debugsource-0:8.0-5.el9_0.3.aarch64",
"relates_to_product_reference": "AppStream-9.0.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "frr-debugsource-0:8.0-5.el9_0.3.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.9.0)",
"product_id": "AppStream-9.0.0.Z.EUS:frr-debugsource-0:8.0-5.el9_0.3.ppc64le"
},
"product_reference": "frr-debugsource-0:8.0-5.el9_0.3.ppc64le",
"relates_to_product_reference": "AppStream-9.0.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "frr-debugsource-0:8.0-5.el9_0.3.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.9.0)",
"product_id": "AppStream-9.0.0.Z.EUS:frr-debugsource-0:8.0-5.el9_0.3.s390x"
},
"product_reference": "frr-debugsource-0:8.0-5.el9_0.3.s390x",
"relates_to_product_reference": "AppStream-9.0.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "frr-debugsource-0:8.0-5.el9_0.3.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.0)",
"product_id": "AppStream-9.0.0.Z.EUS:frr-debugsource-0:8.0-5.el9_0.3.x86_64"
},
"product_reference": "frr-debugsource-0:8.0-5.el9_0.3.x86_64",
"relates_to_product_reference": "AppStream-9.0.0.Z.EUS"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-38406",
"cwe": {
"id": "CWE-119",
"name": "Improper Restriction of Operations within the Bounds of a Memory Buffer"
},
"discovery_date": "2023-11-06T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2248526"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in bgpd/bgp_flowspec.c in the FFrouting BGP protocol code. An overflow may occur while processing zero length NLRI messages.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "ffr: Flowspec overflow in bgpd/bgp_flowspec.c",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat OpenStack Platform does not ship its own version of the frr package, instead using the version from the underlying Red Hat Enterprise Linux. RHOSP is marked as Not Affected as no changes need to be made by the OpenStack engineering team. System administrators of OpenStack deployments should apply updates once available in RHEL.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.0.0.Z.EUS:frr-0:8.0-5.el9_0.3.aarch64",
"AppStream-9.0.0.Z.EUS:frr-0:8.0-5.el9_0.3.ppc64le",
"AppStream-9.0.0.Z.EUS:frr-0:8.0-5.el9_0.3.s390x",
"AppStream-9.0.0.Z.EUS:frr-0:8.0-5.el9_0.3.src",
"AppStream-9.0.0.Z.EUS:frr-0:8.0-5.el9_0.3.x86_64",
"AppStream-9.0.0.Z.EUS:frr-debuginfo-0:8.0-5.el9_0.3.aarch64",
"AppStream-9.0.0.Z.EUS:frr-debuginfo-0:8.0-5.el9_0.3.ppc64le",
"AppStream-9.0.0.Z.EUS:frr-debuginfo-0:8.0-5.el9_0.3.s390x",
"AppStream-9.0.0.Z.EUS:frr-debuginfo-0:8.0-5.el9_0.3.x86_64",
"AppStream-9.0.0.Z.EUS:frr-debugsource-0:8.0-5.el9_0.3.aarch64",
"AppStream-9.0.0.Z.EUS:frr-debugsource-0:8.0-5.el9_0.3.ppc64le",
"AppStream-9.0.0.Z.EUS:frr-debugsource-0:8.0-5.el9_0.3.s390x",
"AppStream-9.0.0.Z.EUS:frr-debugsource-0:8.0-5.el9_0.3.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-38406"
},
{
"category": "external",
"summary": "RHBZ#2248526",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2248526"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-38406",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38406"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-38406",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-38406"
},
{
"category": "external",
"summary": "https://github.com/FRRouting/frr/pull/12884",
"url": "https://github.com/FRRouting/frr/pull/12884"
}
],
"release_date": "2023-02-24T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-03-05T18:05:37+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.0.0.Z.EUS:frr-0:8.0-5.el9_0.3.aarch64",
"AppStream-9.0.0.Z.EUS:frr-0:8.0-5.el9_0.3.ppc64le",
"AppStream-9.0.0.Z.EUS:frr-0:8.0-5.el9_0.3.s390x",
"AppStream-9.0.0.Z.EUS:frr-0:8.0-5.el9_0.3.src",
"AppStream-9.0.0.Z.EUS:frr-0:8.0-5.el9_0.3.x86_64",
"AppStream-9.0.0.Z.EUS:frr-debuginfo-0:8.0-5.el9_0.3.aarch64",
"AppStream-9.0.0.Z.EUS:frr-debuginfo-0:8.0-5.el9_0.3.ppc64le",
"AppStream-9.0.0.Z.EUS:frr-debuginfo-0:8.0-5.el9_0.3.s390x",
"AppStream-9.0.0.Z.EUS:frr-debuginfo-0:8.0-5.el9_0.3.x86_64",
"AppStream-9.0.0.Z.EUS:frr-debugsource-0:8.0-5.el9_0.3.aarch64",
"AppStream-9.0.0.Z.EUS:frr-debugsource-0:8.0-5.el9_0.3.ppc64le",
"AppStream-9.0.0.Z.EUS:frr-debugsource-0:8.0-5.el9_0.3.s390x",
"AppStream-9.0.0.Z.EUS:frr-debugsource-0:8.0-5.el9_0.3.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:1152"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"AppStream-9.0.0.Z.EUS:frr-0:8.0-5.el9_0.3.aarch64",
"AppStream-9.0.0.Z.EUS:frr-0:8.0-5.el9_0.3.ppc64le",
"AppStream-9.0.0.Z.EUS:frr-0:8.0-5.el9_0.3.s390x",
"AppStream-9.0.0.Z.EUS:frr-0:8.0-5.el9_0.3.src",
"AppStream-9.0.0.Z.EUS:frr-0:8.0-5.el9_0.3.x86_64",
"AppStream-9.0.0.Z.EUS:frr-debuginfo-0:8.0-5.el9_0.3.aarch64",
"AppStream-9.0.0.Z.EUS:frr-debuginfo-0:8.0-5.el9_0.3.ppc64le",
"AppStream-9.0.0.Z.EUS:frr-debuginfo-0:8.0-5.el9_0.3.s390x",
"AppStream-9.0.0.Z.EUS:frr-debuginfo-0:8.0-5.el9_0.3.x86_64",
"AppStream-9.0.0.Z.EUS:frr-debugsource-0:8.0-5.el9_0.3.aarch64",
"AppStream-9.0.0.Z.EUS:frr-debugsource-0:8.0-5.el9_0.3.ppc64le",
"AppStream-9.0.0.Z.EUS:frr-debugsource-0:8.0-5.el9_0.3.s390x",
"AppStream-9.0.0.Z.EUS:frr-debugsource-0:8.0-5.el9_0.3.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-9.0.0.Z.EUS:frr-0:8.0-5.el9_0.3.aarch64",
"AppStream-9.0.0.Z.EUS:frr-0:8.0-5.el9_0.3.ppc64le",
"AppStream-9.0.0.Z.EUS:frr-0:8.0-5.el9_0.3.s390x",
"AppStream-9.0.0.Z.EUS:frr-0:8.0-5.el9_0.3.src",
"AppStream-9.0.0.Z.EUS:frr-0:8.0-5.el9_0.3.x86_64",
"AppStream-9.0.0.Z.EUS:frr-debuginfo-0:8.0-5.el9_0.3.aarch64",
"AppStream-9.0.0.Z.EUS:frr-debuginfo-0:8.0-5.el9_0.3.ppc64le",
"AppStream-9.0.0.Z.EUS:frr-debuginfo-0:8.0-5.el9_0.3.s390x",
"AppStream-9.0.0.Z.EUS:frr-debuginfo-0:8.0-5.el9_0.3.x86_64",
"AppStream-9.0.0.Z.EUS:frr-debugsource-0:8.0-5.el9_0.3.aarch64",
"AppStream-9.0.0.Z.EUS:frr-debugsource-0:8.0-5.el9_0.3.ppc64le",
"AppStream-9.0.0.Z.EUS:frr-debugsource-0:8.0-5.el9_0.3.s390x",
"AppStream-9.0.0.Z.EUS:frr-debugsource-0:8.0-5.el9_0.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "ffr: Flowspec overflow in bgpd/bgp_flowspec.c"
},
{
"cve": "CVE-2023-38407",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"discovery_date": "2023-11-06T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2248528"
}
],
"notes": [
{
"category": "description",
"text": "An out-of-bounds read flaw was found in FFrounting beyond the end of the stream during labeled unicast parsing. This issue may lead to application crash and denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "ffr: Out of bounds read in bgpd/bgp_label.c",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat OpenStack Platform does not ship its own version of the frr package, instead using the version from the underlying Red Hat Enterprise Linux. RHOSP is marked as Not Affected as no changes need to be made by the OpenStack engineering team. System administrators of OpenStack deployments should apply updates once available in RHEL.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.0.0.Z.EUS:frr-0:8.0-5.el9_0.3.aarch64",
"AppStream-9.0.0.Z.EUS:frr-0:8.0-5.el9_0.3.ppc64le",
"AppStream-9.0.0.Z.EUS:frr-0:8.0-5.el9_0.3.s390x",
"AppStream-9.0.0.Z.EUS:frr-0:8.0-5.el9_0.3.src",
"AppStream-9.0.0.Z.EUS:frr-0:8.0-5.el9_0.3.x86_64",
"AppStream-9.0.0.Z.EUS:frr-debuginfo-0:8.0-5.el9_0.3.aarch64",
"AppStream-9.0.0.Z.EUS:frr-debuginfo-0:8.0-5.el9_0.3.ppc64le",
"AppStream-9.0.0.Z.EUS:frr-debuginfo-0:8.0-5.el9_0.3.s390x",
"AppStream-9.0.0.Z.EUS:frr-debuginfo-0:8.0-5.el9_0.3.x86_64",
"AppStream-9.0.0.Z.EUS:frr-debugsource-0:8.0-5.el9_0.3.aarch64",
"AppStream-9.0.0.Z.EUS:frr-debugsource-0:8.0-5.el9_0.3.ppc64le",
"AppStream-9.0.0.Z.EUS:frr-debugsource-0:8.0-5.el9_0.3.s390x",
"AppStream-9.0.0.Z.EUS:frr-debugsource-0:8.0-5.el9_0.3.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-38407"
},
{
"category": "external",
"summary": "RHBZ#2248528",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2248528"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-38407",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38407"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-38407",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-38407"
},
{
"category": "external",
"summary": "https://github.com/FRRouting/frr/pull/12951",
"url": "https://github.com/FRRouting/frr/pull/12951"
},
{
"category": "external",
"summary": "https://github.com/FRRouting/frr/pull/12956",
"url": "https://github.com/FRRouting/frr/pull/12956"
}
],
"release_date": "2023-03-05T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-03-05T18:05:37+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.0.0.Z.EUS:frr-0:8.0-5.el9_0.3.aarch64",
"AppStream-9.0.0.Z.EUS:frr-0:8.0-5.el9_0.3.ppc64le",
"AppStream-9.0.0.Z.EUS:frr-0:8.0-5.el9_0.3.s390x",
"AppStream-9.0.0.Z.EUS:frr-0:8.0-5.el9_0.3.src",
"AppStream-9.0.0.Z.EUS:frr-0:8.0-5.el9_0.3.x86_64",
"AppStream-9.0.0.Z.EUS:frr-debuginfo-0:8.0-5.el9_0.3.aarch64",
"AppStream-9.0.0.Z.EUS:frr-debuginfo-0:8.0-5.el9_0.3.ppc64le",
"AppStream-9.0.0.Z.EUS:frr-debuginfo-0:8.0-5.el9_0.3.s390x",
"AppStream-9.0.0.Z.EUS:frr-debuginfo-0:8.0-5.el9_0.3.x86_64",
"AppStream-9.0.0.Z.EUS:frr-debugsource-0:8.0-5.el9_0.3.aarch64",
"AppStream-9.0.0.Z.EUS:frr-debugsource-0:8.0-5.el9_0.3.ppc64le",
"AppStream-9.0.0.Z.EUS:frr-debugsource-0:8.0-5.el9_0.3.s390x",
"AppStream-9.0.0.Z.EUS:frr-debugsource-0:8.0-5.el9_0.3.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:1152"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"AppStream-9.0.0.Z.EUS:frr-0:8.0-5.el9_0.3.aarch64",
"AppStream-9.0.0.Z.EUS:frr-0:8.0-5.el9_0.3.ppc64le",
"AppStream-9.0.0.Z.EUS:frr-0:8.0-5.el9_0.3.s390x",
"AppStream-9.0.0.Z.EUS:frr-0:8.0-5.el9_0.3.src",
"AppStream-9.0.0.Z.EUS:frr-0:8.0-5.el9_0.3.x86_64",
"AppStream-9.0.0.Z.EUS:frr-debuginfo-0:8.0-5.el9_0.3.aarch64",
"AppStream-9.0.0.Z.EUS:frr-debuginfo-0:8.0-5.el9_0.3.ppc64le",
"AppStream-9.0.0.Z.EUS:frr-debuginfo-0:8.0-5.el9_0.3.s390x",
"AppStream-9.0.0.Z.EUS:frr-debuginfo-0:8.0-5.el9_0.3.x86_64",
"AppStream-9.0.0.Z.EUS:frr-debugsource-0:8.0-5.el9_0.3.aarch64",
"AppStream-9.0.0.Z.EUS:frr-debugsource-0:8.0-5.el9_0.3.ppc64le",
"AppStream-9.0.0.Z.EUS:frr-debugsource-0:8.0-5.el9_0.3.s390x",
"AppStream-9.0.0.Z.EUS:frr-debugsource-0:8.0-5.el9_0.3.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-9.0.0.Z.EUS:frr-0:8.0-5.el9_0.3.aarch64",
"AppStream-9.0.0.Z.EUS:frr-0:8.0-5.el9_0.3.ppc64le",
"AppStream-9.0.0.Z.EUS:frr-0:8.0-5.el9_0.3.s390x",
"AppStream-9.0.0.Z.EUS:frr-0:8.0-5.el9_0.3.src",
"AppStream-9.0.0.Z.EUS:frr-0:8.0-5.el9_0.3.x86_64",
"AppStream-9.0.0.Z.EUS:frr-debuginfo-0:8.0-5.el9_0.3.aarch64",
"AppStream-9.0.0.Z.EUS:frr-debuginfo-0:8.0-5.el9_0.3.ppc64le",
"AppStream-9.0.0.Z.EUS:frr-debuginfo-0:8.0-5.el9_0.3.s390x",
"AppStream-9.0.0.Z.EUS:frr-debuginfo-0:8.0-5.el9_0.3.x86_64",
"AppStream-9.0.0.Z.EUS:frr-debugsource-0:8.0-5.el9_0.3.aarch64",
"AppStream-9.0.0.Z.EUS:frr-debugsource-0:8.0-5.el9_0.3.ppc64le",
"AppStream-9.0.0.Z.EUS:frr-debugsource-0:8.0-5.el9_0.3.s390x",
"AppStream-9.0.0.Z.EUS:frr-debugsource-0:8.0-5.el9_0.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "ffr: Out of bounds read in bgpd/bgp_label.c"
},
{
"cve": "CVE-2023-47234",
"discovery_date": "2023-11-06T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2248208"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in frr. A crash can occur when processing a crafted BGP UPDATE message with a MP_UNREACH_NLRI attribute and additional NLRI data that lacks mandatory path attributes.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "frr: crash from specially crafted MP_UNREACH_NLRI-containing BGP UPDATE message",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat OpenStack Platform does not ship its own version of the frr package, instead using the version from the underlying Red Hat Enterprise Linux. RHOSP is marked as Not Affected as no changes need to be made by the OpenStack engineering team. System administrators of OpenStack deployments should apply updates once available in RHEL.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.0.0.Z.EUS:frr-0:8.0-5.el9_0.3.aarch64",
"AppStream-9.0.0.Z.EUS:frr-0:8.0-5.el9_0.3.ppc64le",
"AppStream-9.0.0.Z.EUS:frr-0:8.0-5.el9_0.3.s390x",
"AppStream-9.0.0.Z.EUS:frr-0:8.0-5.el9_0.3.src",
"AppStream-9.0.0.Z.EUS:frr-0:8.0-5.el9_0.3.x86_64",
"AppStream-9.0.0.Z.EUS:frr-debuginfo-0:8.0-5.el9_0.3.aarch64",
"AppStream-9.0.0.Z.EUS:frr-debuginfo-0:8.0-5.el9_0.3.ppc64le",
"AppStream-9.0.0.Z.EUS:frr-debuginfo-0:8.0-5.el9_0.3.s390x",
"AppStream-9.0.0.Z.EUS:frr-debuginfo-0:8.0-5.el9_0.3.x86_64",
"AppStream-9.0.0.Z.EUS:frr-debugsource-0:8.0-5.el9_0.3.aarch64",
"AppStream-9.0.0.Z.EUS:frr-debugsource-0:8.0-5.el9_0.3.ppc64le",
"AppStream-9.0.0.Z.EUS:frr-debugsource-0:8.0-5.el9_0.3.s390x",
"AppStream-9.0.0.Z.EUS:frr-debugsource-0:8.0-5.el9_0.3.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-47234"
},
{
"category": "external",
"summary": "RHBZ#2248208",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2248208"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-47234",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-47234"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-47234",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-47234"
}
],
"release_date": "2023-11-03T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-03-05T18:05:37+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.0.0.Z.EUS:frr-0:8.0-5.el9_0.3.aarch64",
"AppStream-9.0.0.Z.EUS:frr-0:8.0-5.el9_0.3.ppc64le",
"AppStream-9.0.0.Z.EUS:frr-0:8.0-5.el9_0.3.s390x",
"AppStream-9.0.0.Z.EUS:frr-0:8.0-5.el9_0.3.src",
"AppStream-9.0.0.Z.EUS:frr-0:8.0-5.el9_0.3.x86_64",
"AppStream-9.0.0.Z.EUS:frr-debuginfo-0:8.0-5.el9_0.3.aarch64",
"AppStream-9.0.0.Z.EUS:frr-debuginfo-0:8.0-5.el9_0.3.ppc64le",
"AppStream-9.0.0.Z.EUS:frr-debuginfo-0:8.0-5.el9_0.3.s390x",
"AppStream-9.0.0.Z.EUS:frr-debuginfo-0:8.0-5.el9_0.3.x86_64",
"AppStream-9.0.0.Z.EUS:frr-debugsource-0:8.0-5.el9_0.3.aarch64",
"AppStream-9.0.0.Z.EUS:frr-debugsource-0:8.0-5.el9_0.3.ppc64le",
"AppStream-9.0.0.Z.EUS:frr-debugsource-0:8.0-5.el9_0.3.s390x",
"AppStream-9.0.0.Z.EUS:frr-debugsource-0:8.0-5.el9_0.3.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:1152"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"AppStream-9.0.0.Z.EUS:frr-0:8.0-5.el9_0.3.aarch64",
"AppStream-9.0.0.Z.EUS:frr-0:8.0-5.el9_0.3.ppc64le",
"AppStream-9.0.0.Z.EUS:frr-0:8.0-5.el9_0.3.s390x",
"AppStream-9.0.0.Z.EUS:frr-0:8.0-5.el9_0.3.src",
"AppStream-9.0.0.Z.EUS:frr-0:8.0-5.el9_0.3.x86_64",
"AppStream-9.0.0.Z.EUS:frr-debuginfo-0:8.0-5.el9_0.3.aarch64",
"AppStream-9.0.0.Z.EUS:frr-debuginfo-0:8.0-5.el9_0.3.ppc64le",
"AppStream-9.0.0.Z.EUS:frr-debuginfo-0:8.0-5.el9_0.3.s390x",
"AppStream-9.0.0.Z.EUS:frr-debuginfo-0:8.0-5.el9_0.3.x86_64",
"AppStream-9.0.0.Z.EUS:frr-debugsource-0:8.0-5.el9_0.3.aarch64",
"AppStream-9.0.0.Z.EUS:frr-debugsource-0:8.0-5.el9_0.3.ppc64le",
"AppStream-9.0.0.Z.EUS:frr-debugsource-0:8.0-5.el9_0.3.s390x",
"AppStream-9.0.0.Z.EUS:frr-debugsource-0:8.0-5.el9_0.3.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-9.0.0.Z.EUS:frr-0:8.0-5.el9_0.3.aarch64",
"AppStream-9.0.0.Z.EUS:frr-0:8.0-5.el9_0.3.ppc64le",
"AppStream-9.0.0.Z.EUS:frr-0:8.0-5.el9_0.3.s390x",
"AppStream-9.0.0.Z.EUS:frr-0:8.0-5.el9_0.3.src",
"AppStream-9.0.0.Z.EUS:frr-0:8.0-5.el9_0.3.x86_64",
"AppStream-9.0.0.Z.EUS:frr-debuginfo-0:8.0-5.el9_0.3.aarch64",
"AppStream-9.0.0.Z.EUS:frr-debuginfo-0:8.0-5.el9_0.3.ppc64le",
"AppStream-9.0.0.Z.EUS:frr-debuginfo-0:8.0-5.el9_0.3.s390x",
"AppStream-9.0.0.Z.EUS:frr-debuginfo-0:8.0-5.el9_0.3.x86_64",
"AppStream-9.0.0.Z.EUS:frr-debugsource-0:8.0-5.el9_0.3.aarch64",
"AppStream-9.0.0.Z.EUS:frr-debugsource-0:8.0-5.el9_0.3.ppc64le",
"AppStream-9.0.0.Z.EUS:frr-debugsource-0:8.0-5.el9_0.3.s390x",
"AppStream-9.0.0.Z.EUS:frr-debugsource-0:8.0-5.el9_0.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "frr: crash from specially crafted MP_UNREACH_NLRI-containing BGP UPDATE message"
},
{
"cve": "CVE-2023-47235",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2023-11-06T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2248207"
}
],
"notes": [
{
"category": "description",
"text": "An issue was found in FRRouting FRR, where a crash may occur when processing a malformed BGP UPDATE message with an EOR.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "frr: crash from malformed EOR-containing BGP UPDATE message",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "A moderate severity issue has been identified in FRRouting FRR, where a crash may occur when processing a malformed BGP UPDATE message with an EOR. It\u0027s important to note that Red Hat OpenStack Platform (RHOSP) is not directly affected, as it utilises the version from the underlying Red Hat Enterprise Linux and is marked as Not Affected, with no changes required by the OpenStack engineering team. However, system administrators of OpenStack deployments are advised to apply updates once available in RHEL to mitigate potential risks. Additionally, this flaw is discovered through fuzzing, where, in normal cases, such packets cannot exist.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.0.0.Z.EUS:frr-0:8.0-5.el9_0.3.aarch64",
"AppStream-9.0.0.Z.EUS:frr-0:8.0-5.el9_0.3.ppc64le",
"AppStream-9.0.0.Z.EUS:frr-0:8.0-5.el9_0.3.s390x",
"AppStream-9.0.0.Z.EUS:frr-0:8.0-5.el9_0.3.src",
"AppStream-9.0.0.Z.EUS:frr-0:8.0-5.el9_0.3.x86_64",
"AppStream-9.0.0.Z.EUS:frr-debuginfo-0:8.0-5.el9_0.3.aarch64",
"AppStream-9.0.0.Z.EUS:frr-debuginfo-0:8.0-5.el9_0.3.ppc64le",
"AppStream-9.0.0.Z.EUS:frr-debuginfo-0:8.0-5.el9_0.3.s390x",
"AppStream-9.0.0.Z.EUS:frr-debuginfo-0:8.0-5.el9_0.3.x86_64",
"AppStream-9.0.0.Z.EUS:frr-debugsource-0:8.0-5.el9_0.3.aarch64",
"AppStream-9.0.0.Z.EUS:frr-debugsource-0:8.0-5.el9_0.3.ppc64le",
"AppStream-9.0.0.Z.EUS:frr-debugsource-0:8.0-5.el9_0.3.s390x",
"AppStream-9.0.0.Z.EUS:frr-debugsource-0:8.0-5.el9_0.3.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-47235"
},
{
"category": "external",
"summary": "RHBZ#2248207",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2248207"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-47235",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-47235"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-47235",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-47235"
}
],
"release_date": "2023-11-03T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-03-05T18:05:37+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.0.0.Z.EUS:frr-0:8.0-5.el9_0.3.aarch64",
"AppStream-9.0.0.Z.EUS:frr-0:8.0-5.el9_0.3.ppc64le",
"AppStream-9.0.0.Z.EUS:frr-0:8.0-5.el9_0.3.s390x",
"AppStream-9.0.0.Z.EUS:frr-0:8.0-5.el9_0.3.src",
"AppStream-9.0.0.Z.EUS:frr-0:8.0-5.el9_0.3.x86_64",
"AppStream-9.0.0.Z.EUS:frr-debuginfo-0:8.0-5.el9_0.3.aarch64",
"AppStream-9.0.0.Z.EUS:frr-debuginfo-0:8.0-5.el9_0.3.ppc64le",
"AppStream-9.0.0.Z.EUS:frr-debuginfo-0:8.0-5.el9_0.3.s390x",
"AppStream-9.0.0.Z.EUS:frr-debuginfo-0:8.0-5.el9_0.3.x86_64",
"AppStream-9.0.0.Z.EUS:frr-debugsource-0:8.0-5.el9_0.3.aarch64",
"AppStream-9.0.0.Z.EUS:frr-debugsource-0:8.0-5.el9_0.3.ppc64le",
"AppStream-9.0.0.Z.EUS:frr-debugsource-0:8.0-5.el9_0.3.s390x",
"AppStream-9.0.0.Z.EUS:frr-debugsource-0:8.0-5.el9_0.3.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:1152"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"AppStream-9.0.0.Z.EUS:frr-0:8.0-5.el9_0.3.aarch64",
"AppStream-9.0.0.Z.EUS:frr-0:8.0-5.el9_0.3.ppc64le",
"AppStream-9.0.0.Z.EUS:frr-0:8.0-5.el9_0.3.s390x",
"AppStream-9.0.0.Z.EUS:frr-0:8.0-5.el9_0.3.src",
"AppStream-9.0.0.Z.EUS:frr-0:8.0-5.el9_0.3.x86_64",
"AppStream-9.0.0.Z.EUS:frr-debuginfo-0:8.0-5.el9_0.3.aarch64",
"AppStream-9.0.0.Z.EUS:frr-debuginfo-0:8.0-5.el9_0.3.ppc64le",
"AppStream-9.0.0.Z.EUS:frr-debuginfo-0:8.0-5.el9_0.3.s390x",
"AppStream-9.0.0.Z.EUS:frr-debuginfo-0:8.0-5.el9_0.3.x86_64",
"AppStream-9.0.0.Z.EUS:frr-debugsource-0:8.0-5.el9_0.3.aarch64",
"AppStream-9.0.0.Z.EUS:frr-debugsource-0:8.0-5.el9_0.3.ppc64le",
"AppStream-9.0.0.Z.EUS:frr-debugsource-0:8.0-5.el9_0.3.s390x",
"AppStream-9.0.0.Z.EUS:frr-debugsource-0:8.0-5.el9_0.3.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-9.0.0.Z.EUS:frr-0:8.0-5.el9_0.3.aarch64",
"AppStream-9.0.0.Z.EUS:frr-0:8.0-5.el9_0.3.ppc64le",
"AppStream-9.0.0.Z.EUS:frr-0:8.0-5.el9_0.3.s390x",
"AppStream-9.0.0.Z.EUS:frr-0:8.0-5.el9_0.3.src",
"AppStream-9.0.0.Z.EUS:frr-0:8.0-5.el9_0.3.x86_64",
"AppStream-9.0.0.Z.EUS:frr-debuginfo-0:8.0-5.el9_0.3.aarch64",
"AppStream-9.0.0.Z.EUS:frr-debuginfo-0:8.0-5.el9_0.3.ppc64le",
"AppStream-9.0.0.Z.EUS:frr-debuginfo-0:8.0-5.el9_0.3.s390x",
"AppStream-9.0.0.Z.EUS:frr-debuginfo-0:8.0-5.el9_0.3.x86_64",
"AppStream-9.0.0.Z.EUS:frr-debugsource-0:8.0-5.el9_0.3.aarch64",
"AppStream-9.0.0.Z.EUS:frr-debugsource-0:8.0-5.el9_0.3.ppc64le",
"AppStream-9.0.0.Z.EUS:frr-debugsource-0:8.0-5.el9_0.3.s390x",
"AppStream-9.0.0.Z.EUS:frr-debugsource-0:8.0-5.el9_0.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "frr: crash from malformed EOR-containing BGP UPDATE message"
}
]
}
RHSA-2024_0130
Vulnerability from csaf_redhat - Published: 2024-01-10 11:33 - Updated: 2024-11-23 02:11Summary
Red Hat Security Advisory: frr security update
Severity
Moderate
Notes
Topic: An update for frr is now available for Red Hat Enterprise Linux 8.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details: FRRouting is free software that manages TCP/IP based routing protocols. It supports BGP4, OSPFv2, OSPFv3, ISIS, RIP, RIPng, PIM, NHRP, PBR, EIGRP and BFD.
Security Fix(es):
* ffr: Flowspec overflow in bgpd/bgp_flowspec.c (CVE-2023-38406)
* ffr: Out of bounds read in bgpd/bgp_label.c (CVE-2023-38407)
* frr: crash from specially crafted MP_UNREACH_NLRI-containing BGP UPDATE message (CVE-2023-47234)
* frr: crash from malformed EOR-containing BGP UPDATE message (CVE-2023-47235)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A flaw was found in bgpd/bgp_flowspec.c in the FFrouting BGP protocol code. An overflow may occur while processing zero length NLRI messages.
7.5 (High)
Affected products
Fixed
14 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:frr-0:7.5.1-13.el8_9.3.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:frr-0:7.5.1-13.el8_9.3.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:frr-0:7.5.1-13.el8_9.3.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:frr-0:7.5.1-13.el8_9.3.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:frr-0:7.5.1-13.el8_9.3.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:frr-debuginfo-0:7.5.1-13.el8_9.3.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:frr-debuginfo-0:7.5.1-13.el8_9.3.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:frr-debuginfo-0:7.5.1-13.el8_9.3.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:frr-debuginfo-0:7.5.1-13.el8_9.3.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:frr-debugsource-0:7.5.1-13.el8_9.3.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:frr-debugsource-0:7.5.1-13.el8_9.3.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:frr-debugsource-0:7.5.1-13.el8_9.3.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:frr-debugsource-0:7.5.1-13.el8_9.3.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:frr-selinux-0:7.5.1-13.el8_9.3.noarch | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
An out-of-bounds read flaw was found in FFrounting beyond the end of the stream during labeled unicast parsing. This issue may lead to application crash and denial of service.
7.5 (High)
Affected products
Fixed
14 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:frr-0:7.5.1-13.el8_9.3.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:frr-0:7.5.1-13.el8_9.3.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:frr-0:7.5.1-13.el8_9.3.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:frr-0:7.5.1-13.el8_9.3.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:frr-0:7.5.1-13.el8_9.3.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:frr-debuginfo-0:7.5.1-13.el8_9.3.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:frr-debuginfo-0:7.5.1-13.el8_9.3.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:frr-debuginfo-0:7.5.1-13.el8_9.3.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:frr-debuginfo-0:7.5.1-13.el8_9.3.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:frr-debugsource-0:7.5.1-13.el8_9.3.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:frr-debugsource-0:7.5.1-13.el8_9.3.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:frr-debugsource-0:7.5.1-13.el8_9.3.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:frr-debugsource-0:7.5.1-13.el8_9.3.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:frr-selinux-0:7.5.1-13.el8_9.3.noarch | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
A flaw was found in frr. A crash can occur when processing a crafted BGP UPDATE message with a MP_UNREACH_NLRI attribute and additional NLRI data that lacks mandatory path attributes.
7.5 (High)
Affected products
Fixed
14 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:frr-0:7.5.1-13.el8_9.3.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:frr-0:7.5.1-13.el8_9.3.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:frr-0:7.5.1-13.el8_9.3.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:frr-0:7.5.1-13.el8_9.3.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:frr-0:7.5.1-13.el8_9.3.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:frr-debuginfo-0:7.5.1-13.el8_9.3.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:frr-debuginfo-0:7.5.1-13.el8_9.3.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:frr-debuginfo-0:7.5.1-13.el8_9.3.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:frr-debuginfo-0:7.5.1-13.el8_9.3.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:frr-debugsource-0:7.5.1-13.el8_9.3.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:frr-debugsource-0:7.5.1-13.el8_9.3.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:frr-debugsource-0:7.5.1-13.el8_9.3.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:frr-debugsource-0:7.5.1-13.el8_9.3.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:frr-selinux-0:7.5.1-13.el8_9.3.noarch | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
An issue was found in FRRouting FRR, where a crash may occur when processing a malformed BGP UPDATE message with an EOR.
7.5 (High)
Affected products
Fixed
14 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:frr-0:7.5.1-13.el8_9.3.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:frr-0:7.5.1-13.el8_9.3.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:frr-0:7.5.1-13.el8_9.3.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:frr-0:7.5.1-13.el8_9.3.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:frr-0:7.5.1-13.el8_9.3.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:frr-debuginfo-0:7.5.1-13.el8_9.3.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:frr-debuginfo-0:7.5.1-13.el8_9.3.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:frr-debuginfo-0:7.5.1-13.el8_9.3.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:frr-debuginfo-0:7.5.1-13.el8_9.3.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:frr-debugsource-0:7.5.1-13.el8_9.3.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:frr-debugsource-0:7.5.1-13.el8_9.3.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:frr-debugsource-0:7.5.1-13.el8_9.3.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:frr-debugsource-0:7.5.1-13.el8_9.3.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.9.0.Z.MAIN:frr-selinux-0:7.5.1-13.el8_9.3.noarch | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
References
27 references
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for frr is now available for Red Hat Enterprise Linux 8.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "FRRouting is free software that manages TCP/IP based routing protocols. It supports BGP4, OSPFv2, OSPFv3, ISIS, RIP, RIPng, PIM, NHRP, PBR, EIGRP and BFD. \n\nSecurity Fix(es):\n\n* ffr: Flowspec overflow in bgpd/bgp_flowspec.c (CVE-2023-38406)\n\n* ffr: Out of bounds read in bgpd/bgp_label.c (CVE-2023-38407)\n\n* frr: crash from specially crafted MP_UNREACH_NLRI-containing BGP UPDATE message (CVE-2023-47234)\n\n* frr: crash from malformed EOR-containing BGP UPDATE message (CVE-2023-47235)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2024:0130",
"url": "https://access.redhat.com/errata/RHSA-2024:0130"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/8.1_release_notes/index",
"url": "https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/8.1_release_notes/index"
},
{
"category": "external",
"summary": "2248207",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2248207"
},
{
"category": "external",
"summary": "2248208",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2248208"
},
{
"category": "external",
"summary": "2248526",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2248526"
},
{
"category": "external",
"summary": "2248528",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2248528"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_0130.json"
}
],
"title": "Red Hat Security Advisory: frr security update",
"tracking": {
"current_release_date": "2024-11-23T02:11:38+00:00",
"generator": {
"date": "2024-11-23T02:11:38+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.1"
}
},
"id": "RHSA-2024:0130",
"initial_release_date": "2024-01-10T11:33:01+00:00",
"revision_history": [
{
"date": "2024-01-10T11:33:01+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2024-01-10T11:33:01+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-11-23T02:11:38+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux AppStream (v. 8)",
"product": {
"name": "Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.9.0.Z.MAIN",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:enterprise_linux:8::appstream"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "frr-0:7.5.1-13.el8_9.3.src",
"product": {
"name": "frr-0:7.5.1-13.el8_9.3.src",
"product_id": "frr-0:7.5.1-13.el8_9.3.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/frr@7.5.1-13.el8_9.3?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "frr-0:7.5.1-13.el8_9.3.aarch64",
"product": {
"name": "frr-0:7.5.1-13.el8_9.3.aarch64",
"product_id": "frr-0:7.5.1-13.el8_9.3.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/frr@7.5.1-13.el8_9.3?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "frr-debugsource-0:7.5.1-13.el8_9.3.aarch64",
"product": {
"name": "frr-debugsource-0:7.5.1-13.el8_9.3.aarch64",
"product_id": "frr-debugsource-0:7.5.1-13.el8_9.3.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/frr-debugsource@7.5.1-13.el8_9.3?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "frr-debuginfo-0:7.5.1-13.el8_9.3.aarch64",
"product": {
"name": "frr-debuginfo-0:7.5.1-13.el8_9.3.aarch64",
"product_id": "frr-debuginfo-0:7.5.1-13.el8_9.3.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/frr-debuginfo@7.5.1-13.el8_9.3?arch=aarch64"
}
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "frr-0:7.5.1-13.el8_9.3.ppc64le",
"product": {
"name": "frr-0:7.5.1-13.el8_9.3.ppc64le",
"product_id": "frr-0:7.5.1-13.el8_9.3.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/frr@7.5.1-13.el8_9.3?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "frr-debugsource-0:7.5.1-13.el8_9.3.ppc64le",
"product": {
"name": "frr-debugsource-0:7.5.1-13.el8_9.3.ppc64le",
"product_id": "frr-debugsource-0:7.5.1-13.el8_9.3.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/frr-debugsource@7.5.1-13.el8_9.3?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "frr-debuginfo-0:7.5.1-13.el8_9.3.ppc64le",
"product": {
"name": "frr-debuginfo-0:7.5.1-13.el8_9.3.ppc64le",
"product_id": "frr-debuginfo-0:7.5.1-13.el8_9.3.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/frr-debuginfo@7.5.1-13.el8_9.3?arch=ppc64le"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "frr-0:7.5.1-13.el8_9.3.x86_64",
"product": {
"name": "frr-0:7.5.1-13.el8_9.3.x86_64",
"product_id": "frr-0:7.5.1-13.el8_9.3.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/frr@7.5.1-13.el8_9.3?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "frr-debugsource-0:7.5.1-13.el8_9.3.x86_64",
"product": {
"name": "frr-debugsource-0:7.5.1-13.el8_9.3.x86_64",
"product_id": "frr-debugsource-0:7.5.1-13.el8_9.3.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/frr-debugsource@7.5.1-13.el8_9.3?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "frr-debuginfo-0:7.5.1-13.el8_9.3.x86_64",
"product": {
"name": "frr-debuginfo-0:7.5.1-13.el8_9.3.x86_64",
"product_id": "frr-debuginfo-0:7.5.1-13.el8_9.3.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/frr-debuginfo@7.5.1-13.el8_9.3?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "frr-0:7.5.1-13.el8_9.3.s390x",
"product": {
"name": "frr-0:7.5.1-13.el8_9.3.s390x",
"product_id": "frr-0:7.5.1-13.el8_9.3.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/frr@7.5.1-13.el8_9.3?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "frr-debugsource-0:7.5.1-13.el8_9.3.s390x",
"product": {
"name": "frr-debugsource-0:7.5.1-13.el8_9.3.s390x",
"product_id": "frr-debugsource-0:7.5.1-13.el8_9.3.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/frr-debugsource@7.5.1-13.el8_9.3?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "frr-debuginfo-0:7.5.1-13.el8_9.3.s390x",
"product": {
"name": "frr-debuginfo-0:7.5.1-13.el8_9.3.s390x",
"product_id": "frr-debuginfo-0:7.5.1-13.el8_9.3.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/frr-debuginfo@7.5.1-13.el8_9.3?arch=s390x"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "frr-selinux-0:7.5.1-13.el8_9.3.noarch",
"product": {
"name": "frr-selinux-0:7.5.1-13.el8_9.3.noarch",
"product_id": "frr-selinux-0:7.5.1-13.el8_9.3.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/frr-selinux@7.5.1-13.el8_9.3?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "frr-0:7.5.1-13.el8_9.3.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.9.0.Z.MAIN:frr-0:7.5.1-13.el8_9.3.aarch64"
},
"product_reference": "frr-0:7.5.1-13.el8_9.3.aarch64",
"relates_to_product_reference": "AppStream-8.9.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "frr-0:7.5.1-13.el8_9.3.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.9.0.Z.MAIN:frr-0:7.5.1-13.el8_9.3.ppc64le"
},
"product_reference": "frr-0:7.5.1-13.el8_9.3.ppc64le",
"relates_to_product_reference": "AppStream-8.9.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "frr-0:7.5.1-13.el8_9.3.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.9.0.Z.MAIN:frr-0:7.5.1-13.el8_9.3.s390x"
},
"product_reference": "frr-0:7.5.1-13.el8_9.3.s390x",
"relates_to_product_reference": "AppStream-8.9.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "frr-0:7.5.1-13.el8_9.3.src as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.9.0.Z.MAIN:frr-0:7.5.1-13.el8_9.3.src"
},
"product_reference": "frr-0:7.5.1-13.el8_9.3.src",
"relates_to_product_reference": "AppStream-8.9.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "frr-0:7.5.1-13.el8_9.3.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.9.0.Z.MAIN:frr-0:7.5.1-13.el8_9.3.x86_64"
},
"product_reference": "frr-0:7.5.1-13.el8_9.3.x86_64",
"relates_to_product_reference": "AppStream-8.9.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "frr-debuginfo-0:7.5.1-13.el8_9.3.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.9.0.Z.MAIN:frr-debuginfo-0:7.5.1-13.el8_9.3.aarch64"
},
"product_reference": "frr-debuginfo-0:7.5.1-13.el8_9.3.aarch64",
"relates_to_product_reference": "AppStream-8.9.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "frr-debuginfo-0:7.5.1-13.el8_9.3.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.9.0.Z.MAIN:frr-debuginfo-0:7.5.1-13.el8_9.3.ppc64le"
},
"product_reference": "frr-debuginfo-0:7.5.1-13.el8_9.3.ppc64le",
"relates_to_product_reference": "AppStream-8.9.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "frr-debuginfo-0:7.5.1-13.el8_9.3.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.9.0.Z.MAIN:frr-debuginfo-0:7.5.1-13.el8_9.3.s390x"
},
"product_reference": "frr-debuginfo-0:7.5.1-13.el8_9.3.s390x",
"relates_to_product_reference": "AppStream-8.9.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "frr-debuginfo-0:7.5.1-13.el8_9.3.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.9.0.Z.MAIN:frr-debuginfo-0:7.5.1-13.el8_9.3.x86_64"
},
"product_reference": "frr-debuginfo-0:7.5.1-13.el8_9.3.x86_64",
"relates_to_product_reference": "AppStream-8.9.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "frr-debugsource-0:7.5.1-13.el8_9.3.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.9.0.Z.MAIN:frr-debugsource-0:7.5.1-13.el8_9.3.aarch64"
},
"product_reference": "frr-debugsource-0:7.5.1-13.el8_9.3.aarch64",
"relates_to_product_reference": "AppStream-8.9.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "frr-debugsource-0:7.5.1-13.el8_9.3.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.9.0.Z.MAIN:frr-debugsource-0:7.5.1-13.el8_9.3.ppc64le"
},
"product_reference": "frr-debugsource-0:7.5.1-13.el8_9.3.ppc64le",
"relates_to_product_reference": "AppStream-8.9.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "frr-debugsource-0:7.5.1-13.el8_9.3.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.9.0.Z.MAIN:frr-debugsource-0:7.5.1-13.el8_9.3.s390x"
},
"product_reference": "frr-debugsource-0:7.5.1-13.el8_9.3.s390x",
"relates_to_product_reference": "AppStream-8.9.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "frr-debugsource-0:7.5.1-13.el8_9.3.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.9.0.Z.MAIN:frr-debugsource-0:7.5.1-13.el8_9.3.x86_64"
},
"product_reference": "frr-debugsource-0:7.5.1-13.el8_9.3.x86_64",
"relates_to_product_reference": "AppStream-8.9.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "frr-selinux-0:7.5.1-13.el8_9.3.noarch as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.9.0.Z.MAIN:frr-selinux-0:7.5.1-13.el8_9.3.noarch"
},
"product_reference": "frr-selinux-0:7.5.1-13.el8_9.3.noarch",
"relates_to_product_reference": "AppStream-8.9.0.Z.MAIN"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-38406",
"cwe": {
"id": "CWE-119",
"name": "Improper Restriction of Operations within the Bounds of a Memory Buffer"
},
"discovery_date": "2023-11-06T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2248526"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in bgpd/bgp_flowspec.c in the FFrouting BGP protocol code. An overflow may occur while processing zero length NLRI messages.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "ffr: Flowspec overflow in bgpd/bgp_flowspec.c",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat OpenStack Platform does not ship its own version of the frr package, instead using the version from the underlying Red Hat Enterprise Linux. RHOSP is marked as Not Affected as no changes need to be made by the OpenStack engineering team. System administrators of OpenStack deployments should apply updates once available in RHEL.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.9.0.Z.MAIN:frr-0:7.5.1-13.el8_9.3.aarch64",
"AppStream-8.9.0.Z.MAIN:frr-0:7.5.1-13.el8_9.3.ppc64le",
"AppStream-8.9.0.Z.MAIN:frr-0:7.5.1-13.el8_9.3.s390x",
"AppStream-8.9.0.Z.MAIN:frr-0:7.5.1-13.el8_9.3.src",
"AppStream-8.9.0.Z.MAIN:frr-0:7.5.1-13.el8_9.3.x86_64",
"AppStream-8.9.0.Z.MAIN:frr-debuginfo-0:7.5.1-13.el8_9.3.aarch64",
"AppStream-8.9.0.Z.MAIN:frr-debuginfo-0:7.5.1-13.el8_9.3.ppc64le",
"AppStream-8.9.0.Z.MAIN:frr-debuginfo-0:7.5.1-13.el8_9.3.s390x",
"AppStream-8.9.0.Z.MAIN:frr-debuginfo-0:7.5.1-13.el8_9.3.x86_64",
"AppStream-8.9.0.Z.MAIN:frr-debugsource-0:7.5.1-13.el8_9.3.aarch64",
"AppStream-8.9.0.Z.MAIN:frr-debugsource-0:7.5.1-13.el8_9.3.ppc64le",
"AppStream-8.9.0.Z.MAIN:frr-debugsource-0:7.5.1-13.el8_9.3.s390x",
"AppStream-8.9.0.Z.MAIN:frr-debugsource-0:7.5.1-13.el8_9.3.x86_64",
"AppStream-8.9.0.Z.MAIN:frr-selinux-0:7.5.1-13.el8_9.3.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-38406"
},
{
"category": "external",
"summary": "RHBZ#2248526",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2248526"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-38406",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38406"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-38406",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-38406"
},
{
"category": "external",
"summary": "https://github.com/FRRouting/frr/pull/12884",
"url": "https://github.com/FRRouting/frr/pull/12884"
}
],
"release_date": "2023-02-24T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-01-10T11:33:01+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.9.0.Z.MAIN:frr-0:7.5.1-13.el8_9.3.aarch64",
"AppStream-8.9.0.Z.MAIN:frr-0:7.5.1-13.el8_9.3.ppc64le",
"AppStream-8.9.0.Z.MAIN:frr-0:7.5.1-13.el8_9.3.s390x",
"AppStream-8.9.0.Z.MAIN:frr-0:7.5.1-13.el8_9.3.src",
"AppStream-8.9.0.Z.MAIN:frr-0:7.5.1-13.el8_9.3.x86_64",
"AppStream-8.9.0.Z.MAIN:frr-debuginfo-0:7.5.1-13.el8_9.3.aarch64",
"AppStream-8.9.0.Z.MAIN:frr-debuginfo-0:7.5.1-13.el8_9.3.ppc64le",
"AppStream-8.9.0.Z.MAIN:frr-debuginfo-0:7.5.1-13.el8_9.3.s390x",
"AppStream-8.9.0.Z.MAIN:frr-debuginfo-0:7.5.1-13.el8_9.3.x86_64",
"AppStream-8.9.0.Z.MAIN:frr-debugsource-0:7.5.1-13.el8_9.3.aarch64",
"AppStream-8.9.0.Z.MAIN:frr-debugsource-0:7.5.1-13.el8_9.3.ppc64le",
"AppStream-8.9.0.Z.MAIN:frr-debugsource-0:7.5.1-13.el8_9.3.s390x",
"AppStream-8.9.0.Z.MAIN:frr-debugsource-0:7.5.1-13.el8_9.3.x86_64",
"AppStream-8.9.0.Z.MAIN:frr-selinux-0:7.5.1-13.el8_9.3.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:0130"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"AppStream-8.9.0.Z.MAIN:frr-0:7.5.1-13.el8_9.3.aarch64",
"AppStream-8.9.0.Z.MAIN:frr-0:7.5.1-13.el8_9.3.ppc64le",
"AppStream-8.9.0.Z.MAIN:frr-0:7.5.1-13.el8_9.3.s390x",
"AppStream-8.9.0.Z.MAIN:frr-0:7.5.1-13.el8_9.3.src",
"AppStream-8.9.0.Z.MAIN:frr-0:7.5.1-13.el8_9.3.x86_64",
"AppStream-8.9.0.Z.MAIN:frr-debuginfo-0:7.5.1-13.el8_9.3.aarch64",
"AppStream-8.9.0.Z.MAIN:frr-debuginfo-0:7.5.1-13.el8_9.3.ppc64le",
"AppStream-8.9.0.Z.MAIN:frr-debuginfo-0:7.5.1-13.el8_9.3.s390x",
"AppStream-8.9.0.Z.MAIN:frr-debuginfo-0:7.5.1-13.el8_9.3.x86_64",
"AppStream-8.9.0.Z.MAIN:frr-debugsource-0:7.5.1-13.el8_9.3.aarch64",
"AppStream-8.9.0.Z.MAIN:frr-debugsource-0:7.5.1-13.el8_9.3.ppc64le",
"AppStream-8.9.0.Z.MAIN:frr-debugsource-0:7.5.1-13.el8_9.3.s390x",
"AppStream-8.9.0.Z.MAIN:frr-debugsource-0:7.5.1-13.el8_9.3.x86_64",
"AppStream-8.9.0.Z.MAIN:frr-selinux-0:7.5.1-13.el8_9.3.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-8.9.0.Z.MAIN:frr-0:7.5.1-13.el8_9.3.aarch64",
"AppStream-8.9.0.Z.MAIN:frr-0:7.5.1-13.el8_9.3.ppc64le",
"AppStream-8.9.0.Z.MAIN:frr-0:7.5.1-13.el8_9.3.s390x",
"AppStream-8.9.0.Z.MAIN:frr-0:7.5.1-13.el8_9.3.src",
"AppStream-8.9.0.Z.MAIN:frr-0:7.5.1-13.el8_9.3.x86_64",
"AppStream-8.9.0.Z.MAIN:frr-debuginfo-0:7.5.1-13.el8_9.3.aarch64",
"AppStream-8.9.0.Z.MAIN:frr-debuginfo-0:7.5.1-13.el8_9.3.ppc64le",
"AppStream-8.9.0.Z.MAIN:frr-debuginfo-0:7.5.1-13.el8_9.3.s390x",
"AppStream-8.9.0.Z.MAIN:frr-debuginfo-0:7.5.1-13.el8_9.3.x86_64",
"AppStream-8.9.0.Z.MAIN:frr-debugsource-0:7.5.1-13.el8_9.3.aarch64",
"AppStream-8.9.0.Z.MAIN:frr-debugsource-0:7.5.1-13.el8_9.3.ppc64le",
"AppStream-8.9.0.Z.MAIN:frr-debugsource-0:7.5.1-13.el8_9.3.s390x",
"AppStream-8.9.0.Z.MAIN:frr-debugsource-0:7.5.1-13.el8_9.3.x86_64",
"AppStream-8.9.0.Z.MAIN:frr-selinux-0:7.5.1-13.el8_9.3.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "ffr: Flowspec overflow in bgpd/bgp_flowspec.c"
},
{
"cve": "CVE-2023-38407",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"discovery_date": "2023-11-06T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2248528"
}
],
"notes": [
{
"category": "description",
"text": "An out-of-bounds read flaw was found in FFrounting beyond the end of the stream during labeled unicast parsing. This issue may lead to application crash and denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "ffr: Out of bounds read in bgpd/bgp_label.c",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat OpenStack Platform does not ship its own version of the frr package, instead using the version from the underlying Red Hat Enterprise Linux. RHOSP is marked as Not Affected as no changes need to be made by the OpenStack engineering team. System administrators of OpenStack deployments should apply updates once available in RHEL.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.9.0.Z.MAIN:frr-0:7.5.1-13.el8_9.3.aarch64",
"AppStream-8.9.0.Z.MAIN:frr-0:7.5.1-13.el8_9.3.ppc64le",
"AppStream-8.9.0.Z.MAIN:frr-0:7.5.1-13.el8_9.3.s390x",
"AppStream-8.9.0.Z.MAIN:frr-0:7.5.1-13.el8_9.3.src",
"AppStream-8.9.0.Z.MAIN:frr-0:7.5.1-13.el8_9.3.x86_64",
"AppStream-8.9.0.Z.MAIN:frr-debuginfo-0:7.5.1-13.el8_9.3.aarch64",
"AppStream-8.9.0.Z.MAIN:frr-debuginfo-0:7.5.1-13.el8_9.3.ppc64le",
"AppStream-8.9.0.Z.MAIN:frr-debuginfo-0:7.5.1-13.el8_9.3.s390x",
"AppStream-8.9.0.Z.MAIN:frr-debuginfo-0:7.5.1-13.el8_9.3.x86_64",
"AppStream-8.9.0.Z.MAIN:frr-debugsource-0:7.5.1-13.el8_9.3.aarch64",
"AppStream-8.9.0.Z.MAIN:frr-debugsource-0:7.5.1-13.el8_9.3.ppc64le",
"AppStream-8.9.0.Z.MAIN:frr-debugsource-0:7.5.1-13.el8_9.3.s390x",
"AppStream-8.9.0.Z.MAIN:frr-debugsource-0:7.5.1-13.el8_9.3.x86_64",
"AppStream-8.9.0.Z.MAIN:frr-selinux-0:7.5.1-13.el8_9.3.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-38407"
},
{
"category": "external",
"summary": "RHBZ#2248528",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2248528"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-38407",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38407"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-38407",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-38407"
},
{
"category": "external",
"summary": "https://github.com/FRRouting/frr/pull/12951",
"url": "https://github.com/FRRouting/frr/pull/12951"
},
{
"category": "external",
"summary": "https://github.com/FRRouting/frr/pull/12956",
"url": "https://github.com/FRRouting/frr/pull/12956"
}
],
"release_date": "2023-03-05T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-01-10T11:33:01+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.9.0.Z.MAIN:frr-0:7.5.1-13.el8_9.3.aarch64",
"AppStream-8.9.0.Z.MAIN:frr-0:7.5.1-13.el8_9.3.ppc64le",
"AppStream-8.9.0.Z.MAIN:frr-0:7.5.1-13.el8_9.3.s390x",
"AppStream-8.9.0.Z.MAIN:frr-0:7.5.1-13.el8_9.3.src",
"AppStream-8.9.0.Z.MAIN:frr-0:7.5.1-13.el8_9.3.x86_64",
"AppStream-8.9.0.Z.MAIN:frr-debuginfo-0:7.5.1-13.el8_9.3.aarch64",
"AppStream-8.9.0.Z.MAIN:frr-debuginfo-0:7.5.1-13.el8_9.3.ppc64le",
"AppStream-8.9.0.Z.MAIN:frr-debuginfo-0:7.5.1-13.el8_9.3.s390x",
"AppStream-8.9.0.Z.MAIN:frr-debuginfo-0:7.5.1-13.el8_9.3.x86_64",
"AppStream-8.9.0.Z.MAIN:frr-debugsource-0:7.5.1-13.el8_9.3.aarch64",
"AppStream-8.9.0.Z.MAIN:frr-debugsource-0:7.5.1-13.el8_9.3.ppc64le",
"AppStream-8.9.0.Z.MAIN:frr-debugsource-0:7.5.1-13.el8_9.3.s390x",
"AppStream-8.9.0.Z.MAIN:frr-debugsource-0:7.5.1-13.el8_9.3.x86_64",
"AppStream-8.9.0.Z.MAIN:frr-selinux-0:7.5.1-13.el8_9.3.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:0130"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"AppStream-8.9.0.Z.MAIN:frr-0:7.5.1-13.el8_9.3.aarch64",
"AppStream-8.9.0.Z.MAIN:frr-0:7.5.1-13.el8_9.3.ppc64le",
"AppStream-8.9.0.Z.MAIN:frr-0:7.5.1-13.el8_9.3.s390x",
"AppStream-8.9.0.Z.MAIN:frr-0:7.5.1-13.el8_9.3.src",
"AppStream-8.9.0.Z.MAIN:frr-0:7.5.1-13.el8_9.3.x86_64",
"AppStream-8.9.0.Z.MAIN:frr-debuginfo-0:7.5.1-13.el8_9.3.aarch64",
"AppStream-8.9.0.Z.MAIN:frr-debuginfo-0:7.5.1-13.el8_9.3.ppc64le",
"AppStream-8.9.0.Z.MAIN:frr-debuginfo-0:7.5.1-13.el8_9.3.s390x",
"AppStream-8.9.0.Z.MAIN:frr-debuginfo-0:7.5.1-13.el8_9.3.x86_64",
"AppStream-8.9.0.Z.MAIN:frr-debugsource-0:7.5.1-13.el8_9.3.aarch64",
"AppStream-8.9.0.Z.MAIN:frr-debugsource-0:7.5.1-13.el8_9.3.ppc64le",
"AppStream-8.9.0.Z.MAIN:frr-debugsource-0:7.5.1-13.el8_9.3.s390x",
"AppStream-8.9.0.Z.MAIN:frr-debugsource-0:7.5.1-13.el8_9.3.x86_64",
"AppStream-8.9.0.Z.MAIN:frr-selinux-0:7.5.1-13.el8_9.3.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-8.9.0.Z.MAIN:frr-0:7.5.1-13.el8_9.3.aarch64",
"AppStream-8.9.0.Z.MAIN:frr-0:7.5.1-13.el8_9.3.ppc64le",
"AppStream-8.9.0.Z.MAIN:frr-0:7.5.1-13.el8_9.3.s390x",
"AppStream-8.9.0.Z.MAIN:frr-0:7.5.1-13.el8_9.3.src",
"AppStream-8.9.0.Z.MAIN:frr-0:7.5.1-13.el8_9.3.x86_64",
"AppStream-8.9.0.Z.MAIN:frr-debuginfo-0:7.5.1-13.el8_9.3.aarch64",
"AppStream-8.9.0.Z.MAIN:frr-debuginfo-0:7.5.1-13.el8_9.3.ppc64le",
"AppStream-8.9.0.Z.MAIN:frr-debuginfo-0:7.5.1-13.el8_9.3.s390x",
"AppStream-8.9.0.Z.MAIN:frr-debuginfo-0:7.5.1-13.el8_9.3.x86_64",
"AppStream-8.9.0.Z.MAIN:frr-debugsource-0:7.5.1-13.el8_9.3.aarch64",
"AppStream-8.9.0.Z.MAIN:frr-debugsource-0:7.5.1-13.el8_9.3.ppc64le",
"AppStream-8.9.0.Z.MAIN:frr-debugsource-0:7.5.1-13.el8_9.3.s390x",
"AppStream-8.9.0.Z.MAIN:frr-debugsource-0:7.5.1-13.el8_9.3.x86_64",
"AppStream-8.9.0.Z.MAIN:frr-selinux-0:7.5.1-13.el8_9.3.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "ffr: Out of bounds read in bgpd/bgp_label.c"
},
{
"cve": "CVE-2023-47234",
"discovery_date": "2023-11-06T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2248208"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in frr. A crash can occur when processing a crafted BGP UPDATE message with a MP_UNREACH_NLRI attribute and additional NLRI data that lacks mandatory path attributes.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "frr: crash from specially crafted MP_UNREACH_NLRI-containing BGP UPDATE message",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat OpenStack Platform does not ship its own version of the frr package, instead using the version from the underlying Red Hat Enterprise Linux. RHOSP is marked as Not Affected as no changes need to be made by the OpenStack engineering team. System administrators of OpenStack deployments should apply updates once available in RHEL.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.9.0.Z.MAIN:frr-0:7.5.1-13.el8_9.3.aarch64",
"AppStream-8.9.0.Z.MAIN:frr-0:7.5.1-13.el8_9.3.ppc64le",
"AppStream-8.9.0.Z.MAIN:frr-0:7.5.1-13.el8_9.3.s390x",
"AppStream-8.9.0.Z.MAIN:frr-0:7.5.1-13.el8_9.3.src",
"AppStream-8.9.0.Z.MAIN:frr-0:7.5.1-13.el8_9.3.x86_64",
"AppStream-8.9.0.Z.MAIN:frr-debuginfo-0:7.5.1-13.el8_9.3.aarch64",
"AppStream-8.9.0.Z.MAIN:frr-debuginfo-0:7.5.1-13.el8_9.3.ppc64le",
"AppStream-8.9.0.Z.MAIN:frr-debuginfo-0:7.5.1-13.el8_9.3.s390x",
"AppStream-8.9.0.Z.MAIN:frr-debuginfo-0:7.5.1-13.el8_9.3.x86_64",
"AppStream-8.9.0.Z.MAIN:frr-debugsource-0:7.5.1-13.el8_9.3.aarch64",
"AppStream-8.9.0.Z.MAIN:frr-debugsource-0:7.5.1-13.el8_9.3.ppc64le",
"AppStream-8.9.0.Z.MAIN:frr-debugsource-0:7.5.1-13.el8_9.3.s390x",
"AppStream-8.9.0.Z.MAIN:frr-debugsource-0:7.5.1-13.el8_9.3.x86_64",
"AppStream-8.9.0.Z.MAIN:frr-selinux-0:7.5.1-13.el8_9.3.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-47234"
},
{
"category": "external",
"summary": "RHBZ#2248208",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2248208"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-47234",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-47234"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-47234",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-47234"
}
],
"release_date": "2023-11-03T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-01-10T11:33:01+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.9.0.Z.MAIN:frr-0:7.5.1-13.el8_9.3.aarch64",
"AppStream-8.9.0.Z.MAIN:frr-0:7.5.1-13.el8_9.3.ppc64le",
"AppStream-8.9.0.Z.MAIN:frr-0:7.5.1-13.el8_9.3.s390x",
"AppStream-8.9.0.Z.MAIN:frr-0:7.5.1-13.el8_9.3.src",
"AppStream-8.9.0.Z.MAIN:frr-0:7.5.1-13.el8_9.3.x86_64",
"AppStream-8.9.0.Z.MAIN:frr-debuginfo-0:7.5.1-13.el8_9.3.aarch64",
"AppStream-8.9.0.Z.MAIN:frr-debuginfo-0:7.5.1-13.el8_9.3.ppc64le",
"AppStream-8.9.0.Z.MAIN:frr-debuginfo-0:7.5.1-13.el8_9.3.s390x",
"AppStream-8.9.0.Z.MAIN:frr-debuginfo-0:7.5.1-13.el8_9.3.x86_64",
"AppStream-8.9.0.Z.MAIN:frr-debugsource-0:7.5.1-13.el8_9.3.aarch64",
"AppStream-8.9.0.Z.MAIN:frr-debugsource-0:7.5.1-13.el8_9.3.ppc64le",
"AppStream-8.9.0.Z.MAIN:frr-debugsource-0:7.5.1-13.el8_9.3.s390x",
"AppStream-8.9.0.Z.MAIN:frr-debugsource-0:7.5.1-13.el8_9.3.x86_64",
"AppStream-8.9.0.Z.MAIN:frr-selinux-0:7.5.1-13.el8_9.3.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:0130"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"AppStream-8.9.0.Z.MAIN:frr-0:7.5.1-13.el8_9.3.aarch64",
"AppStream-8.9.0.Z.MAIN:frr-0:7.5.1-13.el8_9.3.ppc64le",
"AppStream-8.9.0.Z.MAIN:frr-0:7.5.1-13.el8_9.3.s390x",
"AppStream-8.9.0.Z.MAIN:frr-0:7.5.1-13.el8_9.3.src",
"AppStream-8.9.0.Z.MAIN:frr-0:7.5.1-13.el8_9.3.x86_64",
"AppStream-8.9.0.Z.MAIN:frr-debuginfo-0:7.5.1-13.el8_9.3.aarch64",
"AppStream-8.9.0.Z.MAIN:frr-debuginfo-0:7.5.1-13.el8_9.3.ppc64le",
"AppStream-8.9.0.Z.MAIN:frr-debuginfo-0:7.5.1-13.el8_9.3.s390x",
"AppStream-8.9.0.Z.MAIN:frr-debuginfo-0:7.5.1-13.el8_9.3.x86_64",
"AppStream-8.9.0.Z.MAIN:frr-debugsource-0:7.5.1-13.el8_9.3.aarch64",
"AppStream-8.9.0.Z.MAIN:frr-debugsource-0:7.5.1-13.el8_9.3.ppc64le",
"AppStream-8.9.0.Z.MAIN:frr-debugsource-0:7.5.1-13.el8_9.3.s390x",
"AppStream-8.9.0.Z.MAIN:frr-debugsource-0:7.5.1-13.el8_9.3.x86_64",
"AppStream-8.9.0.Z.MAIN:frr-selinux-0:7.5.1-13.el8_9.3.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-8.9.0.Z.MAIN:frr-0:7.5.1-13.el8_9.3.aarch64",
"AppStream-8.9.0.Z.MAIN:frr-0:7.5.1-13.el8_9.3.ppc64le",
"AppStream-8.9.0.Z.MAIN:frr-0:7.5.1-13.el8_9.3.s390x",
"AppStream-8.9.0.Z.MAIN:frr-0:7.5.1-13.el8_9.3.src",
"AppStream-8.9.0.Z.MAIN:frr-0:7.5.1-13.el8_9.3.x86_64",
"AppStream-8.9.0.Z.MAIN:frr-debuginfo-0:7.5.1-13.el8_9.3.aarch64",
"AppStream-8.9.0.Z.MAIN:frr-debuginfo-0:7.5.1-13.el8_9.3.ppc64le",
"AppStream-8.9.0.Z.MAIN:frr-debuginfo-0:7.5.1-13.el8_9.3.s390x",
"AppStream-8.9.0.Z.MAIN:frr-debuginfo-0:7.5.1-13.el8_9.3.x86_64",
"AppStream-8.9.0.Z.MAIN:frr-debugsource-0:7.5.1-13.el8_9.3.aarch64",
"AppStream-8.9.0.Z.MAIN:frr-debugsource-0:7.5.1-13.el8_9.3.ppc64le",
"AppStream-8.9.0.Z.MAIN:frr-debugsource-0:7.5.1-13.el8_9.3.s390x",
"AppStream-8.9.0.Z.MAIN:frr-debugsource-0:7.5.1-13.el8_9.3.x86_64",
"AppStream-8.9.0.Z.MAIN:frr-selinux-0:7.5.1-13.el8_9.3.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "frr: crash from specially crafted MP_UNREACH_NLRI-containing BGP UPDATE message"
},
{
"cve": "CVE-2023-47235",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2023-11-06T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2248207"
}
],
"notes": [
{
"category": "description",
"text": "An issue was found in FRRouting FRR, where a crash may occur when processing a malformed BGP UPDATE message with an EOR.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "frr: crash from malformed EOR-containing BGP UPDATE message",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "A moderate severity issue has been identified in FRRouting FRR, where a crash may occur when processing a malformed BGP UPDATE message with an EOR. It\u0027s important to note that Red Hat OpenStack Platform (RHOSP) is not directly affected, as it utilises the version from the underlying Red Hat Enterprise Linux and is marked as Not Affected, with no changes required by the OpenStack engineering team. However, system administrators of OpenStack deployments are advised to apply updates once available in RHEL to mitigate potential risks. Additionally, this flaw is discovered through fuzzing, where, in normal cases, such packets cannot exist.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.9.0.Z.MAIN:frr-0:7.5.1-13.el8_9.3.aarch64",
"AppStream-8.9.0.Z.MAIN:frr-0:7.5.1-13.el8_9.3.ppc64le",
"AppStream-8.9.0.Z.MAIN:frr-0:7.5.1-13.el8_9.3.s390x",
"AppStream-8.9.0.Z.MAIN:frr-0:7.5.1-13.el8_9.3.src",
"AppStream-8.9.0.Z.MAIN:frr-0:7.5.1-13.el8_9.3.x86_64",
"AppStream-8.9.0.Z.MAIN:frr-debuginfo-0:7.5.1-13.el8_9.3.aarch64",
"AppStream-8.9.0.Z.MAIN:frr-debuginfo-0:7.5.1-13.el8_9.3.ppc64le",
"AppStream-8.9.0.Z.MAIN:frr-debuginfo-0:7.5.1-13.el8_9.3.s390x",
"AppStream-8.9.0.Z.MAIN:frr-debuginfo-0:7.5.1-13.el8_9.3.x86_64",
"AppStream-8.9.0.Z.MAIN:frr-debugsource-0:7.5.1-13.el8_9.3.aarch64",
"AppStream-8.9.0.Z.MAIN:frr-debugsource-0:7.5.1-13.el8_9.3.ppc64le",
"AppStream-8.9.0.Z.MAIN:frr-debugsource-0:7.5.1-13.el8_9.3.s390x",
"AppStream-8.9.0.Z.MAIN:frr-debugsource-0:7.5.1-13.el8_9.3.x86_64",
"AppStream-8.9.0.Z.MAIN:frr-selinux-0:7.5.1-13.el8_9.3.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-47235"
},
{
"category": "external",
"summary": "RHBZ#2248207",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2248207"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-47235",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-47235"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-47235",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-47235"
}
],
"release_date": "2023-11-03T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-01-10T11:33:01+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.9.0.Z.MAIN:frr-0:7.5.1-13.el8_9.3.aarch64",
"AppStream-8.9.0.Z.MAIN:frr-0:7.5.1-13.el8_9.3.ppc64le",
"AppStream-8.9.0.Z.MAIN:frr-0:7.5.1-13.el8_9.3.s390x",
"AppStream-8.9.0.Z.MAIN:frr-0:7.5.1-13.el8_9.3.src",
"AppStream-8.9.0.Z.MAIN:frr-0:7.5.1-13.el8_9.3.x86_64",
"AppStream-8.9.0.Z.MAIN:frr-debuginfo-0:7.5.1-13.el8_9.3.aarch64",
"AppStream-8.9.0.Z.MAIN:frr-debuginfo-0:7.5.1-13.el8_9.3.ppc64le",
"AppStream-8.9.0.Z.MAIN:frr-debuginfo-0:7.5.1-13.el8_9.3.s390x",
"AppStream-8.9.0.Z.MAIN:frr-debuginfo-0:7.5.1-13.el8_9.3.x86_64",
"AppStream-8.9.0.Z.MAIN:frr-debugsource-0:7.5.1-13.el8_9.3.aarch64",
"AppStream-8.9.0.Z.MAIN:frr-debugsource-0:7.5.1-13.el8_9.3.ppc64le",
"AppStream-8.9.0.Z.MAIN:frr-debugsource-0:7.5.1-13.el8_9.3.s390x",
"AppStream-8.9.0.Z.MAIN:frr-debugsource-0:7.5.1-13.el8_9.3.x86_64",
"AppStream-8.9.0.Z.MAIN:frr-selinux-0:7.5.1-13.el8_9.3.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:0130"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"AppStream-8.9.0.Z.MAIN:frr-0:7.5.1-13.el8_9.3.aarch64",
"AppStream-8.9.0.Z.MAIN:frr-0:7.5.1-13.el8_9.3.ppc64le",
"AppStream-8.9.0.Z.MAIN:frr-0:7.5.1-13.el8_9.3.s390x",
"AppStream-8.9.0.Z.MAIN:frr-0:7.5.1-13.el8_9.3.src",
"AppStream-8.9.0.Z.MAIN:frr-0:7.5.1-13.el8_9.3.x86_64",
"AppStream-8.9.0.Z.MAIN:frr-debuginfo-0:7.5.1-13.el8_9.3.aarch64",
"AppStream-8.9.0.Z.MAIN:frr-debuginfo-0:7.5.1-13.el8_9.3.ppc64le",
"AppStream-8.9.0.Z.MAIN:frr-debuginfo-0:7.5.1-13.el8_9.3.s390x",
"AppStream-8.9.0.Z.MAIN:frr-debuginfo-0:7.5.1-13.el8_9.3.x86_64",
"AppStream-8.9.0.Z.MAIN:frr-debugsource-0:7.5.1-13.el8_9.3.aarch64",
"AppStream-8.9.0.Z.MAIN:frr-debugsource-0:7.5.1-13.el8_9.3.ppc64le",
"AppStream-8.9.0.Z.MAIN:frr-debugsource-0:7.5.1-13.el8_9.3.s390x",
"AppStream-8.9.0.Z.MAIN:frr-debugsource-0:7.5.1-13.el8_9.3.x86_64",
"AppStream-8.9.0.Z.MAIN:frr-selinux-0:7.5.1-13.el8_9.3.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-8.9.0.Z.MAIN:frr-0:7.5.1-13.el8_9.3.aarch64",
"AppStream-8.9.0.Z.MAIN:frr-0:7.5.1-13.el8_9.3.ppc64le",
"AppStream-8.9.0.Z.MAIN:frr-0:7.5.1-13.el8_9.3.s390x",
"AppStream-8.9.0.Z.MAIN:frr-0:7.5.1-13.el8_9.3.src",
"AppStream-8.9.0.Z.MAIN:frr-0:7.5.1-13.el8_9.3.x86_64",
"AppStream-8.9.0.Z.MAIN:frr-debuginfo-0:7.5.1-13.el8_9.3.aarch64",
"AppStream-8.9.0.Z.MAIN:frr-debuginfo-0:7.5.1-13.el8_9.3.ppc64le",
"AppStream-8.9.0.Z.MAIN:frr-debuginfo-0:7.5.1-13.el8_9.3.s390x",
"AppStream-8.9.0.Z.MAIN:frr-debuginfo-0:7.5.1-13.el8_9.3.x86_64",
"AppStream-8.9.0.Z.MAIN:frr-debugsource-0:7.5.1-13.el8_9.3.aarch64",
"AppStream-8.9.0.Z.MAIN:frr-debugsource-0:7.5.1-13.el8_9.3.ppc64le",
"AppStream-8.9.0.Z.MAIN:frr-debugsource-0:7.5.1-13.el8_9.3.s390x",
"AppStream-8.9.0.Z.MAIN:frr-debugsource-0:7.5.1-13.el8_9.3.x86_64",
"AppStream-8.9.0.Z.MAIN:frr-selinux-0:7.5.1-13.el8_9.3.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "frr: crash from malformed EOR-containing BGP UPDATE message"
}
]
}
RHSA-2024_0477
Vulnerability from csaf_redhat - Published: 2024-01-25 10:51 - Updated: 2024-11-23 02:11Summary
Red Hat Security Advisory: frr security update
Severity
Moderate
Notes
Topic: An update for frr is now available for Red Hat Enterprise Linux 9.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details: FRRouting is free software that manages TCP/IP based routing protocols. It supports BGP4, OSPFv2, OSPFv3, ISIS, RIP, RIPng, PIM, NHRP, PBR, EIGRP and BFD.
Security Fix(es):
* ffr: Flowspec overflow in bgpd/bgp_flowspec.c (CVE-2023-38406)
* ffr: Out of bounds read in bgpd/bgp_label.c (CVE-2023-38407)
* frr: crash from specially crafted MP_UNREACH_NLRI-containing BGP UPDATE message (CVE-2023-47234)
* frr: crash from malformed EOR-containing BGP UPDATE message (CVE-2023-47235)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A flaw was found in bgpd/bgp_flowspec.c in the FFrouting BGP protocol code. An overflow may occur while processing zero length NLRI messages.
7.5 (High)
Affected products
Fixed
14 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-9.3.0.Z.MAIN:frr-0:8.3.1-11.el9_3.2.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.3.0.Z.MAIN:frr-0:8.3.1-11.el9_3.2.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.3.0.Z.MAIN:frr-0:8.3.1-11.el9_3.2.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.3.0.Z.MAIN:frr-0:8.3.1-11.el9_3.2.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.3.0.Z.MAIN:frr-0:8.3.1-11.el9_3.2.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.3.0.Z.MAIN:frr-debuginfo-0:8.3.1-11.el9_3.2.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.3.0.Z.MAIN:frr-debuginfo-0:8.3.1-11.el9_3.2.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.3.0.Z.MAIN:frr-debuginfo-0:8.3.1-11.el9_3.2.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.3.0.Z.MAIN:frr-debuginfo-0:8.3.1-11.el9_3.2.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.3.0.Z.MAIN:frr-debugsource-0:8.3.1-11.el9_3.2.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.3.0.Z.MAIN:frr-debugsource-0:8.3.1-11.el9_3.2.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.3.0.Z.MAIN:frr-debugsource-0:8.3.1-11.el9_3.2.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.3.0.Z.MAIN:frr-debugsource-0:8.3.1-11.el9_3.2.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.3.0.Z.MAIN:frr-selinux-0:8.3.1-11.el9_3.2.noarch | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
An out-of-bounds read flaw was found in FFrounting beyond the end of the stream during labeled unicast parsing. This issue may lead to application crash and denial of service.
7.5 (High)
Affected products
Fixed
14 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-9.3.0.Z.MAIN:frr-0:8.3.1-11.el9_3.2.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.3.0.Z.MAIN:frr-0:8.3.1-11.el9_3.2.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.3.0.Z.MAIN:frr-0:8.3.1-11.el9_3.2.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.3.0.Z.MAIN:frr-0:8.3.1-11.el9_3.2.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.3.0.Z.MAIN:frr-0:8.3.1-11.el9_3.2.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.3.0.Z.MAIN:frr-debuginfo-0:8.3.1-11.el9_3.2.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.3.0.Z.MAIN:frr-debuginfo-0:8.3.1-11.el9_3.2.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.3.0.Z.MAIN:frr-debuginfo-0:8.3.1-11.el9_3.2.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.3.0.Z.MAIN:frr-debuginfo-0:8.3.1-11.el9_3.2.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.3.0.Z.MAIN:frr-debugsource-0:8.3.1-11.el9_3.2.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.3.0.Z.MAIN:frr-debugsource-0:8.3.1-11.el9_3.2.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.3.0.Z.MAIN:frr-debugsource-0:8.3.1-11.el9_3.2.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.3.0.Z.MAIN:frr-debugsource-0:8.3.1-11.el9_3.2.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.3.0.Z.MAIN:frr-selinux-0:8.3.1-11.el9_3.2.noarch | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
A flaw was found in frr. A crash can occur when processing a crafted BGP UPDATE message with a MP_UNREACH_NLRI attribute and additional NLRI data that lacks mandatory path attributes.
7.5 (High)
Affected products
Fixed
14 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-9.3.0.Z.MAIN:frr-0:8.3.1-11.el9_3.2.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.3.0.Z.MAIN:frr-0:8.3.1-11.el9_3.2.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.3.0.Z.MAIN:frr-0:8.3.1-11.el9_3.2.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.3.0.Z.MAIN:frr-0:8.3.1-11.el9_3.2.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.3.0.Z.MAIN:frr-0:8.3.1-11.el9_3.2.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.3.0.Z.MAIN:frr-debuginfo-0:8.3.1-11.el9_3.2.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.3.0.Z.MAIN:frr-debuginfo-0:8.3.1-11.el9_3.2.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.3.0.Z.MAIN:frr-debuginfo-0:8.3.1-11.el9_3.2.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.3.0.Z.MAIN:frr-debuginfo-0:8.3.1-11.el9_3.2.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.3.0.Z.MAIN:frr-debugsource-0:8.3.1-11.el9_3.2.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.3.0.Z.MAIN:frr-debugsource-0:8.3.1-11.el9_3.2.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.3.0.Z.MAIN:frr-debugsource-0:8.3.1-11.el9_3.2.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.3.0.Z.MAIN:frr-debugsource-0:8.3.1-11.el9_3.2.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.3.0.Z.MAIN:frr-selinux-0:8.3.1-11.el9_3.2.noarch | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
An issue was found in FRRouting FRR, where a crash may occur when processing a malformed BGP UPDATE message with an EOR.
7.5 (High)
Affected products
Fixed
14 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-9.3.0.Z.MAIN:frr-0:8.3.1-11.el9_3.2.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.3.0.Z.MAIN:frr-0:8.3.1-11.el9_3.2.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.3.0.Z.MAIN:frr-0:8.3.1-11.el9_3.2.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.3.0.Z.MAIN:frr-0:8.3.1-11.el9_3.2.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.3.0.Z.MAIN:frr-0:8.3.1-11.el9_3.2.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.3.0.Z.MAIN:frr-debuginfo-0:8.3.1-11.el9_3.2.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.3.0.Z.MAIN:frr-debuginfo-0:8.3.1-11.el9_3.2.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.3.0.Z.MAIN:frr-debuginfo-0:8.3.1-11.el9_3.2.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.3.0.Z.MAIN:frr-debuginfo-0:8.3.1-11.el9_3.2.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.3.0.Z.MAIN:frr-debugsource-0:8.3.1-11.el9_3.2.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.3.0.Z.MAIN:frr-debugsource-0:8.3.1-11.el9_3.2.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.3.0.Z.MAIN:frr-debugsource-0:8.3.1-11.el9_3.2.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.3.0.Z.MAIN:frr-debugsource-0:8.3.1-11.el9_3.2.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.3.0.Z.MAIN:frr-selinux-0:8.3.1-11.el9_3.2.noarch | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
References
26 references
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for frr is now available for Red Hat Enterprise Linux 9.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "FRRouting is free software that manages TCP/IP based routing protocols. It supports BGP4, OSPFv2, OSPFv3, ISIS, RIP, RIPng, PIM, NHRP, PBR, EIGRP and BFD. \n\nSecurity Fix(es):\n\n* ffr: Flowspec overflow in bgpd/bgp_flowspec.c (CVE-2023-38406)\n\n* ffr: Out of bounds read in bgpd/bgp_label.c (CVE-2023-38407)\n\n* frr: crash from specially crafted MP_UNREACH_NLRI-containing BGP UPDATE message (CVE-2023-47234)\n\n* frr: crash from malformed EOR-containing BGP UPDATE message (CVE-2023-47235)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2024:0477",
"url": "https://access.redhat.com/errata/RHSA-2024:0477"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "2248207",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2248207"
},
{
"category": "external",
"summary": "2248208",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2248208"
},
{
"category": "external",
"summary": "2248526",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2248526"
},
{
"category": "external",
"summary": "2248528",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2248528"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_0477.json"
}
],
"title": "Red Hat Security Advisory: frr security update",
"tracking": {
"current_release_date": "2024-11-23T02:11:49+00:00",
"generator": {
"date": "2024-11-23T02:11:49+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.1"
}
},
"id": "RHSA-2024:0477",
"initial_release_date": "2024-01-25T10:51:39+00:00",
"revision_history": [
{
"date": "2024-01-25T10:51:39+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2024-01-25T10:51:39+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-11-23T02:11:49+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux AppStream (v. 9)",
"product": {
"name": "Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.3.0.Z.MAIN",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:enterprise_linux:9::appstream"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "frr-0:8.3.1-11.el9_3.2.src",
"product": {
"name": "frr-0:8.3.1-11.el9_3.2.src",
"product_id": "frr-0:8.3.1-11.el9_3.2.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/frr@8.3.1-11.el9_3.2?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "frr-0:8.3.1-11.el9_3.2.aarch64",
"product": {
"name": "frr-0:8.3.1-11.el9_3.2.aarch64",
"product_id": "frr-0:8.3.1-11.el9_3.2.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/frr@8.3.1-11.el9_3.2?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "frr-debugsource-0:8.3.1-11.el9_3.2.aarch64",
"product": {
"name": "frr-debugsource-0:8.3.1-11.el9_3.2.aarch64",
"product_id": "frr-debugsource-0:8.3.1-11.el9_3.2.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/frr-debugsource@8.3.1-11.el9_3.2?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "frr-debuginfo-0:8.3.1-11.el9_3.2.aarch64",
"product": {
"name": "frr-debuginfo-0:8.3.1-11.el9_3.2.aarch64",
"product_id": "frr-debuginfo-0:8.3.1-11.el9_3.2.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/frr-debuginfo@8.3.1-11.el9_3.2?arch=aarch64"
}
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "frr-0:8.3.1-11.el9_3.2.ppc64le",
"product": {
"name": "frr-0:8.3.1-11.el9_3.2.ppc64le",
"product_id": "frr-0:8.3.1-11.el9_3.2.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/frr@8.3.1-11.el9_3.2?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "frr-debugsource-0:8.3.1-11.el9_3.2.ppc64le",
"product": {
"name": "frr-debugsource-0:8.3.1-11.el9_3.2.ppc64le",
"product_id": "frr-debugsource-0:8.3.1-11.el9_3.2.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/frr-debugsource@8.3.1-11.el9_3.2?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "frr-debuginfo-0:8.3.1-11.el9_3.2.ppc64le",
"product": {
"name": "frr-debuginfo-0:8.3.1-11.el9_3.2.ppc64le",
"product_id": "frr-debuginfo-0:8.3.1-11.el9_3.2.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/frr-debuginfo@8.3.1-11.el9_3.2?arch=ppc64le"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "frr-0:8.3.1-11.el9_3.2.x86_64",
"product": {
"name": "frr-0:8.3.1-11.el9_3.2.x86_64",
"product_id": "frr-0:8.3.1-11.el9_3.2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/frr@8.3.1-11.el9_3.2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "frr-debugsource-0:8.3.1-11.el9_3.2.x86_64",
"product": {
"name": "frr-debugsource-0:8.3.1-11.el9_3.2.x86_64",
"product_id": "frr-debugsource-0:8.3.1-11.el9_3.2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/frr-debugsource@8.3.1-11.el9_3.2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "frr-debuginfo-0:8.3.1-11.el9_3.2.x86_64",
"product": {
"name": "frr-debuginfo-0:8.3.1-11.el9_3.2.x86_64",
"product_id": "frr-debuginfo-0:8.3.1-11.el9_3.2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/frr-debuginfo@8.3.1-11.el9_3.2?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "frr-0:8.3.1-11.el9_3.2.s390x",
"product": {
"name": "frr-0:8.3.1-11.el9_3.2.s390x",
"product_id": "frr-0:8.3.1-11.el9_3.2.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/frr@8.3.1-11.el9_3.2?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "frr-debugsource-0:8.3.1-11.el9_3.2.s390x",
"product": {
"name": "frr-debugsource-0:8.3.1-11.el9_3.2.s390x",
"product_id": "frr-debugsource-0:8.3.1-11.el9_3.2.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/frr-debugsource@8.3.1-11.el9_3.2?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "frr-debuginfo-0:8.3.1-11.el9_3.2.s390x",
"product": {
"name": "frr-debuginfo-0:8.3.1-11.el9_3.2.s390x",
"product_id": "frr-debuginfo-0:8.3.1-11.el9_3.2.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/frr-debuginfo@8.3.1-11.el9_3.2?arch=s390x"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "frr-selinux-0:8.3.1-11.el9_3.2.noarch",
"product": {
"name": "frr-selinux-0:8.3.1-11.el9_3.2.noarch",
"product_id": "frr-selinux-0:8.3.1-11.el9_3.2.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/frr-selinux@8.3.1-11.el9_3.2?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "frr-0:8.3.1-11.el9_3.2.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.3.0.Z.MAIN:frr-0:8.3.1-11.el9_3.2.aarch64"
},
"product_reference": "frr-0:8.3.1-11.el9_3.2.aarch64",
"relates_to_product_reference": "AppStream-9.3.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "frr-0:8.3.1-11.el9_3.2.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.3.0.Z.MAIN:frr-0:8.3.1-11.el9_3.2.ppc64le"
},
"product_reference": "frr-0:8.3.1-11.el9_3.2.ppc64le",
"relates_to_product_reference": "AppStream-9.3.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "frr-0:8.3.1-11.el9_3.2.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.3.0.Z.MAIN:frr-0:8.3.1-11.el9_3.2.s390x"
},
"product_reference": "frr-0:8.3.1-11.el9_3.2.s390x",
"relates_to_product_reference": "AppStream-9.3.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "frr-0:8.3.1-11.el9_3.2.src as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.3.0.Z.MAIN:frr-0:8.3.1-11.el9_3.2.src"
},
"product_reference": "frr-0:8.3.1-11.el9_3.2.src",
"relates_to_product_reference": "AppStream-9.3.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "frr-0:8.3.1-11.el9_3.2.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.3.0.Z.MAIN:frr-0:8.3.1-11.el9_3.2.x86_64"
},
"product_reference": "frr-0:8.3.1-11.el9_3.2.x86_64",
"relates_to_product_reference": "AppStream-9.3.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "frr-debuginfo-0:8.3.1-11.el9_3.2.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.3.0.Z.MAIN:frr-debuginfo-0:8.3.1-11.el9_3.2.aarch64"
},
"product_reference": "frr-debuginfo-0:8.3.1-11.el9_3.2.aarch64",
"relates_to_product_reference": "AppStream-9.3.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "frr-debuginfo-0:8.3.1-11.el9_3.2.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.3.0.Z.MAIN:frr-debuginfo-0:8.3.1-11.el9_3.2.ppc64le"
},
"product_reference": "frr-debuginfo-0:8.3.1-11.el9_3.2.ppc64le",
"relates_to_product_reference": "AppStream-9.3.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "frr-debuginfo-0:8.3.1-11.el9_3.2.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.3.0.Z.MAIN:frr-debuginfo-0:8.3.1-11.el9_3.2.s390x"
},
"product_reference": "frr-debuginfo-0:8.3.1-11.el9_3.2.s390x",
"relates_to_product_reference": "AppStream-9.3.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "frr-debuginfo-0:8.3.1-11.el9_3.2.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.3.0.Z.MAIN:frr-debuginfo-0:8.3.1-11.el9_3.2.x86_64"
},
"product_reference": "frr-debuginfo-0:8.3.1-11.el9_3.2.x86_64",
"relates_to_product_reference": "AppStream-9.3.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "frr-debugsource-0:8.3.1-11.el9_3.2.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.3.0.Z.MAIN:frr-debugsource-0:8.3.1-11.el9_3.2.aarch64"
},
"product_reference": "frr-debugsource-0:8.3.1-11.el9_3.2.aarch64",
"relates_to_product_reference": "AppStream-9.3.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "frr-debugsource-0:8.3.1-11.el9_3.2.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.3.0.Z.MAIN:frr-debugsource-0:8.3.1-11.el9_3.2.ppc64le"
},
"product_reference": "frr-debugsource-0:8.3.1-11.el9_3.2.ppc64le",
"relates_to_product_reference": "AppStream-9.3.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "frr-debugsource-0:8.3.1-11.el9_3.2.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.3.0.Z.MAIN:frr-debugsource-0:8.3.1-11.el9_3.2.s390x"
},
"product_reference": "frr-debugsource-0:8.3.1-11.el9_3.2.s390x",
"relates_to_product_reference": "AppStream-9.3.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "frr-debugsource-0:8.3.1-11.el9_3.2.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.3.0.Z.MAIN:frr-debugsource-0:8.3.1-11.el9_3.2.x86_64"
},
"product_reference": "frr-debugsource-0:8.3.1-11.el9_3.2.x86_64",
"relates_to_product_reference": "AppStream-9.3.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "frr-selinux-0:8.3.1-11.el9_3.2.noarch as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.3.0.Z.MAIN:frr-selinux-0:8.3.1-11.el9_3.2.noarch"
},
"product_reference": "frr-selinux-0:8.3.1-11.el9_3.2.noarch",
"relates_to_product_reference": "AppStream-9.3.0.Z.MAIN"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-38406",
"cwe": {
"id": "CWE-119",
"name": "Improper Restriction of Operations within the Bounds of a Memory Buffer"
},
"discovery_date": "2023-11-06T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2248526"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in bgpd/bgp_flowspec.c in the FFrouting BGP protocol code. An overflow may occur while processing zero length NLRI messages.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "ffr: Flowspec overflow in bgpd/bgp_flowspec.c",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat OpenStack Platform does not ship its own version of the frr package, instead using the version from the underlying Red Hat Enterprise Linux. RHOSP is marked as Not Affected as no changes need to be made by the OpenStack engineering team. System administrators of OpenStack deployments should apply updates once available in RHEL.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.3.0.Z.MAIN:frr-0:8.3.1-11.el9_3.2.aarch64",
"AppStream-9.3.0.Z.MAIN:frr-0:8.3.1-11.el9_3.2.ppc64le",
"AppStream-9.3.0.Z.MAIN:frr-0:8.3.1-11.el9_3.2.s390x",
"AppStream-9.3.0.Z.MAIN:frr-0:8.3.1-11.el9_3.2.src",
"AppStream-9.3.0.Z.MAIN:frr-0:8.3.1-11.el9_3.2.x86_64",
"AppStream-9.3.0.Z.MAIN:frr-debuginfo-0:8.3.1-11.el9_3.2.aarch64",
"AppStream-9.3.0.Z.MAIN:frr-debuginfo-0:8.3.1-11.el9_3.2.ppc64le",
"AppStream-9.3.0.Z.MAIN:frr-debuginfo-0:8.3.1-11.el9_3.2.s390x",
"AppStream-9.3.0.Z.MAIN:frr-debuginfo-0:8.3.1-11.el9_3.2.x86_64",
"AppStream-9.3.0.Z.MAIN:frr-debugsource-0:8.3.1-11.el9_3.2.aarch64",
"AppStream-9.3.0.Z.MAIN:frr-debugsource-0:8.3.1-11.el9_3.2.ppc64le",
"AppStream-9.3.0.Z.MAIN:frr-debugsource-0:8.3.1-11.el9_3.2.s390x",
"AppStream-9.3.0.Z.MAIN:frr-debugsource-0:8.3.1-11.el9_3.2.x86_64",
"AppStream-9.3.0.Z.MAIN:frr-selinux-0:8.3.1-11.el9_3.2.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-38406"
},
{
"category": "external",
"summary": "RHBZ#2248526",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2248526"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-38406",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38406"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-38406",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-38406"
},
{
"category": "external",
"summary": "https://github.com/FRRouting/frr/pull/12884",
"url": "https://github.com/FRRouting/frr/pull/12884"
}
],
"release_date": "2023-02-24T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-01-25T10:51:39+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.3.0.Z.MAIN:frr-0:8.3.1-11.el9_3.2.aarch64",
"AppStream-9.3.0.Z.MAIN:frr-0:8.3.1-11.el9_3.2.ppc64le",
"AppStream-9.3.0.Z.MAIN:frr-0:8.3.1-11.el9_3.2.s390x",
"AppStream-9.3.0.Z.MAIN:frr-0:8.3.1-11.el9_3.2.src",
"AppStream-9.3.0.Z.MAIN:frr-0:8.3.1-11.el9_3.2.x86_64",
"AppStream-9.3.0.Z.MAIN:frr-debuginfo-0:8.3.1-11.el9_3.2.aarch64",
"AppStream-9.3.0.Z.MAIN:frr-debuginfo-0:8.3.1-11.el9_3.2.ppc64le",
"AppStream-9.3.0.Z.MAIN:frr-debuginfo-0:8.3.1-11.el9_3.2.s390x",
"AppStream-9.3.0.Z.MAIN:frr-debuginfo-0:8.3.1-11.el9_3.2.x86_64",
"AppStream-9.3.0.Z.MAIN:frr-debugsource-0:8.3.1-11.el9_3.2.aarch64",
"AppStream-9.3.0.Z.MAIN:frr-debugsource-0:8.3.1-11.el9_3.2.ppc64le",
"AppStream-9.3.0.Z.MAIN:frr-debugsource-0:8.3.1-11.el9_3.2.s390x",
"AppStream-9.3.0.Z.MAIN:frr-debugsource-0:8.3.1-11.el9_3.2.x86_64",
"AppStream-9.3.0.Z.MAIN:frr-selinux-0:8.3.1-11.el9_3.2.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:0477"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"AppStream-9.3.0.Z.MAIN:frr-0:8.3.1-11.el9_3.2.aarch64",
"AppStream-9.3.0.Z.MAIN:frr-0:8.3.1-11.el9_3.2.ppc64le",
"AppStream-9.3.0.Z.MAIN:frr-0:8.3.1-11.el9_3.2.s390x",
"AppStream-9.3.0.Z.MAIN:frr-0:8.3.1-11.el9_3.2.src",
"AppStream-9.3.0.Z.MAIN:frr-0:8.3.1-11.el9_3.2.x86_64",
"AppStream-9.3.0.Z.MAIN:frr-debuginfo-0:8.3.1-11.el9_3.2.aarch64",
"AppStream-9.3.0.Z.MAIN:frr-debuginfo-0:8.3.1-11.el9_3.2.ppc64le",
"AppStream-9.3.0.Z.MAIN:frr-debuginfo-0:8.3.1-11.el9_3.2.s390x",
"AppStream-9.3.0.Z.MAIN:frr-debuginfo-0:8.3.1-11.el9_3.2.x86_64",
"AppStream-9.3.0.Z.MAIN:frr-debugsource-0:8.3.1-11.el9_3.2.aarch64",
"AppStream-9.3.0.Z.MAIN:frr-debugsource-0:8.3.1-11.el9_3.2.ppc64le",
"AppStream-9.3.0.Z.MAIN:frr-debugsource-0:8.3.1-11.el9_3.2.s390x",
"AppStream-9.3.0.Z.MAIN:frr-debugsource-0:8.3.1-11.el9_3.2.x86_64",
"AppStream-9.3.0.Z.MAIN:frr-selinux-0:8.3.1-11.el9_3.2.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-9.3.0.Z.MAIN:frr-0:8.3.1-11.el9_3.2.aarch64",
"AppStream-9.3.0.Z.MAIN:frr-0:8.3.1-11.el9_3.2.ppc64le",
"AppStream-9.3.0.Z.MAIN:frr-0:8.3.1-11.el9_3.2.s390x",
"AppStream-9.3.0.Z.MAIN:frr-0:8.3.1-11.el9_3.2.src",
"AppStream-9.3.0.Z.MAIN:frr-0:8.3.1-11.el9_3.2.x86_64",
"AppStream-9.3.0.Z.MAIN:frr-debuginfo-0:8.3.1-11.el9_3.2.aarch64",
"AppStream-9.3.0.Z.MAIN:frr-debuginfo-0:8.3.1-11.el9_3.2.ppc64le",
"AppStream-9.3.0.Z.MAIN:frr-debuginfo-0:8.3.1-11.el9_3.2.s390x",
"AppStream-9.3.0.Z.MAIN:frr-debuginfo-0:8.3.1-11.el9_3.2.x86_64",
"AppStream-9.3.0.Z.MAIN:frr-debugsource-0:8.3.1-11.el9_3.2.aarch64",
"AppStream-9.3.0.Z.MAIN:frr-debugsource-0:8.3.1-11.el9_3.2.ppc64le",
"AppStream-9.3.0.Z.MAIN:frr-debugsource-0:8.3.1-11.el9_3.2.s390x",
"AppStream-9.3.0.Z.MAIN:frr-debugsource-0:8.3.1-11.el9_3.2.x86_64",
"AppStream-9.3.0.Z.MAIN:frr-selinux-0:8.3.1-11.el9_3.2.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "ffr: Flowspec overflow in bgpd/bgp_flowspec.c"
},
{
"cve": "CVE-2023-38407",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"discovery_date": "2023-11-06T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2248528"
}
],
"notes": [
{
"category": "description",
"text": "An out-of-bounds read flaw was found in FFrounting beyond the end of the stream during labeled unicast parsing. This issue may lead to application crash and denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "ffr: Out of bounds read in bgpd/bgp_label.c",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat OpenStack Platform does not ship its own version of the frr package, instead using the version from the underlying Red Hat Enterprise Linux. RHOSP is marked as Not Affected as no changes need to be made by the OpenStack engineering team. System administrators of OpenStack deployments should apply updates once available in RHEL.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.3.0.Z.MAIN:frr-0:8.3.1-11.el9_3.2.aarch64",
"AppStream-9.3.0.Z.MAIN:frr-0:8.3.1-11.el9_3.2.ppc64le",
"AppStream-9.3.0.Z.MAIN:frr-0:8.3.1-11.el9_3.2.s390x",
"AppStream-9.3.0.Z.MAIN:frr-0:8.3.1-11.el9_3.2.src",
"AppStream-9.3.0.Z.MAIN:frr-0:8.3.1-11.el9_3.2.x86_64",
"AppStream-9.3.0.Z.MAIN:frr-debuginfo-0:8.3.1-11.el9_3.2.aarch64",
"AppStream-9.3.0.Z.MAIN:frr-debuginfo-0:8.3.1-11.el9_3.2.ppc64le",
"AppStream-9.3.0.Z.MAIN:frr-debuginfo-0:8.3.1-11.el9_3.2.s390x",
"AppStream-9.3.0.Z.MAIN:frr-debuginfo-0:8.3.1-11.el9_3.2.x86_64",
"AppStream-9.3.0.Z.MAIN:frr-debugsource-0:8.3.1-11.el9_3.2.aarch64",
"AppStream-9.3.0.Z.MAIN:frr-debugsource-0:8.3.1-11.el9_3.2.ppc64le",
"AppStream-9.3.0.Z.MAIN:frr-debugsource-0:8.3.1-11.el9_3.2.s390x",
"AppStream-9.3.0.Z.MAIN:frr-debugsource-0:8.3.1-11.el9_3.2.x86_64",
"AppStream-9.3.0.Z.MAIN:frr-selinux-0:8.3.1-11.el9_3.2.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-38407"
},
{
"category": "external",
"summary": "RHBZ#2248528",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2248528"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-38407",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38407"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-38407",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-38407"
},
{
"category": "external",
"summary": "https://github.com/FRRouting/frr/pull/12951",
"url": "https://github.com/FRRouting/frr/pull/12951"
},
{
"category": "external",
"summary": "https://github.com/FRRouting/frr/pull/12956",
"url": "https://github.com/FRRouting/frr/pull/12956"
}
],
"release_date": "2023-03-05T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-01-25T10:51:39+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.3.0.Z.MAIN:frr-0:8.3.1-11.el9_3.2.aarch64",
"AppStream-9.3.0.Z.MAIN:frr-0:8.3.1-11.el9_3.2.ppc64le",
"AppStream-9.3.0.Z.MAIN:frr-0:8.3.1-11.el9_3.2.s390x",
"AppStream-9.3.0.Z.MAIN:frr-0:8.3.1-11.el9_3.2.src",
"AppStream-9.3.0.Z.MAIN:frr-0:8.3.1-11.el9_3.2.x86_64",
"AppStream-9.3.0.Z.MAIN:frr-debuginfo-0:8.3.1-11.el9_3.2.aarch64",
"AppStream-9.3.0.Z.MAIN:frr-debuginfo-0:8.3.1-11.el9_3.2.ppc64le",
"AppStream-9.3.0.Z.MAIN:frr-debuginfo-0:8.3.1-11.el9_3.2.s390x",
"AppStream-9.3.0.Z.MAIN:frr-debuginfo-0:8.3.1-11.el9_3.2.x86_64",
"AppStream-9.3.0.Z.MAIN:frr-debugsource-0:8.3.1-11.el9_3.2.aarch64",
"AppStream-9.3.0.Z.MAIN:frr-debugsource-0:8.3.1-11.el9_3.2.ppc64le",
"AppStream-9.3.0.Z.MAIN:frr-debugsource-0:8.3.1-11.el9_3.2.s390x",
"AppStream-9.3.0.Z.MAIN:frr-debugsource-0:8.3.1-11.el9_3.2.x86_64",
"AppStream-9.3.0.Z.MAIN:frr-selinux-0:8.3.1-11.el9_3.2.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:0477"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"AppStream-9.3.0.Z.MAIN:frr-0:8.3.1-11.el9_3.2.aarch64",
"AppStream-9.3.0.Z.MAIN:frr-0:8.3.1-11.el9_3.2.ppc64le",
"AppStream-9.3.0.Z.MAIN:frr-0:8.3.1-11.el9_3.2.s390x",
"AppStream-9.3.0.Z.MAIN:frr-0:8.3.1-11.el9_3.2.src",
"AppStream-9.3.0.Z.MAIN:frr-0:8.3.1-11.el9_3.2.x86_64",
"AppStream-9.3.0.Z.MAIN:frr-debuginfo-0:8.3.1-11.el9_3.2.aarch64",
"AppStream-9.3.0.Z.MAIN:frr-debuginfo-0:8.3.1-11.el9_3.2.ppc64le",
"AppStream-9.3.0.Z.MAIN:frr-debuginfo-0:8.3.1-11.el9_3.2.s390x",
"AppStream-9.3.0.Z.MAIN:frr-debuginfo-0:8.3.1-11.el9_3.2.x86_64",
"AppStream-9.3.0.Z.MAIN:frr-debugsource-0:8.3.1-11.el9_3.2.aarch64",
"AppStream-9.3.0.Z.MAIN:frr-debugsource-0:8.3.1-11.el9_3.2.ppc64le",
"AppStream-9.3.0.Z.MAIN:frr-debugsource-0:8.3.1-11.el9_3.2.s390x",
"AppStream-9.3.0.Z.MAIN:frr-debugsource-0:8.3.1-11.el9_3.2.x86_64",
"AppStream-9.3.0.Z.MAIN:frr-selinux-0:8.3.1-11.el9_3.2.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-9.3.0.Z.MAIN:frr-0:8.3.1-11.el9_3.2.aarch64",
"AppStream-9.3.0.Z.MAIN:frr-0:8.3.1-11.el9_3.2.ppc64le",
"AppStream-9.3.0.Z.MAIN:frr-0:8.3.1-11.el9_3.2.s390x",
"AppStream-9.3.0.Z.MAIN:frr-0:8.3.1-11.el9_3.2.src",
"AppStream-9.3.0.Z.MAIN:frr-0:8.3.1-11.el9_3.2.x86_64",
"AppStream-9.3.0.Z.MAIN:frr-debuginfo-0:8.3.1-11.el9_3.2.aarch64",
"AppStream-9.3.0.Z.MAIN:frr-debuginfo-0:8.3.1-11.el9_3.2.ppc64le",
"AppStream-9.3.0.Z.MAIN:frr-debuginfo-0:8.3.1-11.el9_3.2.s390x",
"AppStream-9.3.0.Z.MAIN:frr-debuginfo-0:8.3.1-11.el9_3.2.x86_64",
"AppStream-9.3.0.Z.MAIN:frr-debugsource-0:8.3.1-11.el9_3.2.aarch64",
"AppStream-9.3.0.Z.MAIN:frr-debugsource-0:8.3.1-11.el9_3.2.ppc64le",
"AppStream-9.3.0.Z.MAIN:frr-debugsource-0:8.3.1-11.el9_3.2.s390x",
"AppStream-9.3.0.Z.MAIN:frr-debugsource-0:8.3.1-11.el9_3.2.x86_64",
"AppStream-9.3.0.Z.MAIN:frr-selinux-0:8.3.1-11.el9_3.2.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "ffr: Out of bounds read in bgpd/bgp_label.c"
},
{
"cve": "CVE-2023-47234",
"discovery_date": "2023-11-06T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2248208"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in frr. A crash can occur when processing a crafted BGP UPDATE message with a MP_UNREACH_NLRI attribute and additional NLRI data that lacks mandatory path attributes.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "frr: crash from specially crafted MP_UNREACH_NLRI-containing BGP UPDATE message",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat OpenStack Platform does not ship its own version of the frr package, instead using the version from the underlying Red Hat Enterprise Linux. RHOSP is marked as Not Affected as no changes need to be made by the OpenStack engineering team. System administrators of OpenStack deployments should apply updates once available in RHEL.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.3.0.Z.MAIN:frr-0:8.3.1-11.el9_3.2.aarch64",
"AppStream-9.3.0.Z.MAIN:frr-0:8.3.1-11.el9_3.2.ppc64le",
"AppStream-9.3.0.Z.MAIN:frr-0:8.3.1-11.el9_3.2.s390x",
"AppStream-9.3.0.Z.MAIN:frr-0:8.3.1-11.el9_3.2.src",
"AppStream-9.3.0.Z.MAIN:frr-0:8.3.1-11.el9_3.2.x86_64",
"AppStream-9.3.0.Z.MAIN:frr-debuginfo-0:8.3.1-11.el9_3.2.aarch64",
"AppStream-9.3.0.Z.MAIN:frr-debuginfo-0:8.3.1-11.el9_3.2.ppc64le",
"AppStream-9.3.0.Z.MAIN:frr-debuginfo-0:8.3.1-11.el9_3.2.s390x",
"AppStream-9.3.0.Z.MAIN:frr-debuginfo-0:8.3.1-11.el9_3.2.x86_64",
"AppStream-9.3.0.Z.MAIN:frr-debugsource-0:8.3.1-11.el9_3.2.aarch64",
"AppStream-9.3.0.Z.MAIN:frr-debugsource-0:8.3.1-11.el9_3.2.ppc64le",
"AppStream-9.3.0.Z.MAIN:frr-debugsource-0:8.3.1-11.el9_3.2.s390x",
"AppStream-9.3.0.Z.MAIN:frr-debugsource-0:8.3.1-11.el9_3.2.x86_64",
"AppStream-9.3.0.Z.MAIN:frr-selinux-0:8.3.1-11.el9_3.2.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-47234"
},
{
"category": "external",
"summary": "RHBZ#2248208",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2248208"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-47234",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-47234"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-47234",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-47234"
}
],
"release_date": "2023-11-03T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-01-25T10:51:39+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.3.0.Z.MAIN:frr-0:8.3.1-11.el9_3.2.aarch64",
"AppStream-9.3.0.Z.MAIN:frr-0:8.3.1-11.el9_3.2.ppc64le",
"AppStream-9.3.0.Z.MAIN:frr-0:8.3.1-11.el9_3.2.s390x",
"AppStream-9.3.0.Z.MAIN:frr-0:8.3.1-11.el9_3.2.src",
"AppStream-9.3.0.Z.MAIN:frr-0:8.3.1-11.el9_3.2.x86_64",
"AppStream-9.3.0.Z.MAIN:frr-debuginfo-0:8.3.1-11.el9_3.2.aarch64",
"AppStream-9.3.0.Z.MAIN:frr-debuginfo-0:8.3.1-11.el9_3.2.ppc64le",
"AppStream-9.3.0.Z.MAIN:frr-debuginfo-0:8.3.1-11.el9_3.2.s390x",
"AppStream-9.3.0.Z.MAIN:frr-debuginfo-0:8.3.1-11.el9_3.2.x86_64",
"AppStream-9.3.0.Z.MAIN:frr-debugsource-0:8.3.1-11.el9_3.2.aarch64",
"AppStream-9.3.0.Z.MAIN:frr-debugsource-0:8.3.1-11.el9_3.2.ppc64le",
"AppStream-9.3.0.Z.MAIN:frr-debugsource-0:8.3.1-11.el9_3.2.s390x",
"AppStream-9.3.0.Z.MAIN:frr-debugsource-0:8.3.1-11.el9_3.2.x86_64",
"AppStream-9.3.0.Z.MAIN:frr-selinux-0:8.3.1-11.el9_3.2.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:0477"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"AppStream-9.3.0.Z.MAIN:frr-0:8.3.1-11.el9_3.2.aarch64",
"AppStream-9.3.0.Z.MAIN:frr-0:8.3.1-11.el9_3.2.ppc64le",
"AppStream-9.3.0.Z.MAIN:frr-0:8.3.1-11.el9_3.2.s390x",
"AppStream-9.3.0.Z.MAIN:frr-0:8.3.1-11.el9_3.2.src",
"AppStream-9.3.0.Z.MAIN:frr-0:8.3.1-11.el9_3.2.x86_64",
"AppStream-9.3.0.Z.MAIN:frr-debuginfo-0:8.3.1-11.el9_3.2.aarch64",
"AppStream-9.3.0.Z.MAIN:frr-debuginfo-0:8.3.1-11.el9_3.2.ppc64le",
"AppStream-9.3.0.Z.MAIN:frr-debuginfo-0:8.3.1-11.el9_3.2.s390x",
"AppStream-9.3.0.Z.MAIN:frr-debuginfo-0:8.3.1-11.el9_3.2.x86_64",
"AppStream-9.3.0.Z.MAIN:frr-debugsource-0:8.3.1-11.el9_3.2.aarch64",
"AppStream-9.3.0.Z.MAIN:frr-debugsource-0:8.3.1-11.el9_3.2.ppc64le",
"AppStream-9.3.0.Z.MAIN:frr-debugsource-0:8.3.1-11.el9_3.2.s390x",
"AppStream-9.3.0.Z.MAIN:frr-debugsource-0:8.3.1-11.el9_3.2.x86_64",
"AppStream-9.3.0.Z.MAIN:frr-selinux-0:8.3.1-11.el9_3.2.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-9.3.0.Z.MAIN:frr-0:8.3.1-11.el9_3.2.aarch64",
"AppStream-9.3.0.Z.MAIN:frr-0:8.3.1-11.el9_3.2.ppc64le",
"AppStream-9.3.0.Z.MAIN:frr-0:8.3.1-11.el9_3.2.s390x",
"AppStream-9.3.0.Z.MAIN:frr-0:8.3.1-11.el9_3.2.src",
"AppStream-9.3.0.Z.MAIN:frr-0:8.3.1-11.el9_3.2.x86_64",
"AppStream-9.3.0.Z.MAIN:frr-debuginfo-0:8.3.1-11.el9_3.2.aarch64",
"AppStream-9.3.0.Z.MAIN:frr-debuginfo-0:8.3.1-11.el9_3.2.ppc64le",
"AppStream-9.3.0.Z.MAIN:frr-debuginfo-0:8.3.1-11.el9_3.2.s390x",
"AppStream-9.3.0.Z.MAIN:frr-debuginfo-0:8.3.1-11.el9_3.2.x86_64",
"AppStream-9.3.0.Z.MAIN:frr-debugsource-0:8.3.1-11.el9_3.2.aarch64",
"AppStream-9.3.0.Z.MAIN:frr-debugsource-0:8.3.1-11.el9_3.2.ppc64le",
"AppStream-9.3.0.Z.MAIN:frr-debugsource-0:8.3.1-11.el9_3.2.s390x",
"AppStream-9.3.0.Z.MAIN:frr-debugsource-0:8.3.1-11.el9_3.2.x86_64",
"AppStream-9.3.0.Z.MAIN:frr-selinux-0:8.3.1-11.el9_3.2.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "frr: crash from specially crafted MP_UNREACH_NLRI-containing BGP UPDATE message"
},
{
"cve": "CVE-2023-47235",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2023-11-06T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2248207"
}
],
"notes": [
{
"category": "description",
"text": "An issue was found in FRRouting FRR, where a crash may occur when processing a malformed BGP UPDATE message with an EOR.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "frr: crash from malformed EOR-containing BGP UPDATE message",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "A moderate severity issue has been identified in FRRouting FRR, where a crash may occur when processing a malformed BGP UPDATE message with an EOR. It\u0027s important to note that Red Hat OpenStack Platform (RHOSP) is not directly affected, as it utilises the version from the underlying Red Hat Enterprise Linux and is marked as Not Affected, with no changes required by the OpenStack engineering team. However, system administrators of OpenStack deployments are advised to apply updates once available in RHEL to mitigate potential risks. Additionally, this flaw is discovered through fuzzing, where, in normal cases, such packets cannot exist.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.3.0.Z.MAIN:frr-0:8.3.1-11.el9_3.2.aarch64",
"AppStream-9.3.0.Z.MAIN:frr-0:8.3.1-11.el9_3.2.ppc64le",
"AppStream-9.3.0.Z.MAIN:frr-0:8.3.1-11.el9_3.2.s390x",
"AppStream-9.3.0.Z.MAIN:frr-0:8.3.1-11.el9_3.2.src",
"AppStream-9.3.0.Z.MAIN:frr-0:8.3.1-11.el9_3.2.x86_64",
"AppStream-9.3.0.Z.MAIN:frr-debuginfo-0:8.3.1-11.el9_3.2.aarch64",
"AppStream-9.3.0.Z.MAIN:frr-debuginfo-0:8.3.1-11.el9_3.2.ppc64le",
"AppStream-9.3.0.Z.MAIN:frr-debuginfo-0:8.3.1-11.el9_3.2.s390x",
"AppStream-9.3.0.Z.MAIN:frr-debuginfo-0:8.3.1-11.el9_3.2.x86_64",
"AppStream-9.3.0.Z.MAIN:frr-debugsource-0:8.3.1-11.el9_3.2.aarch64",
"AppStream-9.3.0.Z.MAIN:frr-debugsource-0:8.3.1-11.el9_3.2.ppc64le",
"AppStream-9.3.0.Z.MAIN:frr-debugsource-0:8.3.1-11.el9_3.2.s390x",
"AppStream-9.3.0.Z.MAIN:frr-debugsource-0:8.3.1-11.el9_3.2.x86_64",
"AppStream-9.3.0.Z.MAIN:frr-selinux-0:8.3.1-11.el9_3.2.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-47235"
},
{
"category": "external",
"summary": "RHBZ#2248207",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2248207"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-47235",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-47235"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-47235",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-47235"
}
],
"release_date": "2023-11-03T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-01-25T10:51:39+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.3.0.Z.MAIN:frr-0:8.3.1-11.el9_3.2.aarch64",
"AppStream-9.3.0.Z.MAIN:frr-0:8.3.1-11.el9_3.2.ppc64le",
"AppStream-9.3.0.Z.MAIN:frr-0:8.3.1-11.el9_3.2.s390x",
"AppStream-9.3.0.Z.MAIN:frr-0:8.3.1-11.el9_3.2.src",
"AppStream-9.3.0.Z.MAIN:frr-0:8.3.1-11.el9_3.2.x86_64",
"AppStream-9.3.0.Z.MAIN:frr-debuginfo-0:8.3.1-11.el9_3.2.aarch64",
"AppStream-9.3.0.Z.MAIN:frr-debuginfo-0:8.3.1-11.el9_3.2.ppc64le",
"AppStream-9.3.0.Z.MAIN:frr-debuginfo-0:8.3.1-11.el9_3.2.s390x",
"AppStream-9.3.0.Z.MAIN:frr-debuginfo-0:8.3.1-11.el9_3.2.x86_64",
"AppStream-9.3.0.Z.MAIN:frr-debugsource-0:8.3.1-11.el9_3.2.aarch64",
"AppStream-9.3.0.Z.MAIN:frr-debugsource-0:8.3.1-11.el9_3.2.ppc64le",
"AppStream-9.3.0.Z.MAIN:frr-debugsource-0:8.3.1-11.el9_3.2.s390x",
"AppStream-9.3.0.Z.MAIN:frr-debugsource-0:8.3.1-11.el9_3.2.x86_64",
"AppStream-9.3.0.Z.MAIN:frr-selinux-0:8.3.1-11.el9_3.2.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:0477"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"AppStream-9.3.0.Z.MAIN:frr-0:8.3.1-11.el9_3.2.aarch64",
"AppStream-9.3.0.Z.MAIN:frr-0:8.3.1-11.el9_3.2.ppc64le",
"AppStream-9.3.0.Z.MAIN:frr-0:8.3.1-11.el9_3.2.s390x",
"AppStream-9.3.0.Z.MAIN:frr-0:8.3.1-11.el9_3.2.src",
"AppStream-9.3.0.Z.MAIN:frr-0:8.3.1-11.el9_3.2.x86_64",
"AppStream-9.3.0.Z.MAIN:frr-debuginfo-0:8.3.1-11.el9_3.2.aarch64",
"AppStream-9.3.0.Z.MAIN:frr-debuginfo-0:8.3.1-11.el9_3.2.ppc64le",
"AppStream-9.3.0.Z.MAIN:frr-debuginfo-0:8.3.1-11.el9_3.2.s390x",
"AppStream-9.3.0.Z.MAIN:frr-debuginfo-0:8.3.1-11.el9_3.2.x86_64",
"AppStream-9.3.0.Z.MAIN:frr-debugsource-0:8.3.1-11.el9_3.2.aarch64",
"AppStream-9.3.0.Z.MAIN:frr-debugsource-0:8.3.1-11.el9_3.2.ppc64le",
"AppStream-9.3.0.Z.MAIN:frr-debugsource-0:8.3.1-11.el9_3.2.s390x",
"AppStream-9.3.0.Z.MAIN:frr-debugsource-0:8.3.1-11.el9_3.2.x86_64",
"AppStream-9.3.0.Z.MAIN:frr-selinux-0:8.3.1-11.el9_3.2.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-9.3.0.Z.MAIN:frr-0:8.3.1-11.el9_3.2.aarch64",
"AppStream-9.3.0.Z.MAIN:frr-0:8.3.1-11.el9_3.2.ppc64le",
"AppStream-9.3.0.Z.MAIN:frr-0:8.3.1-11.el9_3.2.s390x",
"AppStream-9.3.0.Z.MAIN:frr-0:8.3.1-11.el9_3.2.src",
"AppStream-9.3.0.Z.MAIN:frr-0:8.3.1-11.el9_3.2.x86_64",
"AppStream-9.3.0.Z.MAIN:frr-debuginfo-0:8.3.1-11.el9_3.2.aarch64",
"AppStream-9.3.0.Z.MAIN:frr-debuginfo-0:8.3.1-11.el9_3.2.ppc64le",
"AppStream-9.3.0.Z.MAIN:frr-debuginfo-0:8.3.1-11.el9_3.2.s390x",
"AppStream-9.3.0.Z.MAIN:frr-debuginfo-0:8.3.1-11.el9_3.2.x86_64",
"AppStream-9.3.0.Z.MAIN:frr-debugsource-0:8.3.1-11.el9_3.2.aarch64",
"AppStream-9.3.0.Z.MAIN:frr-debugsource-0:8.3.1-11.el9_3.2.ppc64le",
"AppStream-9.3.0.Z.MAIN:frr-debugsource-0:8.3.1-11.el9_3.2.s390x",
"AppStream-9.3.0.Z.MAIN:frr-debugsource-0:8.3.1-11.el9_3.2.x86_64",
"AppStream-9.3.0.Z.MAIN:frr-selinux-0:8.3.1-11.el9_3.2.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "frr: crash from malformed EOR-containing BGP UPDATE message"
}
]
}
RHSA-2024_0574
Vulnerability from csaf_redhat - Published: 2024-01-30 13:24 - Updated: 2024-11-23 02:12Summary
Red Hat Security Advisory: frr security update
Severity
Moderate
Notes
Topic: An update for frr is now available for Red Hat Enterprise Linux 8.8 Extended Update Support.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details: FRRouting is free software that manages TCP/IP based routing protocols. It supports BGP4, OSPFv2, OSPFv3, ISIS, RIP, RIPng, PIM, NHRP, PBR, EIGRP and BFD.
Security Fix(es):
* ffr: Flowspec overflow in bgpd/bgp_flowspec.c (CVE-2023-38406)
* ffr: Out of bounds read in bgpd/bgp_label.c (CVE-2023-38407)
* frr: crash from specially crafted MP_UNREACH_NLRI-containing BGP UPDATE message (CVE-2023-47234)
* frr: crash from malformed EOR-containing BGP UPDATE message (CVE-2023-47235)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A flaw was found in bgpd/bgp_flowspec.c in the FFrouting BGP protocol code. An overflow may occur while processing zero length NLRI messages.
7.5 (High)
Affected products
Fixed
14 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-8.8.0.Z.EUS:frr-0:7.5.1-7.el8_8.5.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.8.0.Z.EUS:frr-0:7.5.1-7.el8_8.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.8.0.Z.EUS:frr-0:7.5.1-7.el8_8.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.8.0.Z.EUS:frr-0:7.5.1-7.el8_8.5.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.8.0.Z.EUS:frr-0:7.5.1-7.el8_8.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.8.0.Z.EUS:frr-debuginfo-0:7.5.1-7.el8_8.5.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.8.0.Z.EUS:frr-debuginfo-0:7.5.1-7.el8_8.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.8.0.Z.EUS:frr-debuginfo-0:7.5.1-7.el8_8.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.8.0.Z.EUS:frr-debuginfo-0:7.5.1-7.el8_8.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.8.0.Z.EUS:frr-debugsource-0:7.5.1-7.el8_8.5.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.8.0.Z.EUS:frr-debugsource-0:7.5.1-7.el8_8.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.8.0.Z.EUS:frr-debugsource-0:7.5.1-7.el8_8.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.8.0.Z.EUS:frr-debugsource-0:7.5.1-7.el8_8.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.8.0.Z.EUS:frr-selinux-0:7.5.1-7.el8_8.5.noarch | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
An out-of-bounds read flaw was found in FFrounting beyond the end of the stream during labeled unicast parsing. This issue may lead to application crash and denial of service.
7.5 (High)
Affected products
Fixed
14 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-8.8.0.Z.EUS:frr-0:7.5.1-7.el8_8.5.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.8.0.Z.EUS:frr-0:7.5.1-7.el8_8.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.8.0.Z.EUS:frr-0:7.5.1-7.el8_8.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.8.0.Z.EUS:frr-0:7.5.1-7.el8_8.5.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.8.0.Z.EUS:frr-0:7.5.1-7.el8_8.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.8.0.Z.EUS:frr-debuginfo-0:7.5.1-7.el8_8.5.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.8.0.Z.EUS:frr-debuginfo-0:7.5.1-7.el8_8.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.8.0.Z.EUS:frr-debuginfo-0:7.5.1-7.el8_8.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.8.0.Z.EUS:frr-debuginfo-0:7.5.1-7.el8_8.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.8.0.Z.EUS:frr-debugsource-0:7.5.1-7.el8_8.5.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.8.0.Z.EUS:frr-debugsource-0:7.5.1-7.el8_8.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.8.0.Z.EUS:frr-debugsource-0:7.5.1-7.el8_8.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.8.0.Z.EUS:frr-debugsource-0:7.5.1-7.el8_8.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.8.0.Z.EUS:frr-selinux-0:7.5.1-7.el8_8.5.noarch | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
A flaw was found in frr. A crash can occur when processing a crafted BGP UPDATE message with a MP_UNREACH_NLRI attribute and additional NLRI data that lacks mandatory path attributes.
7.5 (High)
Affected products
Fixed
14 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-8.8.0.Z.EUS:frr-0:7.5.1-7.el8_8.5.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.8.0.Z.EUS:frr-0:7.5.1-7.el8_8.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.8.0.Z.EUS:frr-0:7.5.1-7.el8_8.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.8.0.Z.EUS:frr-0:7.5.1-7.el8_8.5.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.8.0.Z.EUS:frr-0:7.5.1-7.el8_8.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.8.0.Z.EUS:frr-debuginfo-0:7.5.1-7.el8_8.5.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.8.0.Z.EUS:frr-debuginfo-0:7.5.1-7.el8_8.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.8.0.Z.EUS:frr-debuginfo-0:7.5.1-7.el8_8.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.8.0.Z.EUS:frr-debuginfo-0:7.5.1-7.el8_8.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.8.0.Z.EUS:frr-debugsource-0:7.5.1-7.el8_8.5.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.8.0.Z.EUS:frr-debugsource-0:7.5.1-7.el8_8.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.8.0.Z.EUS:frr-debugsource-0:7.5.1-7.el8_8.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.8.0.Z.EUS:frr-debugsource-0:7.5.1-7.el8_8.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.8.0.Z.EUS:frr-selinux-0:7.5.1-7.el8_8.5.noarch | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
An issue was found in FRRouting FRR, where a crash may occur when processing a malformed BGP UPDATE message with an EOR.
7.5 (High)
Affected products
Fixed
14 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-8.8.0.Z.EUS:frr-0:7.5.1-7.el8_8.5.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.8.0.Z.EUS:frr-0:7.5.1-7.el8_8.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.8.0.Z.EUS:frr-0:7.5.1-7.el8_8.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.8.0.Z.EUS:frr-0:7.5.1-7.el8_8.5.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.8.0.Z.EUS:frr-0:7.5.1-7.el8_8.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.8.0.Z.EUS:frr-debuginfo-0:7.5.1-7.el8_8.5.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.8.0.Z.EUS:frr-debuginfo-0:7.5.1-7.el8_8.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.8.0.Z.EUS:frr-debuginfo-0:7.5.1-7.el8_8.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.8.0.Z.EUS:frr-debuginfo-0:7.5.1-7.el8_8.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.8.0.Z.EUS:frr-debugsource-0:7.5.1-7.el8_8.5.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.8.0.Z.EUS:frr-debugsource-0:7.5.1-7.el8_8.5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.8.0.Z.EUS:frr-debugsource-0:7.5.1-7.el8_8.5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.8.0.Z.EUS:frr-debugsource-0:7.5.1-7.el8_8.5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.8.0.Z.EUS:frr-selinux-0:7.5.1-7.el8_8.5.noarch | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
References
26 references
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for frr is now available for Red Hat Enterprise Linux 8.8 Extended Update Support.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "FRRouting is free software that manages TCP/IP based routing protocols. It supports BGP4, OSPFv2, OSPFv3, ISIS, RIP, RIPng, PIM, NHRP, PBR, EIGRP and BFD. \n\nSecurity Fix(es):\n\n* ffr: Flowspec overflow in bgpd/bgp_flowspec.c (CVE-2023-38406)\n\n* ffr: Out of bounds read in bgpd/bgp_label.c (CVE-2023-38407)\n\n* frr: crash from specially crafted MP_UNREACH_NLRI-containing BGP UPDATE message (CVE-2023-47234)\n\n* frr: crash from malformed EOR-containing BGP UPDATE message (CVE-2023-47235)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2024:0574",
"url": "https://access.redhat.com/errata/RHSA-2024:0574"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "2248207",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2248207"
},
{
"category": "external",
"summary": "2248208",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2248208"
},
{
"category": "external",
"summary": "2248526",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2248526"
},
{
"category": "external",
"summary": "2248528",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2248528"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_0574.json"
}
],
"title": "Red Hat Security Advisory: frr security update",
"tracking": {
"current_release_date": "2024-11-23T02:12:00+00:00",
"generator": {
"date": "2024-11-23T02:12:00+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.1"
}
},
"id": "RHSA-2024:0574",
"initial_release_date": "2024-01-30T13:24:13+00:00",
"revision_history": [
{
"date": "2024-01-30T13:24:13+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2024-01-30T13:24:13+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-11-23T02:12:00+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux AppStream EUS (v.8.8)",
"product": {
"name": "Red Hat Enterprise Linux AppStream EUS (v.8.8)",
"product_id": "AppStream-8.8.0.Z.EUS",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_eus:8.8::appstream"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "frr-0:7.5.1-7.el8_8.5.src",
"product": {
"name": "frr-0:7.5.1-7.el8_8.5.src",
"product_id": "frr-0:7.5.1-7.el8_8.5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/frr@7.5.1-7.el8_8.5?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "frr-0:7.5.1-7.el8_8.5.aarch64",
"product": {
"name": "frr-0:7.5.1-7.el8_8.5.aarch64",
"product_id": "frr-0:7.5.1-7.el8_8.5.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/frr@7.5.1-7.el8_8.5?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "frr-debugsource-0:7.5.1-7.el8_8.5.aarch64",
"product": {
"name": "frr-debugsource-0:7.5.1-7.el8_8.5.aarch64",
"product_id": "frr-debugsource-0:7.5.1-7.el8_8.5.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/frr-debugsource@7.5.1-7.el8_8.5?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "frr-debuginfo-0:7.5.1-7.el8_8.5.aarch64",
"product": {
"name": "frr-debuginfo-0:7.5.1-7.el8_8.5.aarch64",
"product_id": "frr-debuginfo-0:7.5.1-7.el8_8.5.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/frr-debuginfo@7.5.1-7.el8_8.5?arch=aarch64"
}
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "frr-0:7.5.1-7.el8_8.5.ppc64le",
"product": {
"name": "frr-0:7.5.1-7.el8_8.5.ppc64le",
"product_id": "frr-0:7.5.1-7.el8_8.5.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/frr@7.5.1-7.el8_8.5?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "frr-debugsource-0:7.5.1-7.el8_8.5.ppc64le",
"product": {
"name": "frr-debugsource-0:7.5.1-7.el8_8.5.ppc64le",
"product_id": "frr-debugsource-0:7.5.1-7.el8_8.5.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/frr-debugsource@7.5.1-7.el8_8.5?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "frr-debuginfo-0:7.5.1-7.el8_8.5.ppc64le",
"product": {
"name": "frr-debuginfo-0:7.5.1-7.el8_8.5.ppc64le",
"product_id": "frr-debuginfo-0:7.5.1-7.el8_8.5.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/frr-debuginfo@7.5.1-7.el8_8.5?arch=ppc64le"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "frr-0:7.5.1-7.el8_8.5.x86_64",
"product": {
"name": "frr-0:7.5.1-7.el8_8.5.x86_64",
"product_id": "frr-0:7.5.1-7.el8_8.5.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/frr@7.5.1-7.el8_8.5?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "frr-debugsource-0:7.5.1-7.el8_8.5.x86_64",
"product": {
"name": "frr-debugsource-0:7.5.1-7.el8_8.5.x86_64",
"product_id": "frr-debugsource-0:7.5.1-7.el8_8.5.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/frr-debugsource@7.5.1-7.el8_8.5?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "frr-debuginfo-0:7.5.1-7.el8_8.5.x86_64",
"product": {
"name": "frr-debuginfo-0:7.5.1-7.el8_8.5.x86_64",
"product_id": "frr-debuginfo-0:7.5.1-7.el8_8.5.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/frr-debuginfo@7.5.1-7.el8_8.5?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "frr-0:7.5.1-7.el8_8.5.s390x",
"product": {
"name": "frr-0:7.5.1-7.el8_8.5.s390x",
"product_id": "frr-0:7.5.1-7.el8_8.5.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/frr@7.5.1-7.el8_8.5?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "frr-debugsource-0:7.5.1-7.el8_8.5.s390x",
"product": {
"name": "frr-debugsource-0:7.5.1-7.el8_8.5.s390x",
"product_id": "frr-debugsource-0:7.5.1-7.el8_8.5.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/frr-debugsource@7.5.1-7.el8_8.5?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "frr-debuginfo-0:7.5.1-7.el8_8.5.s390x",
"product": {
"name": "frr-debuginfo-0:7.5.1-7.el8_8.5.s390x",
"product_id": "frr-debuginfo-0:7.5.1-7.el8_8.5.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/frr-debuginfo@7.5.1-7.el8_8.5?arch=s390x"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "frr-selinux-0:7.5.1-7.el8_8.5.noarch",
"product": {
"name": "frr-selinux-0:7.5.1-7.el8_8.5.noarch",
"product_id": "frr-selinux-0:7.5.1-7.el8_8.5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/frr-selinux@7.5.1-7.el8_8.5?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "frr-0:7.5.1-7.el8_8.5.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)",
"product_id": "AppStream-8.8.0.Z.EUS:frr-0:7.5.1-7.el8_8.5.aarch64"
},
"product_reference": "frr-0:7.5.1-7.el8_8.5.aarch64",
"relates_to_product_reference": "AppStream-8.8.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "frr-0:7.5.1-7.el8_8.5.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)",
"product_id": "AppStream-8.8.0.Z.EUS:frr-0:7.5.1-7.el8_8.5.ppc64le"
},
"product_reference": "frr-0:7.5.1-7.el8_8.5.ppc64le",
"relates_to_product_reference": "AppStream-8.8.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "frr-0:7.5.1-7.el8_8.5.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)",
"product_id": "AppStream-8.8.0.Z.EUS:frr-0:7.5.1-7.el8_8.5.s390x"
},
"product_reference": "frr-0:7.5.1-7.el8_8.5.s390x",
"relates_to_product_reference": "AppStream-8.8.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "frr-0:7.5.1-7.el8_8.5.src as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)",
"product_id": "AppStream-8.8.0.Z.EUS:frr-0:7.5.1-7.el8_8.5.src"
},
"product_reference": "frr-0:7.5.1-7.el8_8.5.src",
"relates_to_product_reference": "AppStream-8.8.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "frr-0:7.5.1-7.el8_8.5.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)",
"product_id": "AppStream-8.8.0.Z.EUS:frr-0:7.5.1-7.el8_8.5.x86_64"
},
"product_reference": "frr-0:7.5.1-7.el8_8.5.x86_64",
"relates_to_product_reference": "AppStream-8.8.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "frr-debuginfo-0:7.5.1-7.el8_8.5.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)",
"product_id": "AppStream-8.8.0.Z.EUS:frr-debuginfo-0:7.5.1-7.el8_8.5.aarch64"
},
"product_reference": "frr-debuginfo-0:7.5.1-7.el8_8.5.aarch64",
"relates_to_product_reference": "AppStream-8.8.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "frr-debuginfo-0:7.5.1-7.el8_8.5.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)",
"product_id": "AppStream-8.8.0.Z.EUS:frr-debuginfo-0:7.5.1-7.el8_8.5.ppc64le"
},
"product_reference": "frr-debuginfo-0:7.5.1-7.el8_8.5.ppc64le",
"relates_to_product_reference": "AppStream-8.8.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "frr-debuginfo-0:7.5.1-7.el8_8.5.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)",
"product_id": "AppStream-8.8.0.Z.EUS:frr-debuginfo-0:7.5.1-7.el8_8.5.s390x"
},
"product_reference": "frr-debuginfo-0:7.5.1-7.el8_8.5.s390x",
"relates_to_product_reference": "AppStream-8.8.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "frr-debuginfo-0:7.5.1-7.el8_8.5.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)",
"product_id": "AppStream-8.8.0.Z.EUS:frr-debuginfo-0:7.5.1-7.el8_8.5.x86_64"
},
"product_reference": "frr-debuginfo-0:7.5.1-7.el8_8.5.x86_64",
"relates_to_product_reference": "AppStream-8.8.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "frr-debugsource-0:7.5.1-7.el8_8.5.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)",
"product_id": "AppStream-8.8.0.Z.EUS:frr-debugsource-0:7.5.1-7.el8_8.5.aarch64"
},
"product_reference": "frr-debugsource-0:7.5.1-7.el8_8.5.aarch64",
"relates_to_product_reference": "AppStream-8.8.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "frr-debugsource-0:7.5.1-7.el8_8.5.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)",
"product_id": "AppStream-8.8.0.Z.EUS:frr-debugsource-0:7.5.1-7.el8_8.5.ppc64le"
},
"product_reference": "frr-debugsource-0:7.5.1-7.el8_8.5.ppc64le",
"relates_to_product_reference": "AppStream-8.8.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "frr-debugsource-0:7.5.1-7.el8_8.5.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)",
"product_id": "AppStream-8.8.0.Z.EUS:frr-debugsource-0:7.5.1-7.el8_8.5.s390x"
},
"product_reference": "frr-debugsource-0:7.5.1-7.el8_8.5.s390x",
"relates_to_product_reference": "AppStream-8.8.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "frr-debugsource-0:7.5.1-7.el8_8.5.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)",
"product_id": "AppStream-8.8.0.Z.EUS:frr-debugsource-0:7.5.1-7.el8_8.5.x86_64"
},
"product_reference": "frr-debugsource-0:7.5.1-7.el8_8.5.x86_64",
"relates_to_product_reference": "AppStream-8.8.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "frr-selinux-0:7.5.1-7.el8_8.5.noarch as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)",
"product_id": "AppStream-8.8.0.Z.EUS:frr-selinux-0:7.5.1-7.el8_8.5.noarch"
},
"product_reference": "frr-selinux-0:7.5.1-7.el8_8.5.noarch",
"relates_to_product_reference": "AppStream-8.8.0.Z.EUS"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-38406",
"cwe": {
"id": "CWE-119",
"name": "Improper Restriction of Operations within the Bounds of a Memory Buffer"
},
"discovery_date": "2023-11-06T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2248526"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in bgpd/bgp_flowspec.c in the FFrouting BGP protocol code. An overflow may occur while processing zero length NLRI messages.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "ffr: Flowspec overflow in bgpd/bgp_flowspec.c",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat OpenStack Platform does not ship its own version of the frr package, instead using the version from the underlying Red Hat Enterprise Linux. RHOSP is marked as Not Affected as no changes need to be made by the OpenStack engineering team. System administrators of OpenStack deployments should apply updates once available in RHEL.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.8.0.Z.EUS:frr-0:7.5.1-7.el8_8.5.aarch64",
"AppStream-8.8.0.Z.EUS:frr-0:7.5.1-7.el8_8.5.ppc64le",
"AppStream-8.8.0.Z.EUS:frr-0:7.5.1-7.el8_8.5.s390x",
"AppStream-8.8.0.Z.EUS:frr-0:7.5.1-7.el8_8.5.src",
"AppStream-8.8.0.Z.EUS:frr-0:7.5.1-7.el8_8.5.x86_64",
"AppStream-8.8.0.Z.EUS:frr-debuginfo-0:7.5.1-7.el8_8.5.aarch64",
"AppStream-8.8.0.Z.EUS:frr-debuginfo-0:7.5.1-7.el8_8.5.ppc64le",
"AppStream-8.8.0.Z.EUS:frr-debuginfo-0:7.5.1-7.el8_8.5.s390x",
"AppStream-8.8.0.Z.EUS:frr-debuginfo-0:7.5.1-7.el8_8.5.x86_64",
"AppStream-8.8.0.Z.EUS:frr-debugsource-0:7.5.1-7.el8_8.5.aarch64",
"AppStream-8.8.0.Z.EUS:frr-debugsource-0:7.5.1-7.el8_8.5.ppc64le",
"AppStream-8.8.0.Z.EUS:frr-debugsource-0:7.5.1-7.el8_8.5.s390x",
"AppStream-8.8.0.Z.EUS:frr-debugsource-0:7.5.1-7.el8_8.5.x86_64",
"AppStream-8.8.0.Z.EUS:frr-selinux-0:7.5.1-7.el8_8.5.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-38406"
},
{
"category": "external",
"summary": "RHBZ#2248526",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2248526"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-38406",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38406"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-38406",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-38406"
},
{
"category": "external",
"summary": "https://github.com/FRRouting/frr/pull/12884",
"url": "https://github.com/FRRouting/frr/pull/12884"
}
],
"release_date": "2023-02-24T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-01-30T13:24:13+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.8.0.Z.EUS:frr-0:7.5.1-7.el8_8.5.aarch64",
"AppStream-8.8.0.Z.EUS:frr-0:7.5.1-7.el8_8.5.ppc64le",
"AppStream-8.8.0.Z.EUS:frr-0:7.5.1-7.el8_8.5.s390x",
"AppStream-8.8.0.Z.EUS:frr-0:7.5.1-7.el8_8.5.src",
"AppStream-8.8.0.Z.EUS:frr-0:7.5.1-7.el8_8.5.x86_64",
"AppStream-8.8.0.Z.EUS:frr-debuginfo-0:7.5.1-7.el8_8.5.aarch64",
"AppStream-8.8.0.Z.EUS:frr-debuginfo-0:7.5.1-7.el8_8.5.ppc64le",
"AppStream-8.8.0.Z.EUS:frr-debuginfo-0:7.5.1-7.el8_8.5.s390x",
"AppStream-8.8.0.Z.EUS:frr-debuginfo-0:7.5.1-7.el8_8.5.x86_64",
"AppStream-8.8.0.Z.EUS:frr-debugsource-0:7.5.1-7.el8_8.5.aarch64",
"AppStream-8.8.0.Z.EUS:frr-debugsource-0:7.5.1-7.el8_8.5.ppc64le",
"AppStream-8.8.0.Z.EUS:frr-debugsource-0:7.5.1-7.el8_8.5.s390x",
"AppStream-8.8.0.Z.EUS:frr-debugsource-0:7.5.1-7.el8_8.5.x86_64",
"AppStream-8.8.0.Z.EUS:frr-selinux-0:7.5.1-7.el8_8.5.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:0574"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"AppStream-8.8.0.Z.EUS:frr-0:7.5.1-7.el8_8.5.aarch64",
"AppStream-8.8.0.Z.EUS:frr-0:7.5.1-7.el8_8.5.ppc64le",
"AppStream-8.8.0.Z.EUS:frr-0:7.5.1-7.el8_8.5.s390x",
"AppStream-8.8.0.Z.EUS:frr-0:7.5.1-7.el8_8.5.src",
"AppStream-8.8.0.Z.EUS:frr-0:7.5.1-7.el8_8.5.x86_64",
"AppStream-8.8.0.Z.EUS:frr-debuginfo-0:7.5.1-7.el8_8.5.aarch64",
"AppStream-8.8.0.Z.EUS:frr-debuginfo-0:7.5.1-7.el8_8.5.ppc64le",
"AppStream-8.8.0.Z.EUS:frr-debuginfo-0:7.5.1-7.el8_8.5.s390x",
"AppStream-8.8.0.Z.EUS:frr-debuginfo-0:7.5.1-7.el8_8.5.x86_64",
"AppStream-8.8.0.Z.EUS:frr-debugsource-0:7.5.1-7.el8_8.5.aarch64",
"AppStream-8.8.0.Z.EUS:frr-debugsource-0:7.5.1-7.el8_8.5.ppc64le",
"AppStream-8.8.0.Z.EUS:frr-debugsource-0:7.5.1-7.el8_8.5.s390x",
"AppStream-8.8.0.Z.EUS:frr-debugsource-0:7.5.1-7.el8_8.5.x86_64",
"AppStream-8.8.0.Z.EUS:frr-selinux-0:7.5.1-7.el8_8.5.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-8.8.0.Z.EUS:frr-0:7.5.1-7.el8_8.5.aarch64",
"AppStream-8.8.0.Z.EUS:frr-0:7.5.1-7.el8_8.5.ppc64le",
"AppStream-8.8.0.Z.EUS:frr-0:7.5.1-7.el8_8.5.s390x",
"AppStream-8.8.0.Z.EUS:frr-0:7.5.1-7.el8_8.5.src",
"AppStream-8.8.0.Z.EUS:frr-0:7.5.1-7.el8_8.5.x86_64",
"AppStream-8.8.0.Z.EUS:frr-debuginfo-0:7.5.1-7.el8_8.5.aarch64",
"AppStream-8.8.0.Z.EUS:frr-debuginfo-0:7.5.1-7.el8_8.5.ppc64le",
"AppStream-8.8.0.Z.EUS:frr-debuginfo-0:7.5.1-7.el8_8.5.s390x",
"AppStream-8.8.0.Z.EUS:frr-debuginfo-0:7.5.1-7.el8_8.5.x86_64",
"AppStream-8.8.0.Z.EUS:frr-debugsource-0:7.5.1-7.el8_8.5.aarch64",
"AppStream-8.8.0.Z.EUS:frr-debugsource-0:7.5.1-7.el8_8.5.ppc64le",
"AppStream-8.8.0.Z.EUS:frr-debugsource-0:7.5.1-7.el8_8.5.s390x",
"AppStream-8.8.0.Z.EUS:frr-debugsource-0:7.5.1-7.el8_8.5.x86_64",
"AppStream-8.8.0.Z.EUS:frr-selinux-0:7.5.1-7.el8_8.5.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "ffr: Flowspec overflow in bgpd/bgp_flowspec.c"
},
{
"cve": "CVE-2023-38407",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"discovery_date": "2023-11-06T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2248528"
}
],
"notes": [
{
"category": "description",
"text": "An out-of-bounds read flaw was found in FFrounting beyond the end of the stream during labeled unicast parsing. This issue may lead to application crash and denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "ffr: Out of bounds read in bgpd/bgp_label.c",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat OpenStack Platform does not ship its own version of the frr package, instead using the version from the underlying Red Hat Enterprise Linux. RHOSP is marked as Not Affected as no changes need to be made by the OpenStack engineering team. System administrators of OpenStack deployments should apply updates once available in RHEL.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.8.0.Z.EUS:frr-0:7.5.1-7.el8_8.5.aarch64",
"AppStream-8.8.0.Z.EUS:frr-0:7.5.1-7.el8_8.5.ppc64le",
"AppStream-8.8.0.Z.EUS:frr-0:7.5.1-7.el8_8.5.s390x",
"AppStream-8.8.0.Z.EUS:frr-0:7.5.1-7.el8_8.5.src",
"AppStream-8.8.0.Z.EUS:frr-0:7.5.1-7.el8_8.5.x86_64",
"AppStream-8.8.0.Z.EUS:frr-debuginfo-0:7.5.1-7.el8_8.5.aarch64",
"AppStream-8.8.0.Z.EUS:frr-debuginfo-0:7.5.1-7.el8_8.5.ppc64le",
"AppStream-8.8.0.Z.EUS:frr-debuginfo-0:7.5.1-7.el8_8.5.s390x",
"AppStream-8.8.0.Z.EUS:frr-debuginfo-0:7.5.1-7.el8_8.5.x86_64",
"AppStream-8.8.0.Z.EUS:frr-debugsource-0:7.5.1-7.el8_8.5.aarch64",
"AppStream-8.8.0.Z.EUS:frr-debugsource-0:7.5.1-7.el8_8.5.ppc64le",
"AppStream-8.8.0.Z.EUS:frr-debugsource-0:7.5.1-7.el8_8.5.s390x",
"AppStream-8.8.0.Z.EUS:frr-debugsource-0:7.5.1-7.el8_8.5.x86_64",
"AppStream-8.8.0.Z.EUS:frr-selinux-0:7.5.1-7.el8_8.5.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-38407"
},
{
"category": "external",
"summary": "RHBZ#2248528",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2248528"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-38407",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38407"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-38407",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-38407"
},
{
"category": "external",
"summary": "https://github.com/FRRouting/frr/pull/12951",
"url": "https://github.com/FRRouting/frr/pull/12951"
},
{
"category": "external",
"summary": "https://github.com/FRRouting/frr/pull/12956",
"url": "https://github.com/FRRouting/frr/pull/12956"
}
],
"release_date": "2023-03-05T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-01-30T13:24:13+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.8.0.Z.EUS:frr-0:7.5.1-7.el8_8.5.aarch64",
"AppStream-8.8.0.Z.EUS:frr-0:7.5.1-7.el8_8.5.ppc64le",
"AppStream-8.8.0.Z.EUS:frr-0:7.5.1-7.el8_8.5.s390x",
"AppStream-8.8.0.Z.EUS:frr-0:7.5.1-7.el8_8.5.src",
"AppStream-8.8.0.Z.EUS:frr-0:7.5.1-7.el8_8.5.x86_64",
"AppStream-8.8.0.Z.EUS:frr-debuginfo-0:7.5.1-7.el8_8.5.aarch64",
"AppStream-8.8.0.Z.EUS:frr-debuginfo-0:7.5.1-7.el8_8.5.ppc64le",
"AppStream-8.8.0.Z.EUS:frr-debuginfo-0:7.5.1-7.el8_8.5.s390x",
"AppStream-8.8.0.Z.EUS:frr-debuginfo-0:7.5.1-7.el8_8.5.x86_64",
"AppStream-8.8.0.Z.EUS:frr-debugsource-0:7.5.1-7.el8_8.5.aarch64",
"AppStream-8.8.0.Z.EUS:frr-debugsource-0:7.5.1-7.el8_8.5.ppc64le",
"AppStream-8.8.0.Z.EUS:frr-debugsource-0:7.5.1-7.el8_8.5.s390x",
"AppStream-8.8.0.Z.EUS:frr-debugsource-0:7.5.1-7.el8_8.5.x86_64",
"AppStream-8.8.0.Z.EUS:frr-selinux-0:7.5.1-7.el8_8.5.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:0574"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"AppStream-8.8.0.Z.EUS:frr-0:7.5.1-7.el8_8.5.aarch64",
"AppStream-8.8.0.Z.EUS:frr-0:7.5.1-7.el8_8.5.ppc64le",
"AppStream-8.8.0.Z.EUS:frr-0:7.5.1-7.el8_8.5.s390x",
"AppStream-8.8.0.Z.EUS:frr-0:7.5.1-7.el8_8.5.src",
"AppStream-8.8.0.Z.EUS:frr-0:7.5.1-7.el8_8.5.x86_64",
"AppStream-8.8.0.Z.EUS:frr-debuginfo-0:7.5.1-7.el8_8.5.aarch64",
"AppStream-8.8.0.Z.EUS:frr-debuginfo-0:7.5.1-7.el8_8.5.ppc64le",
"AppStream-8.8.0.Z.EUS:frr-debuginfo-0:7.5.1-7.el8_8.5.s390x",
"AppStream-8.8.0.Z.EUS:frr-debuginfo-0:7.5.1-7.el8_8.5.x86_64",
"AppStream-8.8.0.Z.EUS:frr-debugsource-0:7.5.1-7.el8_8.5.aarch64",
"AppStream-8.8.0.Z.EUS:frr-debugsource-0:7.5.1-7.el8_8.5.ppc64le",
"AppStream-8.8.0.Z.EUS:frr-debugsource-0:7.5.1-7.el8_8.5.s390x",
"AppStream-8.8.0.Z.EUS:frr-debugsource-0:7.5.1-7.el8_8.5.x86_64",
"AppStream-8.8.0.Z.EUS:frr-selinux-0:7.5.1-7.el8_8.5.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-8.8.0.Z.EUS:frr-0:7.5.1-7.el8_8.5.aarch64",
"AppStream-8.8.0.Z.EUS:frr-0:7.5.1-7.el8_8.5.ppc64le",
"AppStream-8.8.0.Z.EUS:frr-0:7.5.1-7.el8_8.5.s390x",
"AppStream-8.8.0.Z.EUS:frr-0:7.5.1-7.el8_8.5.src",
"AppStream-8.8.0.Z.EUS:frr-0:7.5.1-7.el8_8.5.x86_64",
"AppStream-8.8.0.Z.EUS:frr-debuginfo-0:7.5.1-7.el8_8.5.aarch64",
"AppStream-8.8.0.Z.EUS:frr-debuginfo-0:7.5.1-7.el8_8.5.ppc64le",
"AppStream-8.8.0.Z.EUS:frr-debuginfo-0:7.5.1-7.el8_8.5.s390x",
"AppStream-8.8.0.Z.EUS:frr-debuginfo-0:7.5.1-7.el8_8.5.x86_64",
"AppStream-8.8.0.Z.EUS:frr-debugsource-0:7.5.1-7.el8_8.5.aarch64",
"AppStream-8.8.0.Z.EUS:frr-debugsource-0:7.5.1-7.el8_8.5.ppc64le",
"AppStream-8.8.0.Z.EUS:frr-debugsource-0:7.5.1-7.el8_8.5.s390x",
"AppStream-8.8.0.Z.EUS:frr-debugsource-0:7.5.1-7.el8_8.5.x86_64",
"AppStream-8.8.0.Z.EUS:frr-selinux-0:7.5.1-7.el8_8.5.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "ffr: Out of bounds read in bgpd/bgp_label.c"
},
{
"cve": "CVE-2023-47234",
"discovery_date": "2023-11-06T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2248208"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in frr. A crash can occur when processing a crafted BGP UPDATE message with a MP_UNREACH_NLRI attribute and additional NLRI data that lacks mandatory path attributes.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "frr: crash from specially crafted MP_UNREACH_NLRI-containing BGP UPDATE message",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat OpenStack Platform does not ship its own version of the frr package, instead using the version from the underlying Red Hat Enterprise Linux. RHOSP is marked as Not Affected as no changes need to be made by the OpenStack engineering team. System administrators of OpenStack deployments should apply updates once available in RHEL.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.8.0.Z.EUS:frr-0:7.5.1-7.el8_8.5.aarch64",
"AppStream-8.8.0.Z.EUS:frr-0:7.5.1-7.el8_8.5.ppc64le",
"AppStream-8.8.0.Z.EUS:frr-0:7.5.1-7.el8_8.5.s390x",
"AppStream-8.8.0.Z.EUS:frr-0:7.5.1-7.el8_8.5.src",
"AppStream-8.8.0.Z.EUS:frr-0:7.5.1-7.el8_8.5.x86_64",
"AppStream-8.8.0.Z.EUS:frr-debuginfo-0:7.5.1-7.el8_8.5.aarch64",
"AppStream-8.8.0.Z.EUS:frr-debuginfo-0:7.5.1-7.el8_8.5.ppc64le",
"AppStream-8.8.0.Z.EUS:frr-debuginfo-0:7.5.1-7.el8_8.5.s390x",
"AppStream-8.8.0.Z.EUS:frr-debuginfo-0:7.5.1-7.el8_8.5.x86_64",
"AppStream-8.8.0.Z.EUS:frr-debugsource-0:7.5.1-7.el8_8.5.aarch64",
"AppStream-8.8.0.Z.EUS:frr-debugsource-0:7.5.1-7.el8_8.5.ppc64le",
"AppStream-8.8.0.Z.EUS:frr-debugsource-0:7.5.1-7.el8_8.5.s390x",
"AppStream-8.8.0.Z.EUS:frr-debugsource-0:7.5.1-7.el8_8.5.x86_64",
"AppStream-8.8.0.Z.EUS:frr-selinux-0:7.5.1-7.el8_8.5.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-47234"
},
{
"category": "external",
"summary": "RHBZ#2248208",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2248208"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-47234",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-47234"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-47234",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-47234"
}
],
"release_date": "2023-11-03T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-01-30T13:24:13+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.8.0.Z.EUS:frr-0:7.5.1-7.el8_8.5.aarch64",
"AppStream-8.8.0.Z.EUS:frr-0:7.5.1-7.el8_8.5.ppc64le",
"AppStream-8.8.0.Z.EUS:frr-0:7.5.1-7.el8_8.5.s390x",
"AppStream-8.8.0.Z.EUS:frr-0:7.5.1-7.el8_8.5.src",
"AppStream-8.8.0.Z.EUS:frr-0:7.5.1-7.el8_8.5.x86_64",
"AppStream-8.8.0.Z.EUS:frr-debuginfo-0:7.5.1-7.el8_8.5.aarch64",
"AppStream-8.8.0.Z.EUS:frr-debuginfo-0:7.5.1-7.el8_8.5.ppc64le",
"AppStream-8.8.0.Z.EUS:frr-debuginfo-0:7.5.1-7.el8_8.5.s390x",
"AppStream-8.8.0.Z.EUS:frr-debuginfo-0:7.5.1-7.el8_8.5.x86_64",
"AppStream-8.8.0.Z.EUS:frr-debugsource-0:7.5.1-7.el8_8.5.aarch64",
"AppStream-8.8.0.Z.EUS:frr-debugsource-0:7.5.1-7.el8_8.5.ppc64le",
"AppStream-8.8.0.Z.EUS:frr-debugsource-0:7.5.1-7.el8_8.5.s390x",
"AppStream-8.8.0.Z.EUS:frr-debugsource-0:7.5.1-7.el8_8.5.x86_64",
"AppStream-8.8.0.Z.EUS:frr-selinux-0:7.5.1-7.el8_8.5.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:0574"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"AppStream-8.8.0.Z.EUS:frr-0:7.5.1-7.el8_8.5.aarch64",
"AppStream-8.8.0.Z.EUS:frr-0:7.5.1-7.el8_8.5.ppc64le",
"AppStream-8.8.0.Z.EUS:frr-0:7.5.1-7.el8_8.5.s390x",
"AppStream-8.8.0.Z.EUS:frr-0:7.5.1-7.el8_8.5.src",
"AppStream-8.8.0.Z.EUS:frr-0:7.5.1-7.el8_8.5.x86_64",
"AppStream-8.8.0.Z.EUS:frr-debuginfo-0:7.5.1-7.el8_8.5.aarch64",
"AppStream-8.8.0.Z.EUS:frr-debuginfo-0:7.5.1-7.el8_8.5.ppc64le",
"AppStream-8.8.0.Z.EUS:frr-debuginfo-0:7.5.1-7.el8_8.5.s390x",
"AppStream-8.8.0.Z.EUS:frr-debuginfo-0:7.5.1-7.el8_8.5.x86_64",
"AppStream-8.8.0.Z.EUS:frr-debugsource-0:7.5.1-7.el8_8.5.aarch64",
"AppStream-8.8.0.Z.EUS:frr-debugsource-0:7.5.1-7.el8_8.5.ppc64le",
"AppStream-8.8.0.Z.EUS:frr-debugsource-0:7.5.1-7.el8_8.5.s390x",
"AppStream-8.8.0.Z.EUS:frr-debugsource-0:7.5.1-7.el8_8.5.x86_64",
"AppStream-8.8.0.Z.EUS:frr-selinux-0:7.5.1-7.el8_8.5.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-8.8.0.Z.EUS:frr-0:7.5.1-7.el8_8.5.aarch64",
"AppStream-8.8.0.Z.EUS:frr-0:7.5.1-7.el8_8.5.ppc64le",
"AppStream-8.8.0.Z.EUS:frr-0:7.5.1-7.el8_8.5.s390x",
"AppStream-8.8.0.Z.EUS:frr-0:7.5.1-7.el8_8.5.src",
"AppStream-8.8.0.Z.EUS:frr-0:7.5.1-7.el8_8.5.x86_64",
"AppStream-8.8.0.Z.EUS:frr-debuginfo-0:7.5.1-7.el8_8.5.aarch64",
"AppStream-8.8.0.Z.EUS:frr-debuginfo-0:7.5.1-7.el8_8.5.ppc64le",
"AppStream-8.8.0.Z.EUS:frr-debuginfo-0:7.5.1-7.el8_8.5.s390x",
"AppStream-8.8.0.Z.EUS:frr-debuginfo-0:7.5.1-7.el8_8.5.x86_64",
"AppStream-8.8.0.Z.EUS:frr-debugsource-0:7.5.1-7.el8_8.5.aarch64",
"AppStream-8.8.0.Z.EUS:frr-debugsource-0:7.5.1-7.el8_8.5.ppc64le",
"AppStream-8.8.0.Z.EUS:frr-debugsource-0:7.5.1-7.el8_8.5.s390x",
"AppStream-8.8.0.Z.EUS:frr-debugsource-0:7.5.1-7.el8_8.5.x86_64",
"AppStream-8.8.0.Z.EUS:frr-selinux-0:7.5.1-7.el8_8.5.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "frr: crash from specially crafted MP_UNREACH_NLRI-containing BGP UPDATE message"
},
{
"cve": "CVE-2023-47235",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2023-11-06T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2248207"
}
],
"notes": [
{
"category": "description",
"text": "An issue was found in FRRouting FRR, where a crash may occur when processing a malformed BGP UPDATE message with an EOR.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "frr: crash from malformed EOR-containing BGP UPDATE message",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "A moderate severity issue has been identified in FRRouting FRR, where a crash may occur when processing a malformed BGP UPDATE message with an EOR. It\u0027s important to note that Red Hat OpenStack Platform (RHOSP) is not directly affected, as it utilises the version from the underlying Red Hat Enterprise Linux and is marked as Not Affected, with no changes required by the OpenStack engineering team. However, system administrators of OpenStack deployments are advised to apply updates once available in RHEL to mitigate potential risks. Additionally, this flaw is discovered through fuzzing, where, in normal cases, such packets cannot exist.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.8.0.Z.EUS:frr-0:7.5.1-7.el8_8.5.aarch64",
"AppStream-8.8.0.Z.EUS:frr-0:7.5.1-7.el8_8.5.ppc64le",
"AppStream-8.8.0.Z.EUS:frr-0:7.5.1-7.el8_8.5.s390x",
"AppStream-8.8.0.Z.EUS:frr-0:7.5.1-7.el8_8.5.src",
"AppStream-8.8.0.Z.EUS:frr-0:7.5.1-7.el8_8.5.x86_64",
"AppStream-8.8.0.Z.EUS:frr-debuginfo-0:7.5.1-7.el8_8.5.aarch64",
"AppStream-8.8.0.Z.EUS:frr-debuginfo-0:7.5.1-7.el8_8.5.ppc64le",
"AppStream-8.8.0.Z.EUS:frr-debuginfo-0:7.5.1-7.el8_8.5.s390x",
"AppStream-8.8.0.Z.EUS:frr-debuginfo-0:7.5.1-7.el8_8.5.x86_64",
"AppStream-8.8.0.Z.EUS:frr-debugsource-0:7.5.1-7.el8_8.5.aarch64",
"AppStream-8.8.0.Z.EUS:frr-debugsource-0:7.5.1-7.el8_8.5.ppc64le",
"AppStream-8.8.0.Z.EUS:frr-debugsource-0:7.5.1-7.el8_8.5.s390x",
"AppStream-8.8.0.Z.EUS:frr-debugsource-0:7.5.1-7.el8_8.5.x86_64",
"AppStream-8.8.0.Z.EUS:frr-selinux-0:7.5.1-7.el8_8.5.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-47235"
},
{
"category": "external",
"summary": "RHBZ#2248207",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2248207"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-47235",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-47235"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-47235",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-47235"
}
],
"release_date": "2023-11-03T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-01-30T13:24:13+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.8.0.Z.EUS:frr-0:7.5.1-7.el8_8.5.aarch64",
"AppStream-8.8.0.Z.EUS:frr-0:7.5.1-7.el8_8.5.ppc64le",
"AppStream-8.8.0.Z.EUS:frr-0:7.5.1-7.el8_8.5.s390x",
"AppStream-8.8.0.Z.EUS:frr-0:7.5.1-7.el8_8.5.src",
"AppStream-8.8.0.Z.EUS:frr-0:7.5.1-7.el8_8.5.x86_64",
"AppStream-8.8.0.Z.EUS:frr-debuginfo-0:7.5.1-7.el8_8.5.aarch64",
"AppStream-8.8.0.Z.EUS:frr-debuginfo-0:7.5.1-7.el8_8.5.ppc64le",
"AppStream-8.8.0.Z.EUS:frr-debuginfo-0:7.5.1-7.el8_8.5.s390x",
"AppStream-8.8.0.Z.EUS:frr-debuginfo-0:7.5.1-7.el8_8.5.x86_64",
"AppStream-8.8.0.Z.EUS:frr-debugsource-0:7.5.1-7.el8_8.5.aarch64",
"AppStream-8.8.0.Z.EUS:frr-debugsource-0:7.5.1-7.el8_8.5.ppc64le",
"AppStream-8.8.0.Z.EUS:frr-debugsource-0:7.5.1-7.el8_8.5.s390x",
"AppStream-8.8.0.Z.EUS:frr-debugsource-0:7.5.1-7.el8_8.5.x86_64",
"AppStream-8.8.0.Z.EUS:frr-selinux-0:7.5.1-7.el8_8.5.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:0574"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"AppStream-8.8.0.Z.EUS:frr-0:7.5.1-7.el8_8.5.aarch64",
"AppStream-8.8.0.Z.EUS:frr-0:7.5.1-7.el8_8.5.ppc64le",
"AppStream-8.8.0.Z.EUS:frr-0:7.5.1-7.el8_8.5.s390x",
"AppStream-8.8.0.Z.EUS:frr-0:7.5.1-7.el8_8.5.src",
"AppStream-8.8.0.Z.EUS:frr-0:7.5.1-7.el8_8.5.x86_64",
"AppStream-8.8.0.Z.EUS:frr-debuginfo-0:7.5.1-7.el8_8.5.aarch64",
"AppStream-8.8.0.Z.EUS:frr-debuginfo-0:7.5.1-7.el8_8.5.ppc64le",
"AppStream-8.8.0.Z.EUS:frr-debuginfo-0:7.5.1-7.el8_8.5.s390x",
"AppStream-8.8.0.Z.EUS:frr-debuginfo-0:7.5.1-7.el8_8.5.x86_64",
"AppStream-8.8.0.Z.EUS:frr-debugsource-0:7.5.1-7.el8_8.5.aarch64",
"AppStream-8.8.0.Z.EUS:frr-debugsource-0:7.5.1-7.el8_8.5.ppc64le",
"AppStream-8.8.0.Z.EUS:frr-debugsource-0:7.5.1-7.el8_8.5.s390x",
"AppStream-8.8.0.Z.EUS:frr-debugsource-0:7.5.1-7.el8_8.5.x86_64",
"AppStream-8.8.0.Z.EUS:frr-selinux-0:7.5.1-7.el8_8.5.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-8.8.0.Z.EUS:frr-0:7.5.1-7.el8_8.5.aarch64",
"AppStream-8.8.0.Z.EUS:frr-0:7.5.1-7.el8_8.5.ppc64le",
"AppStream-8.8.0.Z.EUS:frr-0:7.5.1-7.el8_8.5.s390x",
"AppStream-8.8.0.Z.EUS:frr-0:7.5.1-7.el8_8.5.src",
"AppStream-8.8.0.Z.EUS:frr-0:7.5.1-7.el8_8.5.x86_64",
"AppStream-8.8.0.Z.EUS:frr-debuginfo-0:7.5.1-7.el8_8.5.aarch64",
"AppStream-8.8.0.Z.EUS:frr-debuginfo-0:7.5.1-7.el8_8.5.ppc64le",
"AppStream-8.8.0.Z.EUS:frr-debuginfo-0:7.5.1-7.el8_8.5.s390x",
"AppStream-8.8.0.Z.EUS:frr-debuginfo-0:7.5.1-7.el8_8.5.x86_64",
"AppStream-8.8.0.Z.EUS:frr-debugsource-0:7.5.1-7.el8_8.5.aarch64",
"AppStream-8.8.0.Z.EUS:frr-debugsource-0:7.5.1-7.el8_8.5.ppc64le",
"AppStream-8.8.0.Z.EUS:frr-debugsource-0:7.5.1-7.el8_8.5.s390x",
"AppStream-8.8.0.Z.EUS:frr-debugsource-0:7.5.1-7.el8_8.5.x86_64",
"AppStream-8.8.0.Z.EUS:frr-selinux-0:7.5.1-7.el8_8.5.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "frr: crash from malformed EOR-containing BGP UPDATE message"
}
]
}
RHSA-2024_1093
Vulnerability from csaf_redhat - Published: 2024-03-05 08:23 - Updated: 2024-11-23 02:12Summary
Red Hat Security Advisory: frr security update
Severity
Moderate
Notes
Topic: An update for frr is now available for Red Hat Enterprise Linux 9.2 Extended Update Support.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details: FRRouting is free software that manages TCP/IP based routing protocols. It supports BGP4, OSPFv2, OSPFv3, ISIS, RIP, RIPng, PIM, NHRP, PBR, EIGRP and BFD.
Security Fix(es):
* ffr: Flowspec overflow in bgpd/bgp_flowspec.c (CVE-2023-38406)
* ffr: Out of bounds read in bgpd/bgp_label.c (CVE-2023-38407)
* frr: crash from specially crafted MP_UNREACH_NLRI-containing BGP UPDATE message (CVE-2023-47234)
* frr: crash from malformed EOR-containing BGP UPDATE message (CVE-2023-47235)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A flaw was found in bgpd/bgp_flowspec.c in the FFrouting BGP protocol code. An overflow may occur while processing zero length NLRI messages.
7.5 (High)
Affected products
Fixed
14 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-9.2.0.Z.EUS:frr-0:8.3.1-5.el9_2.4.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.EUS:frr-0:8.3.1-5.el9_2.4.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.EUS:frr-0:8.3.1-5.el9_2.4.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.EUS:frr-0:8.3.1-5.el9_2.4.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.EUS:frr-0:8.3.1-5.el9_2.4.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.EUS:frr-debuginfo-0:8.3.1-5.el9_2.4.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.EUS:frr-debuginfo-0:8.3.1-5.el9_2.4.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.EUS:frr-debuginfo-0:8.3.1-5.el9_2.4.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.EUS:frr-debuginfo-0:8.3.1-5.el9_2.4.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.EUS:frr-debugsource-0:8.3.1-5.el9_2.4.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.EUS:frr-debugsource-0:8.3.1-5.el9_2.4.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.EUS:frr-debugsource-0:8.3.1-5.el9_2.4.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.EUS:frr-debugsource-0:8.3.1-5.el9_2.4.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.EUS:frr-selinux-0:8.3.1-5.el9_2.4.noarch | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
An out-of-bounds read flaw was found in FFrounting beyond the end of the stream during labeled unicast parsing. This issue may lead to application crash and denial of service.
7.5 (High)
Affected products
Fixed
14 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-9.2.0.Z.EUS:frr-0:8.3.1-5.el9_2.4.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.EUS:frr-0:8.3.1-5.el9_2.4.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.EUS:frr-0:8.3.1-5.el9_2.4.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.EUS:frr-0:8.3.1-5.el9_2.4.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.EUS:frr-0:8.3.1-5.el9_2.4.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.EUS:frr-debuginfo-0:8.3.1-5.el9_2.4.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.EUS:frr-debuginfo-0:8.3.1-5.el9_2.4.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.EUS:frr-debuginfo-0:8.3.1-5.el9_2.4.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.EUS:frr-debuginfo-0:8.3.1-5.el9_2.4.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.EUS:frr-debugsource-0:8.3.1-5.el9_2.4.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.EUS:frr-debugsource-0:8.3.1-5.el9_2.4.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.EUS:frr-debugsource-0:8.3.1-5.el9_2.4.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.EUS:frr-debugsource-0:8.3.1-5.el9_2.4.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.EUS:frr-selinux-0:8.3.1-5.el9_2.4.noarch | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
A flaw was found in frr. A crash can occur when processing a crafted BGP UPDATE message with a MP_UNREACH_NLRI attribute and additional NLRI data that lacks mandatory path attributes.
7.5 (High)
Affected products
Fixed
14 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-9.2.0.Z.EUS:frr-0:8.3.1-5.el9_2.4.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.EUS:frr-0:8.3.1-5.el9_2.4.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.EUS:frr-0:8.3.1-5.el9_2.4.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.EUS:frr-0:8.3.1-5.el9_2.4.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.EUS:frr-0:8.3.1-5.el9_2.4.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.EUS:frr-debuginfo-0:8.3.1-5.el9_2.4.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.EUS:frr-debuginfo-0:8.3.1-5.el9_2.4.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.EUS:frr-debuginfo-0:8.3.1-5.el9_2.4.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.EUS:frr-debuginfo-0:8.3.1-5.el9_2.4.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.EUS:frr-debugsource-0:8.3.1-5.el9_2.4.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.EUS:frr-debugsource-0:8.3.1-5.el9_2.4.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.EUS:frr-debugsource-0:8.3.1-5.el9_2.4.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.EUS:frr-debugsource-0:8.3.1-5.el9_2.4.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.EUS:frr-selinux-0:8.3.1-5.el9_2.4.noarch | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
An issue was found in FRRouting FRR, where a crash may occur when processing a malformed BGP UPDATE message with an EOR.
7.5 (High)
Affected products
Fixed
14 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-9.2.0.Z.EUS:frr-0:8.3.1-5.el9_2.4.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.EUS:frr-0:8.3.1-5.el9_2.4.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.EUS:frr-0:8.3.1-5.el9_2.4.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.EUS:frr-0:8.3.1-5.el9_2.4.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.EUS:frr-0:8.3.1-5.el9_2.4.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.EUS:frr-debuginfo-0:8.3.1-5.el9_2.4.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.EUS:frr-debuginfo-0:8.3.1-5.el9_2.4.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.EUS:frr-debuginfo-0:8.3.1-5.el9_2.4.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.EUS:frr-debuginfo-0:8.3.1-5.el9_2.4.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.EUS:frr-debugsource-0:8.3.1-5.el9_2.4.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.EUS:frr-debugsource-0:8.3.1-5.el9_2.4.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.EUS:frr-debugsource-0:8.3.1-5.el9_2.4.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.EUS:frr-debugsource-0:8.3.1-5.el9_2.4.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.EUS:frr-selinux-0:8.3.1-5.el9_2.4.noarch | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
References
26 references
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for frr is now available for Red Hat Enterprise Linux 9.2 Extended Update Support.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "FRRouting is free software that manages TCP/IP based routing protocols. It supports BGP4, OSPFv2, OSPFv3, ISIS, RIP, RIPng, PIM, NHRP, PBR, EIGRP and BFD. \n\nSecurity Fix(es):\n\n* ffr: Flowspec overflow in bgpd/bgp_flowspec.c (CVE-2023-38406)\n\n* ffr: Out of bounds read in bgpd/bgp_label.c (CVE-2023-38407)\n\n* frr: crash from specially crafted MP_UNREACH_NLRI-containing BGP UPDATE message (CVE-2023-47234)\n\n* frr: crash from malformed EOR-containing BGP UPDATE message (CVE-2023-47235)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2024:1093",
"url": "https://access.redhat.com/errata/RHSA-2024:1093"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "2248207",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2248207"
},
{
"category": "external",
"summary": "2248208",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2248208"
},
{
"category": "external",
"summary": "2248526",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2248526"
},
{
"category": "external",
"summary": "2248528",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2248528"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_1093.json"
}
],
"title": "Red Hat Security Advisory: frr security update",
"tracking": {
"current_release_date": "2024-11-23T02:12:11+00:00",
"generator": {
"date": "2024-11-23T02:12:11+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.1"
}
},
"id": "RHSA-2024:1093",
"initial_release_date": "2024-03-05T08:23:20+00:00",
"revision_history": [
{
"date": "2024-03-05T08:23:20+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2024-03-05T08:23:20+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-11-23T02:12:11+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux AppStream EUS (v.9.2)",
"product": {
"name": "Red Hat Enterprise Linux AppStream EUS (v.9.2)",
"product_id": "AppStream-9.2.0.Z.EUS",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_eus:9.2::appstream"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "frr-0:8.3.1-5.el9_2.4.src",
"product": {
"name": "frr-0:8.3.1-5.el9_2.4.src",
"product_id": "frr-0:8.3.1-5.el9_2.4.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/frr@8.3.1-5.el9_2.4?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "frr-0:8.3.1-5.el9_2.4.aarch64",
"product": {
"name": "frr-0:8.3.1-5.el9_2.4.aarch64",
"product_id": "frr-0:8.3.1-5.el9_2.4.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/frr@8.3.1-5.el9_2.4?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "frr-debugsource-0:8.3.1-5.el9_2.4.aarch64",
"product": {
"name": "frr-debugsource-0:8.3.1-5.el9_2.4.aarch64",
"product_id": "frr-debugsource-0:8.3.1-5.el9_2.4.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/frr-debugsource@8.3.1-5.el9_2.4?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "frr-debuginfo-0:8.3.1-5.el9_2.4.aarch64",
"product": {
"name": "frr-debuginfo-0:8.3.1-5.el9_2.4.aarch64",
"product_id": "frr-debuginfo-0:8.3.1-5.el9_2.4.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/frr-debuginfo@8.3.1-5.el9_2.4?arch=aarch64"
}
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "frr-0:8.3.1-5.el9_2.4.ppc64le",
"product": {
"name": "frr-0:8.3.1-5.el9_2.4.ppc64le",
"product_id": "frr-0:8.3.1-5.el9_2.4.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/frr@8.3.1-5.el9_2.4?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "frr-debugsource-0:8.3.1-5.el9_2.4.ppc64le",
"product": {
"name": "frr-debugsource-0:8.3.1-5.el9_2.4.ppc64le",
"product_id": "frr-debugsource-0:8.3.1-5.el9_2.4.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/frr-debugsource@8.3.1-5.el9_2.4?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "frr-debuginfo-0:8.3.1-5.el9_2.4.ppc64le",
"product": {
"name": "frr-debuginfo-0:8.3.1-5.el9_2.4.ppc64le",
"product_id": "frr-debuginfo-0:8.3.1-5.el9_2.4.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/frr-debuginfo@8.3.1-5.el9_2.4?arch=ppc64le"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "frr-0:8.3.1-5.el9_2.4.x86_64",
"product": {
"name": "frr-0:8.3.1-5.el9_2.4.x86_64",
"product_id": "frr-0:8.3.1-5.el9_2.4.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/frr@8.3.1-5.el9_2.4?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "frr-debugsource-0:8.3.1-5.el9_2.4.x86_64",
"product": {
"name": "frr-debugsource-0:8.3.1-5.el9_2.4.x86_64",
"product_id": "frr-debugsource-0:8.3.1-5.el9_2.4.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/frr-debugsource@8.3.1-5.el9_2.4?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "frr-debuginfo-0:8.3.1-5.el9_2.4.x86_64",
"product": {
"name": "frr-debuginfo-0:8.3.1-5.el9_2.4.x86_64",
"product_id": "frr-debuginfo-0:8.3.1-5.el9_2.4.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/frr-debuginfo@8.3.1-5.el9_2.4?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "frr-0:8.3.1-5.el9_2.4.s390x",
"product": {
"name": "frr-0:8.3.1-5.el9_2.4.s390x",
"product_id": "frr-0:8.3.1-5.el9_2.4.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/frr@8.3.1-5.el9_2.4?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "frr-debugsource-0:8.3.1-5.el9_2.4.s390x",
"product": {
"name": "frr-debugsource-0:8.3.1-5.el9_2.4.s390x",
"product_id": "frr-debugsource-0:8.3.1-5.el9_2.4.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/frr-debugsource@8.3.1-5.el9_2.4?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "frr-debuginfo-0:8.3.1-5.el9_2.4.s390x",
"product": {
"name": "frr-debuginfo-0:8.3.1-5.el9_2.4.s390x",
"product_id": "frr-debuginfo-0:8.3.1-5.el9_2.4.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/frr-debuginfo@8.3.1-5.el9_2.4?arch=s390x"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "frr-selinux-0:8.3.1-5.el9_2.4.noarch",
"product": {
"name": "frr-selinux-0:8.3.1-5.el9_2.4.noarch",
"product_id": "frr-selinux-0:8.3.1-5.el9_2.4.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/frr-selinux@8.3.1-5.el9_2.4?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "frr-0:8.3.1-5.el9_2.4.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)",
"product_id": "AppStream-9.2.0.Z.EUS:frr-0:8.3.1-5.el9_2.4.aarch64"
},
"product_reference": "frr-0:8.3.1-5.el9_2.4.aarch64",
"relates_to_product_reference": "AppStream-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "frr-0:8.3.1-5.el9_2.4.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)",
"product_id": "AppStream-9.2.0.Z.EUS:frr-0:8.3.1-5.el9_2.4.ppc64le"
},
"product_reference": "frr-0:8.3.1-5.el9_2.4.ppc64le",
"relates_to_product_reference": "AppStream-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "frr-0:8.3.1-5.el9_2.4.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)",
"product_id": "AppStream-9.2.0.Z.EUS:frr-0:8.3.1-5.el9_2.4.s390x"
},
"product_reference": "frr-0:8.3.1-5.el9_2.4.s390x",
"relates_to_product_reference": "AppStream-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "frr-0:8.3.1-5.el9_2.4.src as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)",
"product_id": "AppStream-9.2.0.Z.EUS:frr-0:8.3.1-5.el9_2.4.src"
},
"product_reference": "frr-0:8.3.1-5.el9_2.4.src",
"relates_to_product_reference": "AppStream-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "frr-0:8.3.1-5.el9_2.4.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)",
"product_id": "AppStream-9.2.0.Z.EUS:frr-0:8.3.1-5.el9_2.4.x86_64"
},
"product_reference": "frr-0:8.3.1-5.el9_2.4.x86_64",
"relates_to_product_reference": "AppStream-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "frr-debuginfo-0:8.3.1-5.el9_2.4.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)",
"product_id": "AppStream-9.2.0.Z.EUS:frr-debuginfo-0:8.3.1-5.el9_2.4.aarch64"
},
"product_reference": "frr-debuginfo-0:8.3.1-5.el9_2.4.aarch64",
"relates_to_product_reference": "AppStream-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "frr-debuginfo-0:8.3.1-5.el9_2.4.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)",
"product_id": "AppStream-9.2.0.Z.EUS:frr-debuginfo-0:8.3.1-5.el9_2.4.ppc64le"
},
"product_reference": "frr-debuginfo-0:8.3.1-5.el9_2.4.ppc64le",
"relates_to_product_reference": "AppStream-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "frr-debuginfo-0:8.3.1-5.el9_2.4.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)",
"product_id": "AppStream-9.2.0.Z.EUS:frr-debuginfo-0:8.3.1-5.el9_2.4.s390x"
},
"product_reference": "frr-debuginfo-0:8.3.1-5.el9_2.4.s390x",
"relates_to_product_reference": "AppStream-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "frr-debuginfo-0:8.3.1-5.el9_2.4.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)",
"product_id": "AppStream-9.2.0.Z.EUS:frr-debuginfo-0:8.3.1-5.el9_2.4.x86_64"
},
"product_reference": "frr-debuginfo-0:8.3.1-5.el9_2.4.x86_64",
"relates_to_product_reference": "AppStream-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "frr-debugsource-0:8.3.1-5.el9_2.4.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)",
"product_id": "AppStream-9.2.0.Z.EUS:frr-debugsource-0:8.3.1-5.el9_2.4.aarch64"
},
"product_reference": "frr-debugsource-0:8.3.1-5.el9_2.4.aarch64",
"relates_to_product_reference": "AppStream-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "frr-debugsource-0:8.3.1-5.el9_2.4.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)",
"product_id": "AppStream-9.2.0.Z.EUS:frr-debugsource-0:8.3.1-5.el9_2.4.ppc64le"
},
"product_reference": "frr-debugsource-0:8.3.1-5.el9_2.4.ppc64le",
"relates_to_product_reference": "AppStream-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "frr-debugsource-0:8.3.1-5.el9_2.4.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)",
"product_id": "AppStream-9.2.0.Z.EUS:frr-debugsource-0:8.3.1-5.el9_2.4.s390x"
},
"product_reference": "frr-debugsource-0:8.3.1-5.el9_2.4.s390x",
"relates_to_product_reference": "AppStream-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "frr-debugsource-0:8.3.1-5.el9_2.4.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)",
"product_id": "AppStream-9.2.0.Z.EUS:frr-debugsource-0:8.3.1-5.el9_2.4.x86_64"
},
"product_reference": "frr-debugsource-0:8.3.1-5.el9_2.4.x86_64",
"relates_to_product_reference": "AppStream-9.2.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "frr-selinux-0:8.3.1-5.el9_2.4.noarch as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)",
"product_id": "AppStream-9.2.0.Z.EUS:frr-selinux-0:8.3.1-5.el9_2.4.noarch"
},
"product_reference": "frr-selinux-0:8.3.1-5.el9_2.4.noarch",
"relates_to_product_reference": "AppStream-9.2.0.Z.EUS"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-38406",
"cwe": {
"id": "CWE-119",
"name": "Improper Restriction of Operations within the Bounds of a Memory Buffer"
},
"discovery_date": "2023-11-06T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2248526"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in bgpd/bgp_flowspec.c in the FFrouting BGP protocol code. An overflow may occur while processing zero length NLRI messages.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "ffr: Flowspec overflow in bgpd/bgp_flowspec.c",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat OpenStack Platform does not ship its own version of the frr package, instead using the version from the underlying Red Hat Enterprise Linux. RHOSP is marked as Not Affected as no changes need to be made by the OpenStack engineering team. System administrators of OpenStack deployments should apply updates once available in RHEL.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.2.0.Z.EUS:frr-0:8.3.1-5.el9_2.4.aarch64",
"AppStream-9.2.0.Z.EUS:frr-0:8.3.1-5.el9_2.4.ppc64le",
"AppStream-9.2.0.Z.EUS:frr-0:8.3.1-5.el9_2.4.s390x",
"AppStream-9.2.0.Z.EUS:frr-0:8.3.1-5.el9_2.4.src",
"AppStream-9.2.0.Z.EUS:frr-0:8.3.1-5.el9_2.4.x86_64",
"AppStream-9.2.0.Z.EUS:frr-debuginfo-0:8.3.1-5.el9_2.4.aarch64",
"AppStream-9.2.0.Z.EUS:frr-debuginfo-0:8.3.1-5.el9_2.4.ppc64le",
"AppStream-9.2.0.Z.EUS:frr-debuginfo-0:8.3.1-5.el9_2.4.s390x",
"AppStream-9.2.0.Z.EUS:frr-debuginfo-0:8.3.1-5.el9_2.4.x86_64",
"AppStream-9.2.0.Z.EUS:frr-debugsource-0:8.3.1-5.el9_2.4.aarch64",
"AppStream-9.2.0.Z.EUS:frr-debugsource-0:8.3.1-5.el9_2.4.ppc64le",
"AppStream-9.2.0.Z.EUS:frr-debugsource-0:8.3.1-5.el9_2.4.s390x",
"AppStream-9.2.0.Z.EUS:frr-debugsource-0:8.3.1-5.el9_2.4.x86_64",
"AppStream-9.2.0.Z.EUS:frr-selinux-0:8.3.1-5.el9_2.4.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-38406"
},
{
"category": "external",
"summary": "RHBZ#2248526",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2248526"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-38406",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38406"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-38406",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-38406"
},
{
"category": "external",
"summary": "https://github.com/FRRouting/frr/pull/12884",
"url": "https://github.com/FRRouting/frr/pull/12884"
}
],
"release_date": "2023-02-24T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-03-05T08:23:20+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.2.0.Z.EUS:frr-0:8.3.1-5.el9_2.4.aarch64",
"AppStream-9.2.0.Z.EUS:frr-0:8.3.1-5.el9_2.4.ppc64le",
"AppStream-9.2.0.Z.EUS:frr-0:8.3.1-5.el9_2.4.s390x",
"AppStream-9.2.0.Z.EUS:frr-0:8.3.1-5.el9_2.4.src",
"AppStream-9.2.0.Z.EUS:frr-0:8.3.1-5.el9_2.4.x86_64",
"AppStream-9.2.0.Z.EUS:frr-debuginfo-0:8.3.1-5.el9_2.4.aarch64",
"AppStream-9.2.0.Z.EUS:frr-debuginfo-0:8.3.1-5.el9_2.4.ppc64le",
"AppStream-9.2.0.Z.EUS:frr-debuginfo-0:8.3.1-5.el9_2.4.s390x",
"AppStream-9.2.0.Z.EUS:frr-debuginfo-0:8.3.1-5.el9_2.4.x86_64",
"AppStream-9.2.0.Z.EUS:frr-debugsource-0:8.3.1-5.el9_2.4.aarch64",
"AppStream-9.2.0.Z.EUS:frr-debugsource-0:8.3.1-5.el9_2.4.ppc64le",
"AppStream-9.2.0.Z.EUS:frr-debugsource-0:8.3.1-5.el9_2.4.s390x",
"AppStream-9.2.0.Z.EUS:frr-debugsource-0:8.3.1-5.el9_2.4.x86_64",
"AppStream-9.2.0.Z.EUS:frr-selinux-0:8.3.1-5.el9_2.4.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:1093"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"AppStream-9.2.0.Z.EUS:frr-0:8.3.1-5.el9_2.4.aarch64",
"AppStream-9.2.0.Z.EUS:frr-0:8.3.1-5.el9_2.4.ppc64le",
"AppStream-9.2.0.Z.EUS:frr-0:8.3.1-5.el9_2.4.s390x",
"AppStream-9.2.0.Z.EUS:frr-0:8.3.1-5.el9_2.4.src",
"AppStream-9.2.0.Z.EUS:frr-0:8.3.1-5.el9_2.4.x86_64",
"AppStream-9.2.0.Z.EUS:frr-debuginfo-0:8.3.1-5.el9_2.4.aarch64",
"AppStream-9.2.0.Z.EUS:frr-debuginfo-0:8.3.1-5.el9_2.4.ppc64le",
"AppStream-9.2.0.Z.EUS:frr-debuginfo-0:8.3.1-5.el9_2.4.s390x",
"AppStream-9.2.0.Z.EUS:frr-debuginfo-0:8.3.1-5.el9_2.4.x86_64",
"AppStream-9.2.0.Z.EUS:frr-debugsource-0:8.3.1-5.el9_2.4.aarch64",
"AppStream-9.2.0.Z.EUS:frr-debugsource-0:8.3.1-5.el9_2.4.ppc64le",
"AppStream-9.2.0.Z.EUS:frr-debugsource-0:8.3.1-5.el9_2.4.s390x",
"AppStream-9.2.0.Z.EUS:frr-debugsource-0:8.3.1-5.el9_2.4.x86_64",
"AppStream-9.2.0.Z.EUS:frr-selinux-0:8.3.1-5.el9_2.4.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-9.2.0.Z.EUS:frr-0:8.3.1-5.el9_2.4.aarch64",
"AppStream-9.2.0.Z.EUS:frr-0:8.3.1-5.el9_2.4.ppc64le",
"AppStream-9.2.0.Z.EUS:frr-0:8.3.1-5.el9_2.4.s390x",
"AppStream-9.2.0.Z.EUS:frr-0:8.3.1-5.el9_2.4.src",
"AppStream-9.2.0.Z.EUS:frr-0:8.3.1-5.el9_2.4.x86_64",
"AppStream-9.2.0.Z.EUS:frr-debuginfo-0:8.3.1-5.el9_2.4.aarch64",
"AppStream-9.2.0.Z.EUS:frr-debuginfo-0:8.3.1-5.el9_2.4.ppc64le",
"AppStream-9.2.0.Z.EUS:frr-debuginfo-0:8.3.1-5.el9_2.4.s390x",
"AppStream-9.2.0.Z.EUS:frr-debuginfo-0:8.3.1-5.el9_2.4.x86_64",
"AppStream-9.2.0.Z.EUS:frr-debugsource-0:8.3.1-5.el9_2.4.aarch64",
"AppStream-9.2.0.Z.EUS:frr-debugsource-0:8.3.1-5.el9_2.4.ppc64le",
"AppStream-9.2.0.Z.EUS:frr-debugsource-0:8.3.1-5.el9_2.4.s390x",
"AppStream-9.2.0.Z.EUS:frr-debugsource-0:8.3.1-5.el9_2.4.x86_64",
"AppStream-9.2.0.Z.EUS:frr-selinux-0:8.3.1-5.el9_2.4.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "ffr: Flowspec overflow in bgpd/bgp_flowspec.c"
},
{
"cve": "CVE-2023-38407",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"discovery_date": "2023-11-06T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2248528"
}
],
"notes": [
{
"category": "description",
"text": "An out-of-bounds read flaw was found in FFrounting beyond the end of the stream during labeled unicast parsing. This issue may lead to application crash and denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "ffr: Out of bounds read in bgpd/bgp_label.c",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat OpenStack Platform does not ship its own version of the frr package, instead using the version from the underlying Red Hat Enterprise Linux. RHOSP is marked as Not Affected as no changes need to be made by the OpenStack engineering team. System administrators of OpenStack deployments should apply updates once available in RHEL.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.2.0.Z.EUS:frr-0:8.3.1-5.el9_2.4.aarch64",
"AppStream-9.2.0.Z.EUS:frr-0:8.3.1-5.el9_2.4.ppc64le",
"AppStream-9.2.0.Z.EUS:frr-0:8.3.1-5.el9_2.4.s390x",
"AppStream-9.2.0.Z.EUS:frr-0:8.3.1-5.el9_2.4.src",
"AppStream-9.2.0.Z.EUS:frr-0:8.3.1-5.el9_2.4.x86_64",
"AppStream-9.2.0.Z.EUS:frr-debuginfo-0:8.3.1-5.el9_2.4.aarch64",
"AppStream-9.2.0.Z.EUS:frr-debuginfo-0:8.3.1-5.el9_2.4.ppc64le",
"AppStream-9.2.0.Z.EUS:frr-debuginfo-0:8.3.1-5.el9_2.4.s390x",
"AppStream-9.2.0.Z.EUS:frr-debuginfo-0:8.3.1-5.el9_2.4.x86_64",
"AppStream-9.2.0.Z.EUS:frr-debugsource-0:8.3.1-5.el9_2.4.aarch64",
"AppStream-9.2.0.Z.EUS:frr-debugsource-0:8.3.1-5.el9_2.4.ppc64le",
"AppStream-9.2.0.Z.EUS:frr-debugsource-0:8.3.1-5.el9_2.4.s390x",
"AppStream-9.2.0.Z.EUS:frr-debugsource-0:8.3.1-5.el9_2.4.x86_64",
"AppStream-9.2.0.Z.EUS:frr-selinux-0:8.3.1-5.el9_2.4.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-38407"
},
{
"category": "external",
"summary": "RHBZ#2248528",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2248528"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-38407",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38407"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-38407",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-38407"
},
{
"category": "external",
"summary": "https://github.com/FRRouting/frr/pull/12951",
"url": "https://github.com/FRRouting/frr/pull/12951"
},
{
"category": "external",
"summary": "https://github.com/FRRouting/frr/pull/12956",
"url": "https://github.com/FRRouting/frr/pull/12956"
}
],
"release_date": "2023-03-05T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-03-05T08:23:20+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.2.0.Z.EUS:frr-0:8.3.1-5.el9_2.4.aarch64",
"AppStream-9.2.0.Z.EUS:frr-0:8.3.1-5.el9_2.4.ppc64le",
"AppStream-9.2.0.Z.EUS:frr-0:8.3.1-5.el9_2.4.s390x",
"AppStream-9.2.0.Z.EUS:frr-0:8.3.1-5.el9_2.4.src",
"AppStream-9.2.0.Z.EUS:frr-0:8.3.1-5.el9_2.4.x86_64",
"AppStream-9.2.0.Z.EUS:frr-debuginfo-0:8.3.1-5.el9_2.4.aarch64",
"AppStream-9.2.0.Z.EUS:frr-debuginfo-0:8.3.1-5.el9_2.4.ppc64le",
"AppStream-9.2.0.Z.EUS:frr-debuginfo-0:8.3.1-5.el9_2.4.s390x",
"AppStream-9.2.0.Z.EUS:frr-debuginfo-0:8.3.1-5.el9_2.4.x86_64",
"AppStream-9.2.0.Z.EUS:frr-debugsource-0:8.3.1-5.el9_2.4.aarch64",
"AppStream-9.2.0.Z.EUS:frr-debugsource-0:8.3.1-5.el9_2.4.ppc64le",
"AppStream-9.2.0.Z.EUS:frr-debugsource-0:8.3.1-5.el9_2.4.s390x",
"AppStream-9.2.0.Z.EUS:frr-debugsource-0:8.3.1-5.el9_2.4.x86_64",
"AppStream-9.2.0.Z.EUS:frr-selinux-0:8.3.1-5.el9_2.4.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:1093"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"AppStream-9.2.0.Z.EUS:frr-0:8.3.1-5.el9_2.4.aarch64",
"AppStream-9.2.0.Z.EUS:frr-0:8.3.1-5.el9_2.4.ppc64le",
"AppStream-9.2.0.Z.EUS:frr-0:8.3.1-5.el9_2.4.s390x",
"AppStream-9.2.0.Z.EUS:frr-0:8.3.1-5.el9_2.4.src",
"AppStream-9.2.0.Z.EUS:frr-0:8.3.1-5.el9_2.4.x86_64",
"AppStream-9.2.0.Z.EUS:frr-debuginfo-0:8.3.1-5.el9_2.4.aarch64",
"AppStream-9.2.0.Z.EUS:frr-debuginfo-0:8.3.1-5.el9_2.4.ppc64le",
"AppStream-9.2.0.Z.EUS:frr-debuginfo-0:8.3.1-5.el9_2.4.s390x",
"AppStream-9.2.0.Z.EUS:frr-debuginfo-0:8.3.1-5.el9_2.4.x86_64",
"AppStream-9.2.0.Z.EUS:frr-debugsource-0:8.3.1-5.el9_2.4.aarch64",
"AppStream-9.2.0.Z.EUS:frr-debugsource-0:8.3.1-5.el9_2.4.ppc64le",
"AppStream-9.2.0.Z.EUS:frr-debugsource-0:8.3.1-5.el9_2.4.s390x",
"AppStream-9.2.0.Z.EUS:frr-debugsource-0:8.3.1-5.el9_2.4.x86_64",
"AppStream-9.2.0.Z.EUS:frr-selinux-0:8.3.1-5.el9_2.4.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-9.2.0.Z.EUS:frr-0:8.3.1-5.el9_2.4.aarch64",
"AppStream-9.2.0.Z.EUS:frr-0:8.3.1-5.el9_2.4.ppc64le",
"AppStream-9.2.0.Z.EUS:frr-0:8.3.1-5.el9_2.4.s390x",
"AppStream-9.2.0.Z.EUS:frr-0:8.3.1-5.el9_2.4.src",
"AppStream-9.2.0.Z.EUS:frr-0:8.3.1-5.el9_2.4.x86_64",
"AppStream-9.2.0.Z.EUS:frr-debuginfo-0:8.3.1-5.el9_2.4.aarch64",
"AppStream-9.2.0.Z.EUS:frr-debuginfo-0:8.3.1-5.el9_2.4.ppc64le",
"AppStream-9.2.0.Z.EUS:frr-debuginfo-0:8.3.1-5.el9_2.4.s390x",
"AppStream-9.2.0.Z.EUS:frr-debuginfo-0:8.3.1-5.el9_2.4.x86_64",
"AppStream-9.2.0.Z.EUS:frr-debugsource-0:8.3.1-5.el9_2.4.aarch64",
"AppStream-9.2.0.Z.EUS:frr-debugsource-0:8.3.1-5.el9_2.4.ppc64le",
"AppStream-9.2.0.Z.EUS:frr-debugsource-0:8.3.1-5.el9_2.4.s390x",
"AppStream-9.2.0.Z.EUS:frr-debugsource-0:8.3.1-5.el9_2.4.x86_64",
"AppStream-9.2.0.Z.EUS:frr-selinux-0:8.3.1-5.el9_2.4.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "ffr: Out of bounds read in bgpd/bgp_label.c"
},
{
"cve": "CVE-2023-47234",
"discovery_date": "2023-11-06T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2248208"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in frr. A crash can occur when processing a crafted BGP UPDATE message with a MP_UNREACH_NLRI attribute and additional NLRI data that lacks mandatory path attributes.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "frr: crash from specially crafted MP_UNREACH_NLRI-containing BGP UPDATE message",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat OpenStack Platform does not ship its own version of the frr package, instead using the version from the underlying Red Hat Enterprise Linux. RHOSP is marked as Not Affected as no changes need to be made by the OpenStack engineering team. System administrators of OpenStack deployments should apply updates once available in RHEL.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.2.0.Z.EUS:frr-0:8.3.1-5.el9_2.4.aarch64",
"AppStream-9.2.0.Z.EUS:frr-0:8.3.1-5.el9_2.4.ppc64le",
"AppStream-9.2.0.Z.EUS:frr-0:8.3.1-5.el9_2.4.s390x",
"AppStream-9.2.0.Z.EUS:frr-0:8.3.1-5.el9_2.4.src",
"AppStream-9.2.0.Z.EUS:frr-0:8.3.1-5.el9_2.4.x86_64",
"AppStream-9.2.0.Z.EUS:frr-debuginfo-0:8.3.1-5.el9_2.4.aarch64",
"AppStream-9.2.0.Z.EUS:frr-debuginfo-0:8.3.1-5.el9_2.4.ppc64le",
"AppStream-9.2.0.Z.EUS:frr-debuginfo-0:8.3.1-5.el9_2.4.s390x",
"AppStream-9.2.0.Z.EUS:frr-debuginfo-0:8.3.1-5.el9_2.4.x86_64",
"AppStream-9.2.0.Z.EUS:frr-debugsource-0:8.3.1-5.el9_2.4.aarch64",
"AppStream-9.2.0.Z.EUS:frr-debugsource-0:8.3.1-5.el9_2.4.ppc64le",
"AppStream-9.2.0.Z.EUS:frr-debugsource-0:8.3.1-5.el9_2.4.s390x",
"AppStream-9.2.0.Z.EUS:frr-debugsource-0:8.3.1-5.el9_2.4.x86_64",
"AppStream-9.2.0.Z.EUS:frr-selinux-0:8.3.1-5.el9_2.4.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-47234"
},
{
"category": "external",
"summary": "RHBZ#2248208",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2248208"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-47234",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-47234"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-47234",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-47234"
}
],
"release_date": "2023-11-03T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-03-05T08:23:20+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.2.0.Z.EUS:frr-0:8.3.1-5.el9_2.4.aarch64",
"AppStream-9.2.0.Z.EUS:frr-0:8.3.1-5.el9_2.4.ppc64le",
"AppStream-9.2.0.Z.EUS:frr-0:8.3.1-5.el9_2.4.s390x",
"AppStream-9.2.0.Z.EUS:frr-0:8.3.1-5.el9_2.4.src",
"AppStream-9.2.0.Z.EUS:frr-0:8.3.1-5.el9_2.4.x86_64",
"AppStream-9.2.0.Z.EUS:frr-debuginfo-0:8.3.1-5.el9_2.4.aarch64",
"AppStream-9.2.0.Z.EUS:frr-debuginfo-0:8.3.1-5.el9_2.4.ppc64le",
"AppStream-9.2.0.Z.EUS:frr-debuginfo-0:8.3.1-5.el9_2.4.s390x",
"AppStream-9.2.0.Z.EUS:frr-debuginfo-0:8.3.1-5.el9_2.4.x86_64",
"AppStream-9.2.0.Z.EUS:frr-debugsource-0:8.3.1-5.el9_2.4.aarch64",
"AppStream-9.2.0.Z.EUS:frr-debugsource-0:8.3.1-5.el9_2.4.ppc64le",
"AppStream-9.2.0.Z.EUS:frr-debugsource-0:8.3.1-5.el9_2.4.s390x",
"AppStream-9.2.0.Z.EUS:frr-debugsource-0:8.3.1-5.el9_2.4.x86_64",
"AppStream-9.2.0.Z.EUS:frr-selinux-0:8.3.1-5.el9_2.4.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:1093"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"AppStream-9.2.0.Z.EUS:frr-0:8.3.1-5.el9_2.4.aarch64",
"AppStream-9.2.0.Z.EUS:frr-0:8.3.1-5.el9_2.4.ppc64le",
"AppStream-9.2.0.Z.EUS:frr-0:8.3.1-5.el9_2.4.s390x",
"AppStream-9.2.0.Z.EUS:frr-0:8.3.1-5.el9_2.4.src",
"AppStream-9.2.0.Z.EUS:frr-0:8.3.1-5.el9_2.4.x86_64",
"AppStream-9.2.0.Z.EUS:frr-debuginfo-0:8.3.1-5.el9_2.4.aarch64",
"AppStream-9.2.0.Z.EUS:frr-debuginfo-0:8.3.1-5.el9_2.4.ppc64le",
"AppStream-9.2.0.Z.EUS:frr-debuginfo-0:8.3.1-5.el9_2.4.s390x",
"AppStream-9.2.0.Z.EUS:frr-debuginfo-0:8.3.1-5.el9_2.4.x86_64",
"AppStream-9.2.0.Z.EUS:frr-debugsource-0:8.3.1-5.el9_2.4.aarch64",
"AppStream-9.2.0.Z.EUS:frr-debugsource-0:8.3.1-5.el9_2.4.ppc64le",
"AppStream-9.2.0.Z.EUS:frr-debugsource-0:8.3.1-5.el9_2.4.s390x",
"AppStream-9.2.0.Z.EUS:frr-debugsource-0:8.3.1-5.el9_2.4.x86_64",
"AppStream-9.2.0.Z.EUS:frr-selinux-0:8.3.1-5.el9_2.4.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-9.2.0.Z.EUS:frr-0:8.3.1-5.el9_2.4.aarch64",
"AppStream-9.2.0.Z.EUS:frr-0:8.3.1-5.el9_2.4.ppc64le",
"AppStream-9.2.0.Z.EUS:frr-0:8.3.1-5.el9_2.4.s390x",
"AppStream-9.2.0.Z.EUS:frr-0:8.3.1-5.el9_2.4.src",
"AppStream-9.2.0.Z.EUS:frr-0:8.3.1-5.el9_2.4.x86_64",
"AppStream-9.2.0.Z.EUS:frr-debuginfo-0:8.3.1-5.el9_2.4.aarch64",
"AppStream-9.2.0.Z.EUS:frr-debuginfo-0:8.3.1-5.el9_2.4.ppc64le",
"AppStream-9.2.0.Z.EUS:frr-debuginfo-0:8.3.1-5.el9_2.4.s390x",
"AppStream-9.2.0.Z.EUS:frr-debuginfo-0:8.3.1-5.el9_2.4.x86_64",
"AppStream-9.2.0.Z.EUS:frr-debugsource-0:8.3.1-5.el9_2.4.aarch64",
"AppStream-9.2.0.Z.EUS:frr-debugsource-0:8.3.1-5.el9_2.4.ppc64le",
"AppStream-9.2.0.Z.EUS:frr-debugsource-0:8.3.1-5.el9_2.4.s390x",
"AppStream-9.2.0.Z.EUS:frr-debugsource-0:8.3.1-5.el9_2.4.x86_64",
"AppStream-9.2.0.Z.EUS:frr-selinux-0:8.3.1-5.el9_2.4.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "frr: crash from specially crafted MP_UNREACH_NLRI-containing BGP UPDATE message"
},
{
"cve": "CVE-2023-47235",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2023-11-06T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2248207"
}
],
"notes": [
{
"category": "description",
"text": "An issue was found in FRRouting FRR, where a crash may occur when processing a malformed BGP UPDATE message with an EOR.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "frr: crash from malformed EOR-containing BGP UPDATE message",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "A moderate severity issue has been identified in FRRouting FRR, where a crash may occur when processing a malformed BGP UPDATE message with an EOR. It\u0027s important to note that Red Hat OpenStack Platform (RHOSP) is not directly affected, as it utilises the version from the underlying Red Hat Enterprise Linux and is marked as Not Affected, with no changes required by the OpenStack engineering team. However, system administrators of OpenStack deployments are advised to apply updates once available in RHEL to mitigate potential risks. Additionally, this flaw is discovered through fuzzing, where, in normal cases, such packets cannot exist.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.2.0.Z.EUS:frr-0:8.3.1-5.el9_2.4.aarch64",
"AppStream-9.2.0.Z.EUS:frr-0:8.3.1-5.el9_2.4.ppc64le",
"AppStream-9.2.0.Z.EUS:frr-0:8.3.1-5.el9_2.4.s390x",
"AppStream-9.2.0.Z.EUS:frr-0:8.3.1-5.el9_2.4.src",
"AppStream-9.2.0.Z.EUS:frr-0:8.3.1-5.el9_2.4.x86_64",
"AppStream-9.2.0.Z.EUS:frr-debuginfo-0:8.3.1-5.el9_2.4.aarch64",
"AppStream-9.2.0.Z.EUS:frr-debuginfo-0:8.3.1-5.el9_2.4.ppc64le",
"AppStream-9.2.0.Z.EUS:frr-debuginfo-0:8.3.1-5.el9_2.4.s390x",
"AppStream-9.2.0.Z.EUS:frr-debuginfo-0:8.3.1-5.el9_2.4.x86_64",
"AppStream-9.2.0.Z.EUS:frr-debugsource-0:8.3.1-5.el9_2.4.aarch64",
"AppStream-9.2.0.Z.EUS:frr-debugsource-0:8.3.1-5.el9_2.4.ppc64le",
"AppStream-9.2.0.Z.EUS:frr-debugsource-0:8.3.1-5.el9_2.4.s390x",
"AppStream-9.2.0.Z.EUS:frr-debugsource-0:8.3.1-5.el9_2.4.x86_64",
"AppStream-9.2.0.Z.EUS:frr-selinux-0:8.3.1-5.el9_2.4.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-47235"
},
{
"category": "external",
"summary": "RHBZ#2248207",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2248207"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-47235",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-47235"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-47235",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-47235"
}
],
"release_date": "2023-11-03T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-03-05T08:23:20+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.2.0.Z.EUS:frr-0:8.3.1-5.el9_2.4.aarch64",
"AppStream-9.2.0.Z.EUS:frr-0:8.3.1-5.el9_2.4.ppc64le",
"AppStream-9.2.0.Z.EUS:frr-0:8.3.1-5.el9_2.4.s390x",
"AppStream-9.2.0.Z.EUS:frr-0:8.3.1-5.el9_2.4.src",
"AppStream-9.2.0.Z.EUS:frr-0:8.3.1-5.el9_2.4.x86_64",
"AppStream-9.2.0.Z.EUS:frr-debuginfo-0:8.3.1-5.el9_2.4.aarch64",
"AppStream-9.2.0.Z.EUS:frr-debuginfo-0:8.3.1-5.el9_2.4.ppc64le",
"AppStream-9.2.0.Z.EUS:frr-debuginfo-0:8.3.1-5.el9_2.4.s390x",
"AppStream-9.2.0.Z.EUS:frr-debuginfo-0:8.3.1-5.el9_2.4.x86_64",
"AppStream-9.2.0.Z.EUS:frr-debugsource-0:8.3.1-5.el9_2.4.aarch64",
"AppStream-9.2.0.Z.EUS:frr-debugsource-0:8.3.1-5.el9_2.4.ppc64le",
"AppStream-9.2.0.Z.EUS:frr-debugsource-0:8.3.1-5.el9_2.4.s390x",
"AppStream-9.2.0.Z.EUS:frr-debugsource-0:8.3.1-5.el9_2.4.x86_64",
"AppStream-9.2.0.Z.EUS:frr-selinux-0:8.3.1-5.el9_2.4.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:1093"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"AppStream-9.2.0.Z.EUS:frr-0:8.3.1-5.el9_2.4.aarch64",
"AppStream-9.2.0.Z.EUS:frr-0:8.3.1-5.el9_2.4.ppc64le",
"AppStream-9.2.0.Z.EUS:frr-0:8.3.1-5.el9_2.4.s390x",
"AppStream-9.2.0.Z.EUS:frr-0:8.3.1-5.el9_2.4.src",
"AppStream-9.2.0.Z.EUS:frr-0:8.3.1-5.el9_2.4.x86_64",
"AppStream-9.2.0.Z.EUS:frr-debuginfo-0:8.3.1-5.el9_2.4.aarch64",
"AppStream-9.2.0.Z.EUS:frr-debuginfo-0:8.3.1-5.el9_2.4.ppc64le",
"AppStream-9.2.0.Z.EUS:frr-debuginfo-0:8.3.1-5.el9_2.4.s390x",
"AppStream-9.2.0.Z.EUS:frr-debuginfo-0:8.3.1-5.el9_2.4.x86_64",
"AppStream-9.2.0.Z.EUS:frr-debugsource-0:8.3.1-5.el9_2.4.aarch64",
"AppStream-9.2.0.Z.EUS:frr-debugsource-0:8.3.1-5.el9_2.4.ppc64le",
"AppStream-9.2.0.Z.EUS:frr-debugsource-0:8.3.1-5.el9_2.4.s390x",
"AppStream-9.2.0.Z.EUS:frr-debugsource-0:8.3.1-5.el9_2.4.x86_64",
"AppStream-9.2.0.Z.EUS:frr-selinux-0:8.3.1-5.el9_2.4.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-9.2.0.Z.EUS:frr-0:8.3.1-5.el9_2.4.aarch64",
"AppStream-9.2.0.Z.EUS:frr-0:8.3.1-5.el9_2.4.ppc64le",
"AppStream-9.2.0.Z.EUS:frr-0:8.3.1-5.el9_2.4.s390x",
"AppStream-9.2.0.Z.EUS:frr-0:8.3.1-5.el9_2.4.src",
"AppStream-9.2.0.Z.EUS:frr-0:8.3.1-5.el9_2.4.x86_64",
"AppStream-9.2.0.Z.EUS:frr-debuginfo-0:8.3.1-5.el9_2.4.aarch64",
"AppStream-9.2.0.Z.EUS:frr-debuginfo-0:8.3.1-5.el9_2.4.ppc64le",
"AppStream-9.2.0.Z.EUS:frr-debuginfo-0:8.3.1-5.el9_2.4.s390x",
"AppStream-9.2.0.Z.EUS:frr-debuginfo-0:8.3.1-5.el9_2.4.x86_64",
"AppStream-9.2.0.Z.EUS:frr-debugsource-0:8.3.1-5.el9_2.4.aarch64",
"AppStream-9.2.0.Z.EUS:frr-debugsource-0:8.3.1-5.el9_2.4.ppc64le",
"AppStream-9.2.0.Z.EUS:frr-debugsource-0:8.3.1-5.el9_2.4.s390x",
"AppStream-9.2.0.Z.EUS:frr-debugsource-0:8.3.1-5.el9_2.4.x86_64",
"AppStream-9.2.0.Z.EUS:frr-selinux-0:8.3.1-5.el9_2.4.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "frr: crash from malformed EOR-containing BGP UPDATE message"
}
]
}
RHSA-2024_1113
Vulnerability from csaf_redhat - Published: 2024-03-05 15:10 - Updated: 2024-11-23 02:12Summary
Red Hat Security Advisory: frr security update
Severity
Moderate
Notes
Topic: An update for frr is now available for Red Hat Enterprise Linux 8.6 Extended Update Support.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details: FRRouting is free software that manages TCP/IP based routing protocols. It supports BGP4, OSPFv2, OSPFv3, ISIS, RIP, RIPng, PIM, NHRP, PBR, EIGRP and BFD.
Security Fix(es):
* ffr: Flowspec overflow in bgpd/bgp_flowspec.c (CVE-2023-38406)
* ffr: Out of bounds read in bgpd/bgp_label.c (CVE-2023-38407)
* frr: crash from specially crafted MP_UNREACH_NLRI-containing BGP UPDATE message (CVE-2023-47234)
* frr: crash from malformed EOR-containing BGP UPDATE message (CVE-2023-47235)
Bug Fix(es):
* Zebra not fetching host routes (RHEL-24695)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A flaw was found in bgpd/bgp_flowspec.c in the FFrouting BGP protocol code. An overflow may occur while processing zero length NLRI messages.
7.5 (High)
Affected products
Fixed
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-8.6.0.Z.EUS:frr-0:7.5-11.el8_6.7.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.Z.EUS:frr-0:7.5-11.el8_6.7.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.Z.EUS:frr-0:7.5-11.el8_6.7.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.Z.EUS:frr-0:7.5-11.el8_6.7.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.Z.EUS:frr-0:7.5-11.el8_6.7.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.Z.EUS:frr-debuginfo-0:7.5-11.el8_6.7.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.Z.EUS:frr-debuginfo-0:7.5-11.el8_6.7.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.Z.EUS:frr-debuginfo-0:7.5-11.el8_6.7.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.Z.EUS:frr-debuginfo-0:7.5-11.el8_6.7.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.Z.EUS:frr-debugsource-0:7.5-11.el8_6.7.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.Z.EUS:frr-debugsource-0:7.5-11.el8_6.7.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.Z.EUS:frr-debugsource-0:7.5-11.el8_6.7.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.Z.EUS:frr-debugsource-0:7.5-11.el8_6.7.x86_64 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
An out-of-bounds read flaw was found in FFrounting beyond the end of the stream during labeled unicast parsing. This issue may lead to application crash and denial of service.
7.5 (High)
Affected products
Fixed
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-8.6.0.Z.EUS:frr-0:7.5-11.el8_6.7.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.Z.EUS:frr-0:7.5-11.el8_6.7.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.Z.EUS:frr-0:7.5-11.el8_6.7.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.Z.EUS:frr-0:7.5-11.el8_6.7.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.Z.EUS:frr-0:7.5-11.el8_6.7.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.Z.EUS:frr-debuginfo-0:7.5-11.el8_6.7.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.Z.EUS:frr-debuginfo-0:7.5-11.el8_6.7.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.Z.EUS:frr-debuginfo-0:7.5-11.el8_6.7.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.Z.EUS:frr-debuginfo-0:7.5-11.el8_6.7.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.Z.EUS:frr-debugsource-0:7.5-11.el8_6.7.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.Z.EUS:frr-debugsource-0:7.5-11.el8_6.7.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.Z.EUS:frr-debugsource-0:7.5-11.el8_6.7.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.Z.EUS:frr-debugsource-0:7.5-11.el8_6.7.x86_64 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
A flaw was found in frr. A crash can occur when processing a crafted BGP UPDATE message with a MP_UNREACH_NLRI attribute and additional NLRI data that lacks mandatory path attributes.
7.5 (High)
Affected products
Fixed
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-8.6.0.Z.EUS:frr-0:7.5-11.el8_6.7.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.Z.EUS:frr-0:7.5-11.el8_6.7.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.Z.EUS:frr-0:7.5-11.el8_6.7.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.Z.EUS:frr-0:7.5-11.el8_6.7.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.Z.EUS:frr-0:7.5-11.el8_6.7.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.Z.EUS:frr-debuginfo-0:7.5-11.el8_6.7.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.Z.EUS:frr-debuginfo-0:7.5-11.el8_6.7.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.Z.EUS:frr-debuginfo-0:7.5-11.el8_6.7.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.Z.EUS:frr-debuginfo-0:7.5-11.el8_6.7.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.Z.EUS:frr-debugsource-0:7.5-11.el8_6.7.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.Z.EUS:frr-debugsource-0:7.5-11.el8_6.7.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.Z.EUS:frr-debugsource-0:7.5-11.el8_6.7.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.Z.EUS:frr-debugsource-0:7.5-11.el8_6.7.x86_64 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
An issue was found in FRRouting FRR, where a crash may occur when processing a malformed BGP UPDATE message with an EOR.
7.5 (High)
Affected products
Fixed
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-8.6.0.Z.EUS:frr-0:7.5-11.el8_6.7.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.Z.EUS:frr-0:7.5-11.el8_6.7.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.Z.EUS:frr-0:7.5-11.el8_6.7.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.Z.EUS:frr-0:7.5-11.el8_6.7.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.Z.EUS:frr-0:7.5-11.el8_6.7.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.Z.EUS:frr-debuginfo-0:7.5-11.el8_6.7.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.Z.EUS:frr-debuginfo-0:7.5-11.el8_6.7.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.Z.EUS:frr-debuginfo-0:7.5-11.el8_6.7.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.Z.EUS:frr-debuginfo-0:7.5-11.el8_6.7.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.Z.EUS:frr-debugsource-0:7.5-11.el8_6.7.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.Z.EUS:frr-debugsource-0:7.5-11.el8_6.7.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.Z.EUS:frr-debugsource-0:7.5-11.el8_6.7.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.6.0.Z.EUS:frr-debugsource-0:7.5-11.el8_6.7.x86_64 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
References
26 references
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for frr is now available for Red Hat Enterprise Linux 8.6 Extended Update Support.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "FRRouting is free software that manages TCP/IP based routing protocols. It supports BGP4, OSPFv2, OSPFv3, ISIS, RIP, RIPng, PIM, NHRP, PBR, EIGRP and BFD. \n\nSecurity Fix(es):\n\n* ffr: Flowspec overflow in bgpd/bgp_flowspec.c (CVE-2023-38406)\n\n* ffr: Out of bounds read in bgpd/bgp_label.c (CVE-2023-38407)\n\n* frr: crash from specially crafted MP_UNREACH_NLRI-containing BGP UPDATE message (CVE-2023-47234)\n\n* frr: crash from malformed EOR-containing BGP UPDATE message (CVE-2023-47235)\n\nBug Fix(es):\n\n* Zebra not fetching host routes (RHEL-24695)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2024:1113",
"url": "https://access.redhat.com/errata/RHSA-2024:1113"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "2248207",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2248207"
},
{
"category": "external",
"summary": "2248208",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2248208"
},
{
"category": "external",
"summary": "2248526",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2248526"
},
{
"category": "external",
"summary": "2248528",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2248528"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_1113.json"
}
],
"title": "Red Hat Security Advisory: frr security update",
"tracking": {
"current_release_date": "2024-11-23T02:12:21+00:00",
"generator": {
"date": "2024-11-23T02:12:21+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.1"
}
},
"id": "RHSA-2024:1113",
"initial_release_date": "2024-03-05T15:10:22+00:00",
"revision_history": [
{
"date": "2024-03-05T15:10:22+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2024-03-05T15:10:22+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-11-23T02:12:21+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux AppStream EUS (v.8.6)",
"product": {
"name": "Red Hat Enterprise Linux AppStream EUS (v.8.6)",
"product_id": "AppStream-8.6.0.Z.EUS",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_eus:8.6::appstream"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "frr-0:7.5-11.el8_6.7.src",
"product": {
"name": "frr-0:7.5-11.el8_6.7.src",
"product_id": "frr-0:7.5-11.el8_6.7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/frr@7.5-11.el8_6.7?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "frr-0:7.5-11.el8_6.7.aarch64",
"product": {
"name": "frr-0:7.5-11.el8_6.7.aarch64",
"product_id": "frr-0:7.5-11.el8_6.7.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/frr@7.5-11.el8_6.7?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "frr-debugsource-0:7.5-11.el8_6.7.aarch64",
"product": {
"name": "frr-debugsource-0:7.5-11.el8_6.7.aarch64",
"product_id": "frr-debugsource-0:7.5-11.el8_6.7.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/frr-debugsource@7.5-11.el8_6.7?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "frr-debuginfo-0:7.5-11.el8_6.7.aarch64",
"product": {
"name": "frr-debuginfo-0:7.5-11.el8_6.7.aarch64",
"product_id": "frr-debuginfo-0:7.5-11.el8_6.7.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/frr-debuginfo@7.5-11.el8_6.7?arch=aarch64"
}
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "frr-0:7.5-11.el8_6.7.ppc64le",
"product": {
"name": "frr-0:7.5-11.el8_6.7.ppc64le",
"product_id": "frr-0:7.5-11.el8_6.7.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/frr@7.5-11.el8_6.7?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "frr-debugsource-0:7.5-11.el8_6.7.ppc64le",
"product": {
"name": "frr-debugsource-0:7.5-11.el8_6.7.ppc64le",
"product_id": "frr-debugsource-0:7.5-11.el8_6.7.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/frr-debugsource@7.5-11.el8_6.7?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "frr-debuginfo-0:7.5-11.el8_6.7.ppc64le",
"product": {
"name": "frr-debuginfo-0:7.5-11.el8_6.7.ppc64le",
"product_id": "frr-debuginfo-0:7.5-11.el8_6.7.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/frr-debuginfo@7.5-11.el8_6.7?arch=ppc64le"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "frr-0:7.5-11.el8_6.7.x86_64",
"product": {
"name": "frr-0:7.5-11.el8_6.7.x86_64",
"product_id": "frr-0:7.5-11.el8_6.7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/frr@7.5-11.el8_6.7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "frr-debugsource-0:7.5-11.el8_6.7.x86_64",
"product": {
"name": "frr-debugsource-0:7.5-11.el8_6.7.x86_64",
"product_id": "frr-debugsource-0:7.5-11.el8_6.7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/frr-debugsource@7.5-11.el8_6.7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "frr-debuginfo-0:7.5-11.el8_6.7.x86_64",
"product": {
"name": "frr-debuginfo-0:7.5-11.el8_6.7.x86_64",
"product_id": "frr-debuginfo-0:7.5-11.el8_6.7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/frr-debuginfo@7.5-11.el8_6.7?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "frr-0:7.5-11.el8_6.7.s390x",
"product": {
"name": "frr-0:7.5-11.el8_6.7.s390x",
"product_id": "frr-0:7.5-11.el8_6.7.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/frr@7.5-11.el8_6.7?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "frr-debugsource-0:7.5-11.el8_6.7.s390x",
"product": {
"name": "frr-debugsource-0:7.5-11.el8_6.7.s390x",
"product_id": "frr-debugsource-0:7.5-11.el8_6.7.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/frr-debugsource@7.5-11.el8_6.7?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "frr-debuginfo-0:7.5-11.el8_6.7.s390x",
"product": {
"name": "frr-debuginfo-0:7.5-11.el8_6.7.s390x",
"product_id": "frr-debuginfo-0:7.5-11.el8_6.7.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/frr-debuginfo@7.5-11.el8_6.7?arch=s390x"
}
}
}
],
"category": "architecture",
"name": "s390x"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "frr-0:7.5-11.el8_6.7.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.6)",
"product_id": "AppStream-8.6.0.Z.EUS:frr-0:7.5-11.el8_6.7.aarch64"
},
"product_reference": "frr-0:7.5-11.el8_6.7.aarch64",
"relates_to_product_reference": "AppStream-8.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "frr-0:7.5-11.el8_6.7.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.8.6)",
"product_id": "AppStream-8.6.0.Z.EUS:frr-0:7.5-11.el8_6.7.ppc64le"
},
"product_reference": "frr-0:7.5-11.el8_6.7.ppc64le",
"relates_to_product_reference": "AppStream-8.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "frr-0:7.5-11.el8_6.7.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.8.6)",
"product_id": "AppStream-8.6.0.Z.EUS:frr-0:7.5-11.el8_6.7.s390x"
},
"product_reference": "frr-0:7.5-11.el8_6.7.s390x",
"relates_to_product_reference": "AppStream-8.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "frr-0:7.5-11.el8_6.7.src as a component of Red Hat Enterprise Linux AppStream EUS (v.8.6)",
"product_id": "AppStream-8.6.0.Z.EUS:frr-0:7.5-11.el8_6.7.src"
},
"product_reference": "frr-0:7.5-11.el8_6.7.src",
"relates_to_product_reference": "AppStream-8.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "frr-0:7.5-11.el8_6.7.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.6)",
"product_id": "AppStream-8.6.0.Z.EUS:frr-0:7.5-11.el8_6.7.x86_64"
},
"product_reference": "frr-0:7.5-11.el8_6.7.x86_64",
"relates_to_product_reference": "AppStream-8.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "frr-debuginfo-0:7.5-11.el8_6.7.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.6)",
"product_id": "AppStream-8.6.0.Z.EUS:frr-debuginfo-0:7.5-11.el8_6.7.aarch64"
},
"product_reference": "frr-debuginfo-0:7.5-11.el8_6.7.aarch64",
"relates_to_product_reference": "AppStream-8.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "frr-debuginfo-0:7.5-11.el8_6.7.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.8.6)",
"product_id": "AppStream-8.6.0.Z.EUS:frr-debuginfo-0:7.5-11.el8_6.7.ppc64le"
},
"product_reference": "frr-debuginfo-0:7.5-11.el8_6.7.ppc64le",
"relates_to_product_reference": "AppStream-8.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "frr-debuginfo-0:7.5-11.el8_6.7.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.8.6)",
"product_id": "AppStream-8.6.0.Z.EUS:frr-debuginfo-0:7.5-11.el8_6.7.s390x"
},
"product_reference": "frr-debuginfo-0:7.5-11.el8_6.7.s390x",
"relates_to_product_reference": "AppStream-8.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "frr-debuginfo-0:7.5-11.el8_6.7.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.6)",
"product_id": "AppStream-8.6.0.Z.EUS:frr-debuginfo-0:7.5-11.el8_6.7.x86_64"
},
"product_reference": "frr-debuginfo-0:7.5-11.el8_6.7.x86_64",
"relates_to_product_reference": "AppStream-8.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "frr-debugsource-0:7.5-11.el8_6.7.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.6)",
"product_id": "AppStream-8.6.0.Z.EUS:frr-debugsource-0:7.5-11.el8_6.7.aarch64"
},
"product_reference": "frr-debugsource-0:7.5-11.el8_6.7.aarch64",
"relates_to_product_reference": "AppStream-8.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "frr-debugsource-0:7.5-11.el8_6.7.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.8.6)",
"product_id": "AppStream-8.6.0.Z.EUS:frr-debugsource-0:7.5-11.el8_6.7.ppc64le"
},
"product_reference": "frr-debugsource-0:7.5-11.el8_6.7.ppc64le",
"relates_to_product_reference": "AppStream-8.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "frr-debugsource-0:7.5-11.el8_6.7.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.8.6)",
"product_id": "AppStream-8.6.0.Z.EUS:frr-debugsource-0:7.5-11.el8_6.7.s390x"
},
"product_reference": "frr-debugsource-0:7.5-11.el8_6.7.s390x",
"relates_to_product_reference": "AppStream-8.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "frr-debugsource-0:7.5-11.el8_6.7.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.6)",
"product_id": "AppStream-8.6.0.Z.EUS:frr-debugsource-0:7.5-11.el8_6.7.x86_64"
},
"product_reference": "frr-debugsource-0:7.5-11.el8_6.7.x86_64",
"relates_to_product_reference": "AppStream-8.6.0.Z.EUS"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-38406",
"cwe": {
"id": "CWE-119",
"name": "Improper Restriction of Operations within the Bounds of a Memory Buffer"
},
"discovery_date": "2023-11-06T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2248526"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in bgpd/bgp_flowspec.c in the FFrouting BGP protocol code. An overflow may occur while processing zero length NLRI messages.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "ffr: Flowspec overflow in bgpd/bgp_flowspec.c",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat OpenStack Platform does not ship its own version of the frr package, instead using the version from the underlying Red Hat Enterprise Linux. RHOSP is marked as Not Affected as no changes need to be made by the OpenStack engineering team. System administrators of OpenStack deployments should apply updates once available in RHEL.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.6.0.Z.EUS:frr-0:7.5-11.el8_6.7.aarch64",
"AppStream-8.6.0.Z.EUS:frr-0:7.5-11.el8_6.7.ppc64le",
"AppStream-8.6.0.Z.EUS:frr-0:7.5-11.el8_6.7.s390x",
"AppStream-8.6.0.Z.EUS:frr-0:7.5-11.el8_6.7.src",
"AppStream-8.6.0.Z.EUS:frr-0:7.5-11.el8_6.7.x86_64",
"AppStream-8.6.0.Z.EUS:frr-debuginfo-0:7.5-11.el8_6.7.aarch64",
"AppStream-8.6.0.Z.EUS:frr-debuginfo-0:7.5-11.el8_6.7.ppc64le",
"AppStream-8.6.0.Z.EUS:frr-debuginfo-0:7.5-11.el8_6.7.s390x",
"AppStream-8.6.0.Z.EUS:frr-debuginfo-0:7.5-11.el8_6.7.x86_64",
"AppStream-8.6.0.Z.EUS:frr-debugsource-0:7.5-11.el8_6.7.aarch64",
"AppStream-8.6.0.Z.EUS:frr-debugsource-0:7.5-11.el8_6.7.ppc64le",
"AppStream-8.6.0.Z.EUS:frr-debugsource-0:7.5-11.el8_6.7.s390x",
"AppStream-8.6.0.Z.EUS:frr-debugsource-0:7.5-11.el8_6.7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-38406"
},
{
"category": "external",
"summary": "RHBZ#2248526",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2248526"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-38406",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38406"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-38406",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-38406"
},
{
"category": "external",
"summary": "https://github.com/FRRouting/frr/pull/12884",
"url": "https://github.com/FRRouting/frr/pull/12884"
}
],
"release_date": "2023-02-24T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-03-05T15:10:22+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.6.0.Z.EUS:frr-0:7.5-11.el8_6.7.aarch64",
"AppStream-8.6.0.Z.EUS:frr-0:7.5-11.el8_6.7.ppc64le",
"AppStream-8.6.0.Z.EUS:frr-0:7.5-11.el8_6.7.s390x",
"AppStream-8.6.0.Z.EUS:frr-0:7.5-11.el8_6.7.src",
"AppStream-8.6.0.Z.EUS:frr-0:7.5-11.el8_6.7.x86_64",
"AppStream-8.6.0.Z.EUS:frr-debuginfo-0:7.5-11.el8_6.7.aarch64",
"AppStream-8.6.0.Z.EUS:frr-debuginfo-0:7.5-11.el8_6.7.ppc64le",
"AppStream-8.6.0.Z.EUS:frr-debuginfo-0:7.5-11.el8_6.7.s390x",
"AppStream-8.6.0.Z.EUS:frr-debuginfo-0:7.5-11.el8_6.7.x86_64",
"AppStream-8.6.0.Z.EUS:frr-debugsource-0:7.5-11.el8_6.7.aarch64",
"AppStream-8.6.0.Z.EUS:frr-debugsource-0:7.5-11.el8_6.7.ppc64le",
"AppStream-8.6.0.Z.EUS:frr-debugsource-0:7.5-11.el8_6.7.s390x",
"AppStream-8.6.0.Z.EUS:frr-debugsource-0:7.5-11.el8_6.7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:1113"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"AppStream-8.6.0.Z.EUS:frr-0:7.5-11.el8_6.7.aarch64",
"AppStream-8.6.0.Z.EUS:frr-0:7.5-11.el8_6.7.ppc64le",
"AppStream-8.6.0.Z.EUS:frr-0:7.5-11.el8_6.7.s390x",
"AppStream-8.6.0.Z.EUS:frr-0:7.5-11.el8_6.7.src",
"AppStream-8.6.0.Z.EUS:frr-0:7.5-11.el8_6.7.x86_64",
"AppStream-8.6.0.Z.EUS:frr-debuginfo-0:7.5-11.el8_6.7.aarch64",
"AppStream-8.6.0.Z.EUS:frr-debuginfo-0:7.5-11.el8_6.7.ppc64le",
"AppStream-8.6.0.Z.EUS:frr-debuginfo-0:7.5-11.el8_6.7.s390x",
"AppStream-8.6.0.Z.EUS:frr-debuginfo-0:7.5-11.el8_6.7.x86_64",
"AppStream-8.6.0.Z.EUS:frr-debugsource-0:7.5-11.el8_6.7.aarch64",
"AppStream-8.6.0.Z.EUS:frr-debugsource-0:7.5-11.el8_6.7.ppc64le",
"AppStream-8.6.0.Z.EUS:frr-debugsource-0:7.5-11.el8_6.7.s390x",
"AppStream-8.6.0.Z.EUS:frr-debugsource-0:7.5-11.el8_6.7.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-8.6.0.Z.EUS:frr-0:7.5-11.el8_6.7.aarch64",
"AppStream-8.6.0.Z.EUS:frr-0:7.5-11.el8_6.7.ppc64le",
"AppStream-8.6.0.Z.EUS:frr-0:7.5-11.el8_6.7.s390x",
"AppStream-8.6.0.Z.EUS:frr-0:7.5-11.el8_6.7.src",
"AppStream-8.6.0.Z.EUS:frr-0:7.5-11.el8_6.7.x86_64",
"AppStream-8.6.0.Z.EUS:frr-debuginfo-0:7.5-11.el8_6.7.aarch64",
"AppStream-8.6.0.Z.EUS:frr-debuginfo-0:7.5-11.el8_6.7.ppc64le",
"AppStream-8.6.0.Z.EUS:frr-debuginfo-0:7.5-11.el8_6.7.s390x",
"AppStream-8.6.0.Z.EUS:frr-debuginfo-0:7.5-11.el8_6.7.x86_64",
"AppStream-8.6.0.Z.EUS:frr-debugsource-0:7.5-11.el8_6.7.aarch64",
"AppStream-8.6.0.Z.EUS:frr-debugsource-0:7.5-11.el8_6.7.ppc64le",
"AppStream-8.6.0.Z.EUS:frr-debugsource-0:7.5-11.el8_6.7.s390x",
"AppStream-8.6.0.Z.EUS:frr-debugsource-0:7.5-11.el8_6.7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "ffr: Flowspec overflow in bgpd/bgp_flowspec.c"
},
{
"cve": "CVE-2023-38407",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"discovery_date": "2023-11-06T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2248528"
}
],
"notes": [
{
"category": "description",
"text": "An out-of-bounds read flaw was found in FFrounting beyond the end of the stream during labeled unicast parsing. This issue may lead to application crash and denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "ffr: Out of bounds read in bgpd/bgp_label.c",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat OpenStack Platform does not ship its own version of the frr package, instead using the version from the underlying Red Hat Enterprise Linux. RHOSP is marked as Not Affected as no changes need to be made by the OpenStack engineering team. System administrators of OpenStack deployments should apply updates once available in RHEL.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.6.0.Z.EUS:frr-0:7.5-11.el8_6.7.aarch64",
"AppStream-8.6.0.Z.EUS:frr-0:7.5-11.el8_6.7.ppc64le",
"AppStream-8.6.0.Z.EUS:frr-0:7.5-11.el8_6.7.s390x",
"AppStream-8.6.0.Z.EUS:frr-0:7.5-11.el8_6.7.src",
"AppStream-8.6.0.Z.EUS:frr-0:7.5-11.el8_6.7.x86_64",
"AppStream-8.6.0.Z.EUS:frr-debuginfo-0:7.5-11.el8_6.7.aarch64",
"AppStream-8.6.0.Z.EUS:frr-debuginfo-0:7.5-11.el8_6.7.ppc64le",
"AppStream-8.6.0.Z.EUS:frr-debuginfo-0:7.5-11.el8_6.7.s390x",
"AppStream-8.6.0.Z.EUS:frr-debuginfo-0:7.5-11.el8_6.7.x86_64",
"AppStream-8.6.0.Z.EUS:frr-debugsource-0:7.5-11.el8_6.7.aarch64",
"AppStream-8.6.0.Z.EUS:frr-debugsource-0:7.5-11.el8_6.7.ppc64le",
"AppStream-8.6.0.Z.EUS:frr-debugsource-0:7.5-11.el8_6.7.s390x",
"AppStream-8.6.0.Z.EUS:frr-debugsource-0:7.5-11.el8_6.7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-38407"
},
{
"category": "external",
"summary": "RHBZ#2248528",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2248528"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-38407",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38407"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-38407",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-38407"
},
{
"category": "external",
"summary": "https://github.com/FRRouting/frr/pull/12951",
"url": "https://github.com/FRRouting/frr/pull/12951"
},
{
"category": "external",
"summary": "https://github.com/FRRouting/frr/pull/12956",
"url": "https://github.com/FRRouting/frr/pull/12956"
}
],
"release_date": "2023-03-05T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-03-05T15:10:22+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.6.0.Z.EUS:frr-0:7.5-11.el8_6.7.aarch64",
"AppStream-8.6.0.Z.EUS:frr-0:7.5-11.el8_6.7.ppc64le",
"AppStream-8.6.0.Z.EUS:frr-0:7.5-11.el8_6.7.s390x",
"AppStream-8.6.0.Z.EUS:frr-0:7.5-11.el8_6.7.src",
"AppStream-8.6.0.Z.EUS:frr-0:7.5-11.el8_6.7.x86_64",
"AppStream-8.6.0.Z.EUS:frr-debuginfo-0:7.5-11.el8_6.7.aarch64",
"AppStream-8.6.0.Z.EUS:frr-debuginfo-0:7.5-11.el8_6.7.ppc64le",
"AppStream-8.6.0.Z.EUS:frr-debuginfo-0:7.5-11.el8_6.7.s390x",
"AppStream-8.6.0.Z.EUS:frr-debuginfo-0:7.5-11.el8_6.7.x86_64",
"AppStream-8.6.0.Z.EUS:frr-debugsource-0:7.5-11.el8_6.7.aarch64",
"AppStream-8.6.0.Z.EUS:frr-debugsource-0:7.5-11.el8_6.7.ppc64le",
"AppStream-8.6.0.Z.EUS:frr-debugsource-0:7.5-11.el8_6.7.s390x",
"AppStream-8.6.0.Z.EUS:frr-debugsource-0:7.5-11.el8_6.7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:1113"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"AppStream-8.6.0.Z.EUS:frr-0:7.5-11.el8_6.7.aarch64",
"AppStream-8.6.0.Z.EUS:frr-0:7.5-11.el8_6.7.ppc64le",
"AppStream-8.6.0.Z.EUS:frr-0:7.5-11.el8_6.7.s390x",
"AppStream-8.6.0.Z.EUS:frr-0:7.5-11.el8_6.7.src",
"AppStream-8.6.0.Z.EUS:frr-0:7.5-11.el8_6.7.x86_64",
"AppStream-8.6.0.Z.EUS:frr-debuginfo-0:7.5-11.el8_6.7.aarch64",
"AppStream-8.6.0.Z.EUS:frr-debuginfo-0:7.5-11.el8_6.7.ppc64le",
"AppStream-8.6.0.Z.EUS:frr-debuginfo-0:7.5-11.el8_6.7.s390x",
"AppStream-8.6.0.Z.EUS:frr-debuginfo-0:7.5-11.el8_6.7.x86_64",
"AppStream-8.6.0.Z.EUS:frr-debugsource-0:7.5-11.el8_6.7.aarch64",
"AppStream-8.6.0.Z.EUS:frr-debugsource-0:7.5-11.el8_6.7.ppc64le",
"AppStream-8.6.0.Z.EUS:frr-debugsource-0:7.5-11.el8_6.7.s390x",
"AppStream-8.6.0.Z.EUS:frr-debugsource-0:7.5-11.el8_6.7.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-8.6.0.Z.EUS:frr-0:7.5-11.el8_6.7.aarch64",
"AppStream-8.6.0.Z.EUS:frr-0:7.5-11.el8_6.7.ppc64le",
"AppStream-8.6.0.Z.EUS:frr-0:7.5-11.el8_6.7.s390x",
"AppStream-8.6.0.Z.EUS:frr-0:7.5-11.el8_6.7.src",
"AppStream-8.6.0.Z.EUS:frr-0:7.5-11.el8_6.7.x86_64",
"AppStream-8.6.0.Z.EUS:frr-debuginfo-0:7.5-11.el8_6.7.aarch64",
"AppStream-8.6.0.Z.EUS:frr-debuginfo-0:7.5-11.el8_6.7.ppc64le",
"AppStream-8.6.0.Z.EUS:frr-debuginfo-0:7.5-11.el8_6.7.s390x",
"AppStream-8.6.0.Z.EUS:frr-debuginfo-0:7.5-11.el8_6.7.x86_64",
"AppStream-8.6.0.Z.EUS:frr-debugsource-0:7.5-11.el8_6.7.aarch64",
"AppStream-8.6.0.Z.EUS:frr-debugsource-0:7.5-11.el8_6.7.ppc64le",
"AppStream-8.6.0.Z.EUS:frr-debugsource-0:7.5-11.el8_6.7.s390x",
"AppStream-8.6.0.Z.EUS:frr-debugsource-0:7.5-11.el8_6.7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "ffr: Out of bounds read in bgpd/bgp_label.c"
},
{
"cve": "CVE-2023-47234",
"discovery_date": "2023-11-06T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2248208"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in frr. A crash can occur when processing a crafted BGP UPDATE message with a MP_UNREACH_NLRI attribute and additional NLRI data that lacks mandatory path attributes.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "frr: crash from specially crafted MP_UNREACH_NLRI-containing BGP UPDATE message",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat OpenStack Platform does not ship its own version of the frr package, instead using the version from the underlying Red Hat Enterprise Linux. RHOSP is marked as Not Affected as no changes need to be made by the OpenStack engineering team. System administrators of OpenStack deployments should apply updates once available in RHEL.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.6.0.Z.EUS:frr-0:7.5-11.el8_6.7.aarch64",
"AppStream-8.6.0.Z.EUS:frr-0:7.5-11.el8_6.7.ppc64le",
"AppStream-8.6.0.Z.EUS:frr-0:7.5-11.el8_6.7.s390x",
"AppStream-8.6.0.Z.EUS:frr-0:7.5-11.el8_6.7.src",
"AppStream-8.6.0.Z.EUS:frr-0:7.5-11.el8_6.7.x86_64",
"AppStream-8.6.0.Z.EUS:frr-debuginfo-0:7.5-11.el8_6.7.aarch64",
"AppStream-8.6.0.Z.EUS:frr-debuginfo-0:7.5-11.el8_6.7.ppc64le",
"AppStream-8.6.0.Z.EUS:frr-debuginfo-0:7.5-11.el8_6.7.s390x",
"AppStream-8.6.0.Z.EUS:frr-debuginfo-0:7.5-11.el8_6.7.x86_64",
"AppStream-8.6.0.Z.EUS:frr-debugsource-0:7.5-11.el8_6.7.aarch64",
"AppStream-8.6.0.Z.EUS:frr-debugsource-0:7.5-11.el8_6.7.ppc64le",
"AppStream-8.6.0.Z.EUS:frr-debugsource-0:7.5-11.el8_6.7.s390x",
"AppStream-8.6.0.Z.EUS:frr-debugsource-0:7.5-11.el8_6.7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-47234"
},
{
"category": "external",
"summary": "RHBZ#2248208",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2248208"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-47234",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-47234"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-47234",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-47234"
}
],
"release_date": "2023-11-03T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-03-05T15:10:22+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.6.0.Z.EUS:frr-0:7.5-11.el8_6.7.aarch64",
"AppStream-8.6.0.Z.EUS:frr-0:7.5-11.el8_6.7.ppc64le",
"AppStream-8.6.0.Z.EUS:frr-0:7.5-11.el8_6.7.s390x",
"AppStream-8.6.0.Z.EUS:frr-0:7.5-11.el8_6.7.src",
"AppStream-8.6.0.Z.EUS:frr-0:7.5-11.el8_6.7.x86_64",
"AppStream-8.6.0.Z.EUS:frr-debuginfo-0:7.5-11.el8_6.7.aarch64",
"AppStream-8.6.0.Z.EUS:frr-debuginfo-0:7.5-11.el8_6.7.ppc64le",
"AppStream-8.6.0.Z.EUS:frr-debuginfo-0:7.5-11.el8_6.7.s390x",
"AppStream-8.6.0.Z.EUS:frr-debuginfo-0:7.5-11.el8_6.7.x86_64",
"AppStream-8.6.0.Z.EUS:frr-debugsource-0:7.5-11.el8_6.7.aarch64",
"AppStream-8.6.0.Z.EUS:frr-debugsource-0:7.5-11.el8_6.7.ppc64le",
"AppStream-8.6.0.Z.EUS:frr-debugsource-0:7.5-11.el8_6.7.s390x",
"AppStream-8.6.0.Z.EUS:frr-debugsource-0:7.5-11.el8_6.7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:1113"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"AppStream-8.6.0.Z.EUS:frr-0:7.5-11.el8_6.7.aarch64",
"AppStream-8.6.0.Z.EUS:frr-0:7.5-11.el8_6.7.ppc64le",
"AppStream-8.6.0.Z.EUS:frr-0:7.5-11.el8_6.7.s390x",
"AppStream-8.6.0.Z.EUS:frr-0:7.5-11.el8_6.7.src",
"AppStream-8.6.0.Z.EUS:frr-0:7.5-11.el8_6.7.x86_64",
"AppStream-8.6.0.Z.EUS:frr-debuginfo-0:7.5-11.el8_6.7.aarch64",
"AppStream-8.6.0.Z.EUS:frr-debuginfo-0:7.5-11.el8_6.7.ppc64le",
"AppStream-8.6.0.Z.EUS:frr-debuginfo-0:7.5-11.el8_6.7.s390x",
"AppStream-8.6.0.Z.EUS:frr-debuginfo-0:7.5-11.el8_6.7.x86_64",
"AppStream-8.6.0.Z.EUS:frr-debugsource-0:7.5-11.el8_6.7.aarch64",
"AppStream-8.6.0.Z.EUS:frr-debugsource-0:7.5-11.el8_6.7.ppc64le",
"AppStream-8.6.0.Z.EUS:frr-debugsource-0:7.5-11.el8_6.7.s390x",
"AppStream-8.6.0.Z.EUS:frr-debugsource-0:7.5-11.el8_6.7.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-8.6.0.Z.EUS:frr-0:7.5-11.el8_6.7.aarch64",
"AppStream-8.6.0.Z.EUS:frr-0:7.5-11.el8_6.7.ppc64le",
"AppStream-8.6.0.Z.EUS:frr-0:7.5-11.el8_6.7.s390x",
"AppStream-8.6.0.Z.EUS:frr-0:7.5-11.el8_6.7.src",
"AppStream-8.6.0.Z.EUS:frr-0:7.5-11.el8_6.7.x86_64",
"AppStream-8.6.0.Z.EUS:frr-debuginfo-0:7.5-11.el8_6.7.aarch64",
"AppStream-8.6.0.Z.EUS:frr-debuginfo-0:7.5-11.el8_6.7.ppc64le",
"AppStream-8.6.0.Z.EUS:frr-debuginfo-0:7.5-11.el8_6.7.s390x",
"AppStream-8.6.0.Z.EUS:frr-debuginfo-0:7.5-11.el8_6.7.x86_64",
"AppStream-8.6.0.Z.EUS:frr-debugsource-0:7.5-11.el8_6.7.aarch64",
"AppStream-8.6.0.Z.EUS:frr-debugsource-0:7.5-11.el8_6.7.ppc64le",
"AppStream-8.6.0.Z.EUS:frr-debugsource-0:7.5-11.el8_6.7.s390x",
"AppStream-8.6.0.Z.EUS:frr-debugsource-0:7.5-11.el8_6.7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "frr: crash from specially crafted MP_UNREACH_NLRI-containing BGP UPDATE message"
},
{
"cve": "CVE-2023-47235",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2023-11-06T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2248207"
}
],
"notes": [
{
"category": "description",
"text": "An issue was found in FRRouting FRR, where a crash may occur when processing a malformed BGP UPDATE message with an EOR.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "frr: crash from malformed EOR-containing BGP UPDATE message",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "A moderate severity issue has been identified in FRRouting FRR, where a crash may occur when processing a malformed BGP UPDATE message with an EOR. It\u0027s important to note that Red Hat OpenStack Platform (RHOSP) is not directly affected, as it utilises the version from the underlying Red Hat Enterprise Linux and is marked as Not Affected, with no changes required by the OpenStack engineering team. However, system administrators of OpenStack deployments are advised to apply updates once available in RHEL to mitigate potential risks. Additionally, this flaw is discovered through fuzzing, where, in normal cases, such packets cannot exist.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.6.0.Z.EUS:frr-0:7.5-11.el8_6.7.aarch64",
"AppStream-8.6.0.Z.EUS:frr-0:7.5-11.el8_6.7.ppc64le",
"AppStream-8.6.0.Z.EUS:frr-0:7.5-11.el8_6.7.s390x",
"AppStream-8.6.0.Z.EUS:frr-0:7.5-11.el8_6.7.src",
"AppStream-8.6.0.Z.EUS:frr-0:7.5-11.el8_6.7.x86_64",
"AppStream-8.6.0.Z.EUS:frr-debuginfo-0:7.5-11.el8_6.7.aarch64",
"AppStream-8.6.0.Z.EUS:frr-debuginfo-0:7.5-11.el8_6.7.ppc64le",
"AppStream-8.6.0.Z.EUS:frr-debuginfo-0:7.5-11.el8_6.7.s390x",
"AppStream-8.6.0.Z.EUS:frr-debuginfo-0:7.5-11.el8_6.7.x86_64",
"AppStream-8.6.0.Z.EUS:frr-debugsource-0:7.5-11.el8_6.7.aarch64",
"AppStream-8.6.0.Z.EUS:frr-debugsource-0:7.5-11.el8_6.7.ppc64le",
"AppStream-8.6.0.Z.EUS:frr-debugsource-0:7.5-11.el8_6.7.s390x",
"AppStream-8.6.0.Z.EUS:frr-debugsource-0:7.5-11.el8_6.7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-47235"
},
{
"category": "external",
"summary": "RHBZ#2248207",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2248207"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-47235",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-47235"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-47235",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-47235"
}
],
"release_date": "2023-11-03T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-03-05T15:10:22+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.6.0.Z.EUS:frr-0:7.5-11.el8_6.7.aarch64",
"AppStream-8.6.0.Z.EUS:frr-0:7.5-11.el8_6.7.ppc64le",
"AppStream-8.6.0.Z.EUS:frr-0:7.5-11.el8_6.7.s390x",
"AppStream-8.6.0.Z.EUS:frr-0:7.5-11.el8_6.7.src",
"AppStream-8.6.0.Z.EUS:frr-0:7.5-11.el8_6.7.x86_64",
"AppStream-8.6.0.Z.EUS:frr-debuginfo-0:7.5-11.el8_6.7.aarch64",
"AppStream-8.6.0.Z.EUS:frr-debuginfo-0:7.5-11.el8_6.7.ppc64le",
"AppStream-8.6.0.Z.EUS:frr-debuginfo-0:7.5-11.el8_6.7.s390x",
"AppStream-8.6.0.Z.EUS:frr-debuginfo-0:7.5-11.el8_6.7.x86_64",
"AppStream-8.6.0.Z.EUS:frr-debugsource-0:7.5-11.el8_6.7.aarch64",
"AppStream-8.6.0.Z.EUS:frr-debugsource-0:7.5-11.el8_6.7.ppc64le",
"AppStream-8.6.0.Z.EUS:frr-debugsource-0:7.5-11.el8_6.7.s390x",
"AppStream-8.6.0.Z.EUS:frr-debugsource-0:7.5-11.el8_6.7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:1113"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"AppStream-8.6.0.Z.EUS:frr-0:7.5-11.el8_6.7.aarch64",
"AppStream-8.6.0.Z.EUS:frr-0:7.5-11.el8_6.7.ppc64le",
"AppStream-8.6.0.Z.EUS:frr-0:7.5-11.el8_6.7.s390x",
"AppStream-8.6.0.Z.EUS:frr-0:7.5-11.el8_6.7.src",
"AppStream-8.6.0.Z.EUS:frr-0:7.5-11.el8_6.7.x86_64",
"AppStream-8.6.0.Z.EUS:frr-debuginfo-0:7.5-11.el8_6.7.aarch64",
"AppStream-8.6.0.Z.EUS:frr-debuginfo-0:7.5-11.el8_6.7.ppc64le",
"AppStream-8.6.0.Z.EUS:frr-debuginfo-0:7.5-11.el8_6.7.s390x",
"AppStream-8.6.0.Z.EUS:frr-debuginfo-0:7.5-11.el8_6.7.x86_64",
"AppStream-8.6.0.Z.EUS:frr-debugsource-0:7.5-11.el8_6.7.aarch64",
"AppStream-8.6.0.Z.EUS:frr-debugsource-0:7.5-11.el8_6.7.ppc64le",
"AppStream-8.6.0.Z.EUS:frr-debugsource-0:7.5-11.el8_6.7.s390x",
"AppStream-8.6.0.Z.EUS:frr-debugsource-0:7.5-11.el8_6.7.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-8.6.0.Z.EUS:frr-0:7.5-11.el8_6.7.aarch64",
"AppStream-8.6.0.Z.EUS:frr-0:7.5-11.el8_6.7.ppc64le",
"AppStream-8.6.0.Z.EUS:frr-0:7.5-11.el8_6.7.s390x",
"AppStream-8.6.0.Z.EUS:frr-0:7.5-11.el8_6.7.src",
"AppStream-8.6.0.Z.EUS:frr-0:7.5-11.el8_6.7.x86_64",
"AppStream-8.6.0.Z.EUS:frr-debuginfo-0:7.5-11.el8_6.7.aarch64",
"AppStream-8.6.0.Z.EUS:frr-debuginfo-0:7.5-11.el8_6.7.ppc64le",
"AppStream-8.6.0.Z.EUS:frr-debuginfo-0:7.5-11.el8_6.7.s390x",
"AppStream-8.6.0.Z.EUS:frr-debuginfo-0:7.5-11.el8_6.7.x86_64",
"AppStream-8.6.0.Z.EUS:frr-debugsource-0:7.5-11.el8_6.7.aarch64",
"AppStream-8.6.0.Z.EUS:frr-debugsource-0:7.5-11.el8_6.7.ppc64le",
"AppStream-8.6.0.Z.EUS:frr-debugsource-0:7.5-11.el8_6.7.s390x",
"AppStream-8.6.0.Z.EUS:frr-debugsource-0:7.5-11.el8_6.7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "frr: crash from malformed EOR-containing BGP UPDATE message"
}
]
}
RHSA-2024_1152
Vulnerability from csaf_redhat - Published: 2024-03-05 18:05 - Updated: 2024-11-23 02:12Summary
Red Hat Security Advisory: frr security update
Severity
Moderate
Notes
Topic: An update for frr is now available for Red Hat Enterprise Linux 9.0 Extended Update Support.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details: FRRouting is free software that manages TCP/IP based routing protocols. It supports BGP4, OSPFv2, OSPFv3, ISIS, RIP, RIPng, PIM, NHRP, PBR, EIGRP and BFD.
Security Fix(es):
* ffr: Flowspec overflow in bgpd/bgp_flowspec.c (CVE-2023-38406)
* ffr: Out of bounds read in bgpd/bgp_label.c (CVE-2023-38407)
* frr: crash from specially crafted MP_UNREACH_NLRI-containing BGP UPDATE message (CVE-2023-47234)
* frr: crash from malformed EOR-containing BGP UPDATE message (CVE-2023-47235)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A flaw was found in bgpd/bgp_flowspec.c in the FFrouting BGP protocol code. An overflow may occur while processing zero length NLRI messages.
7.5 (High)
Affected products
Fixed
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-9.0.0.Z.EUS:frr-0:8.0-5.el9_0.3.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:frr-0:8.0-5.el9_0.3.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:frr-0:8.0-5.el9_0.3.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:frr-0:8.0-5.el9_0.3.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:frr-0:8.0-5.el9_0.3.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:frr-debuginfo-0:8.0-5.el9_0.3.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:frr-debuginfo-0:8.0-5.el9_0.3.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:frr-debuginfo-0:8.0-5.el9_0.3.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:frr-debuginfo-0:8.0-5.el9_0.3.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:frr-debugsource-0:8.0-5.el9_0.3.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:frr-debugsource-0:8.0-5.el9_0.3.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:frr-debugsource-0:8.0-5.el9_0.3.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:frr-debugsource-0:8.0-5.el9_0.3.x86_64 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
An out-of-bounds read flaw was found in FFrounting beyond the end of the stream during labeled unicast parsing. This issue may lead to application crash and denial of service.
7.5 (High)
Affected products
Fixed
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-9.0.0.Z.EUS:frr-0:8.0-5.el9_0.3.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:frr-0:8.0-5.el9_0.3.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:frr-0:8.0-5.el9_0.3.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:frr-0:8.0-5.el9_0.3.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:frr-0:8.0-5.el9_0.3.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:frr-debuginfo-0:8.0-5.el9_0.3.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:frr-debuginfo-0:8.0-5.el9_0.3.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:frr-debuginfo-0:8.0-5.el9_0.3.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:frr-debuginfo-0:8.0-5.el9_0.3.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:frr-debugsource-0:8.0-5.el9_0.3.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:frr-debugsource-0:8.0-5.el9_0.3.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:frr-debugsource-0:8.0-5.el9_0.3.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:frr-debugsource-0:8.0-5.el9_0.3.x86_64 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
A flaw was found in frr. A crash can occur when processing a crafted BGP UPDATE message with a MP_UNREACH_NLRI attribute and additional NLRI data that lacks mandatory path attributes.
7.5 (High)
Affected products
Fixed
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-9.0.0.Z.EUS:frr-0:8.0-5.el9_0.3.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:frr-0:8.0-5.el9_0.3.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:frr-0:8.0-5.el9_0.3.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:frr-0:8.0-5.el9_0.3.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:frr-0:8.0-5.el9_0.3.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:frr-debuginfo-0:8.0-5.el9_0.3.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:frr-debuginfo-0:8.0-5.el9_0.3.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:frr-debuginfo-0:8.0-5.el9_0.3.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:frr-debuginfo-0:8.0-5.el9_0.3.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:frr-debugsource-0:8.0-5.el9_0.3.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:frr-debugsource-0:8.0-5.el9_0.3.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:frr-debugsource-0:8.0-5.el9_0.3.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:frr-debugsource-0:8.0-5.el9_0.3.x86_64 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
An issue was found in FRRouting FRR, where a crash may occur when processing a malformed BGP UPDATE message with an EOR.
7.5 (High)
Affected products
Fixed
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-9.0.0.Z.EUS:frr-0:8.0-5.el9_0.3.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:frr-0:8.0-5.el9_0.3.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:frr-0:8.0-5.el9_0.3.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:frr-0:8.0-5.el9_0.3.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:frr-0:8.0-5.el9_0.3.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:frr-debuginfo-0:8.0-5.el9_0.3.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:frr-debuginfo-0:8.0-5.el9_0.3.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:frr-debuginfo-0:8.0-5.el9_0.3.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:frr-debuginfo-0:8.0-5.el9_0.3.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:frr-debugsource-0:8.0-5.el9_0.3.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:frr-debugsource-0:8.0-5.el9_0.3.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:frr-debugsource-0:8.0-5.el9_0.3.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.0.0.Z.EUS:frr-debugsource-0:8.0-5.el9_0.3.x86_64 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
References
26 references
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for frr is now available for Red Hat Enterprise Linux 9.0 Extended Update Support.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "FRRouting is free software that manages TCP/IP based routing protocols. It supports BGP4, OSPFv2, OSPFv3, ISIS, RIP, RIPng, PIM, NHRP, PBR, EIGRP and BFD. \n\nSecurity Fix(es):\n\n* ffr: Flowspec overflow in bgpd/bgp_flowspec.c (CVE-2023-38406)\n\n* ffr: Out of bounds read in bgpd/bgp_label.c (CVE-2023-38407)\n\n* frr: crash from specially crafted MP_UNREACH_NLRI-containing BGP UPDATE message (CVE-2023-47234)\n\n* frr: crash from malformed EOR-containing BGP UPDATE message (CVE-2023-47235)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2024:1152",
"url": "https://access.redhat.com/errata/RHSA-2024:1152"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "2248207",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2248207"
},
{
"category": "external",
"summary": "2248208",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2248208"
},
{
"category": "external",
"summary": "2248526",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2248526"
},
{
"category": "external",
"summary": "2248528",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2248528"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_1152.json"
}
],
"title": "Red Hat Security Advisory: frr security update",
"tracking": {
"current_release_date": "2024-11-23T02:12:31+00:00",
"generator": {
"date": "2024-11-23T02:12:31+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.1"
}
},
"id": "RHSA-2024:1152",
"initial_release_date": "2024-03-05T18:05:37+00:00",
"revision_history": [
{
"date": "2024-03-05T18:05:37+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2024-03-05T18:05:37+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-11-23T02:12:31+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux AppStream EUS (v.9.0)",
"product": {
"name": "Red Hat Enterprise Linux AppStream EUS (v.9.0)",
"product_id": "AppStream-9.0.0.Z.EUS",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_eus:9.0::appstream"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "frr-0:8.0-5.el9_0.3.src",
"product": {
"name": "frr-0:8.0-5.el9_0.3.src",
"product_id": "frr-0:8.0-5.el9_0.3.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/frr@8.0-5.el9_0.3?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "frr-0:8.0-5.el9_0.3.aarch64",
"product": {
"name": "frr-0:8.0-5.el9_0.3.aarch64",
"product_id": "frr-0:8.0-5.el9_0.3.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/frr@8.0-5.el9_0.3?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "frr-debugsource-0:8.0-5.el9_0.3.aarch64",
"product": {
"name": "frr-debugsource-0:8.0-5.el9_0.3.aarch64",
"product_id": "frr-debugsource-0:8.0-5.el9_0.3.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/frr-debugsource@8.0-5.el9_0.3?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "frr-debuginfo-0:8.0-5.el9_0.3.aarch64",
"product": {
"name": "frr-debuginfo-0:8.0-5.el9_0.3.aarch64",
"product_id": "frr-debuginfo-0:8.0-5.el9_0.3.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/frr-debuginfo@8.0-5.el9_0.3?arch=aarch64"
}
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "frr-0:8.0-5.el9_0.3.ppc64le",
"product": {
"name": "frr-0:8.0-5.el9_0.3.ppc64le",
"product_id": "frr-0:8.0-5.el9_0.3.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/frr@8.0-5.el9_0.3?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "frr-debugsource-0:8.0-5.el9_0.3.ppc64le",
"product": {
"name": "frr-debugsource-0:8.0-5.el9_0.3.ppc64le",
"product_id": "frr-debugsource-0:8.0-5.el9_0.3.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/frr-debugsource@8.0-5.el9_0.3?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "frr-debuginfo-0:8.0-5.el9_0.3.ppc64le",
"product": {
"name": "frr-debuginfo-0:8.0-5.el9_0.3.ppc64le",
"product_id": "frr-debuginfo-0:8.0-5.el9_0.3.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/frr-debuginfo@8.0-5.el9_0.3?arch=ppc64le"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "frr-0:8.0-5.el9_0.3.x86_64",
"product": {
"name": "frr-0:8.0-5.el9_0.3.x86_64",
"product_id": "frr-0:8.0-5.el9_0.3.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/frr@8.0-5.el9_0.3?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "frr-debugsource-0:8.0-5.el9_0.3.x86_64",
"product": {
"name": "frr-debugsource-0:8.0-5.el9_0.3.x86_64",
"product_id": "frr-debugsource-0:8.0-5.el9_0.3.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/frr-debugsource@8.0-5.el9_0.3?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "frr-debuginfo-0:8.0-5.el9_0.3.x86_64",
"product": {
"name": "frr-debuginfo-0:8.0-5.el9_0.3.x86_64",
"product_id": "frr-debuginfo-0:8.0-5.el9_0.3.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/frr-debuginfo@8.0-5.el9_0.3?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "frr-0:8.0-5.el9_0.3.s390x",
"product": {
"name": "frr-0:8.0-5.el9_0.3.s390x",
"product_id": "frr-0:8.0-5.el9_0.3.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/frr@8.0-5.el9_0.3?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "frr-debugsource-0:8.0-5.el9_0.3.s390x",
"product": {
"name": "frr-debugsource-0:8.0-5.el9_0.3.s390x",
"product_id": "frr-debugsource-0:8.0-5.el9_0.3.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/frr-debugsource@8.0-5.el9_0.3?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "frr-debuginfo-0:8.0-5.el9_0.3.s390x",
"product": {
"name": "frr-debuginfo-0:8.0-5.el9_0.3.s390x",
"product_id": "frr-debuginfo-0:8.0-5.el9_0.3.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/frr-debuginfo@8.0-5.el9_0.3?arch=s390x"
}
}
}
],
"category": "architecture",
"name": "s390x"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "frr-0:8.0-5.el9_0.3.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.0)",
"product_id": "AppStream-9.0.0.Z.EUS:frr-0:8.0-5.el9_0.3.aarch64"
},
"product_reference": "frr-0:8.0-5.el9_0.3.aarch64",
"relates_to_product_reference": "AppStream-9.0.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "frr-0:8.0-5.el9_0.3.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.9.0)",
"product_id": "AppStream-9.0.0.Z.EUS:frr-0:8.0-5.el9_0.3.ppc64le"
},
"product_reference": "frr-0:8.0-5.el9_0.3.ppc64le",
"relates_to_product_reference": "AppStream-9.0.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "frr-0:8.0-5.el9_0.3.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.9.0)",
"product_id": "AppStream-9.0.0.Z.EUS:frr-0:8.0-5.el9_0.3.s390x"
},
"product_reference": "frr-0:8.0-5.el9_0.3.s390x",
"relates_to_product_reference": "AppStream-9.0.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "frr-0:8.0-5.el9_0.3.src as a component of Red Hat Enterprise Linux AppStream EUS (v.9.0)",
"product_id": "AppStream-9.0.0.Z.EUS:frr-0:8.0-5.el9_0.3.src"
},
"product_reference": "frr-0:8.0-5.el9_0.3.src",
"relates_to_product_reference": "AppStream-9.0.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "frr-0:8.0-5.el9_0.3.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.0)",
"product_id": "AppStream-9.0.0.Z.EUS:frr-0:8.0-5.el9_0.3.x86_64"
},
"product_reference": "frr-0:8.0-5.el9_0.3.x86_64",
"relates_to_product_reference": "AppStream-9.0.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "frr-debuginfo-0:8.0-5.el9_0.3.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.0)",
"product_id": "AppStream-9.0.0.Z.EUS:frr-debuginfo-0:8.0-5.el9_0.3.aarch64"
},
"product_reference": "frr-debuginfo-0:8.0-5.el9_0.3.aarch64",
"relates_to_product_reference": "AppStream-9.0.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "frr-debuginfo-0:8.0-5.el9_0.3.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.9.0)",
"product_id": "AppStream-9.0.0.Z.EUS:frr-debuginfo-0:8.0-5.el9_0.3.ppc64le"
},
"product_reference": "frr-debuginfo-0:8.0-5.el9_0.3.ppc64le",
"relates_to_product_reference": "AppStream-9.0.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "frr-debuginfo-0:8.0-5.el9_0.3.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.9.0)",
"product_id": "AppStream-9.0.0.Z.EUS:frr-debuginfo-0:8.0-5.el9_0.3.s390x"
},
"product_reference": "frr-debuginfo-0:8.0-5.el9_0.3.s390x",
"relates_to_product_reference": "AppStream-9.0.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "frr-debuginfo-0:8.0-5.el9_0.3.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.0)",
"product_id": "AppStream-9.0.0.Z.EUS:frr-debuginfo-0:8.0-5.el9_0.3.x86_64"
},
"product_reference": "frr-debuginfo-0:8.0-5.el9_0.3.x86_64",
"relates_to_product_reference": "AppStream-9.0.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "frr-debugsource-0:8.0-5.el9_0.3.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.0)",
"product_id": "AppStream-9.0.0.Z.EUS:frr-debugsource-0:8.0-5.el9_0.3.aarch64"
},
"product_reference": "frr-debugsource-0:8.0-5.el9_0.3.aarch64",
"relates_to_product_reference": "AppStream-9.0.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "frr-debugsource-0:8.0-5.el9_0.3.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.9.0)",
"product_id": "AppStream-9.0.0.Z.EUS:frr-debugsource-0:8.0-5.el9_0.3.ppc64le"
},
"product_reference": "frr-debugsource-0:8.0-5.el9_0.3.ppc64le",
"relates_to_product_reference": "AppStream-9.0.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "frr-debugsource-0:8.0-5.el9_0.3.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.9.0)",
"product_id": "AppStream-9.0.0.Z.EUS:frr-debugsource-0:8.0-5.el9_0.3.s390x"
},
"product_reference": "frr-debugsource-0:8.0-5.el9_0.3.s390x",
"relates_to_product_reference": "AppStream-9.0.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "frr-debugsource-0:8.0-5.el9_0.3.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.0)",
"product_id": "AppStream-9.0.0.Z.EUS:frr-debugsource-0:8.0-5.el9_0.3.x86_64"
},
"product_reference": "frr-debugsource-0:8.0-5.el9_0.3.x86_64",
"relates_to_product_reference": "AppStream-9.0.0.Z.EUS"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-38406",
"cwe": {
"id": "CWE-119",
"name": "Improper Restriction of Operations within the Bounds of a Memory Buffer"
},
"discovery_date": "2023-11-06T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2248526"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in bgpd/bgp_flowspec.c in the FFrouting BGP protocol code. An overflow may occur while processing zero length NLRI messages.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "ffr: Flowspec overflow in bgpd/bgp_flowspec.c",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat OpenStack Platform does not ship its own version of the frr package, instead using the version from the underlying Red Hat Enterprise Linux. RHOSP is marked as Not Affected as no changes need to be made by the OpenStack engineering team. System administrators of OpenStack deployments should apply updates once available in RHEL.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.0.0.Z.EUS:frr-0:8.0-5.el9_0.3.aarch64",
"AppStream-9.0.0.Z.EUS:frr-0:8.0-5.el9_0.3.ppc64le",
"AppStream-9.0.0.Z.EUS:frr-0:8.0-5.el9_0.3.s390x",
"AppStream-9.0.0.Z.EUS:frr-0:8.0-5.el9_0.3.src",
"AppStream-9.0.0.Z.EUS:frr-0:8.0-5.el9_0.3.x86_64",
"AppStream-9.0.0.Z.EUS:frr-debuginfo-0:8.0-5.el9_0.3.aarch64",
"AppStream-9.0.0.Z.EUS:frr-debuginfo-0:8.0-5.el9_0.3.ppc64le",
"AppStream-9.0.0.Z.EUS:frr-debuginfo-0:8.0-5.el9_0.3.s390x",
"AppStream-9.0.0.Z.EUS:frr-debuginfo-0:8.0-5.el9_0.3.x86_64",
"AppStream-9.0.0.Z.EUS:frr-debugsource-0:8.0-5.el9_0.3.aarch64",
"AppStream-9.0.0.Z.EUS:frr-debugsource-0:8.0-5.el9_0.3.ppc64le",
"AppStream-9.0.0.Z.EUS:frr-debugsource-0:8.0-5.el9_0.3.s390x",
"AppStream-9.0.0.Z.EUS:frr-debugsource-0:8.0-5.el9_0.3.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-38406"
},
{
"category": "external",
"summary": "RHBZ#2248526",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2248526"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-38406",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38406"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-38406",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-38406"
},
{
"category": "external",
"summary": "https://github.com/FRRouting/frr/pull/12884",
"url": "https://github.com/FRRouting/frr/pull/12884"
}
],
"release_date": "2023-02-24T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-03-05T18:05:37+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.0.0.Z.EUS:frr-0:8.0-5.el9_0.3.aarch64",
"AppStream-9.0.0.Z.EUS:frr-0:8.0-5.el9_0.3.ppc64le",
"AppStream-9.0.0.Z.EUS:frr-0:8.0-5.el9_0.3.s390x",
"AppStream-9.0.0.Z.EUS:frr-0:8.0-5.el9_0.3.src",
"AppStream-9.0.0.Z.EUS:frr-0:8.0-5.el9_0.3.x86_64",
"AppStream-9.0.0.Z.EUS:frr-debuginfo-0:8.0-5.el9_0.3.aarch64",
"AppStream-9.0.0.Z.EUS:frr-debuginfo-0:8.0-5.el9_0.3.ppc64le",
"AppStream-9.0.0.Z.EUS:frr-debuginfo-0:8.0-5.el9_0.3.s390x",
"AppStream-9.0.0.Z.EUS:frr-debuginfo-0:8.0-5.el9_0.3.x86_64",
"AppStream-9.0.0.Z.EUS:frr-debugsource-0:8.0-5.el9_0.3.aarch64",
"AppStream-9.0.0.Z.EUS:frr-debugsource-0:8.0-5.el9_0.3.ppc64le",
"AppStream-9.0.0.Z.EUS:frr-debugsource-0:8.0-5.el9_0.3.s390x",
"AppStream-9.0.0.Z.EUS:frr-debugsource-0:8.0-5.el9_0.3.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:1152"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"AppStream-9.0.0.Z.EUS:frr-0:8.0-5.el9_0.3.aarch64",
"AppStream-9.0.0.Z.EUS:frr-0:8.0-5.el9_0.3.ppc64le",
"AppStream-9.0.0.Z.EUS:frr-0:8.0-5.el9_0.3.s390x",
"AppStream-9.0.0.Z.EUS:frr-0:8.0-5.el9_0.3.src",
"AppStream-9.0.0.Z.EUS:frr-0:8.0-5.el9_0.3.x86_64",
"AppStream-9.0.0.Z.EUS:frr-debuginfo-0:8.0-5.el9_0.3.aarch64",
"AppStream-9.0.0.Z.EUS:frr-debuginfo-0:8.0-5.el9_0.3.ppc64le",
"AppStream-9.0.0.Z.EUS:frr-debuginfo-0:8.0-5.el9_0.3.s390x",
"AppStream-9.0.0.Z.EUS:frr-debuginfo-0:8.0-5.el9_0.3.x86_64",
"AppStream-9.0.0.Z.EUS:frr-debugsource-0:8.0-5.el9_0.3.aarch64",
"AppStream-9.0.0.Z.EUS:frr-debugsource-0:8.0-5.el9_0.3.ppc64le",
"AppStream-9.0.0.Z.EUS:frr-debugsource-0:8.0-5.el9_0.3.s390x",
"AppStream-9.0.0.Z.EUS:frr-debugsource-0:8.0-5.el9_0.3.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-9.0.0.Z.EUS:frr-0:8.0-5.el9_0.3.aarch64",
"AppStream-9.0.0.Z.EUS:frr-0:8.0-5.el9_0.3.ppc64le",
"AppStream-9.0.0.Z.EUS:frr-0:8.0-5.el9_0.3.s390x",
"AppStream-9.0.0.Z.EUS:frr-0:8.0-5.el9_0.3.src",
"AppStream-9.0.0.Z.EUS:frr-0:8.0-5.el9_0.3.x86_64",
"AppStream-9.0.0.Z.EUS:frr-debuginfo-0:8.0-5.el9_0.3.aarch64",
"AppStream-9.0.0.Z.EUS:frr-debuginfo-0:8.0-5.el9_0.3.ppc64le",
"AppStream-9.0.0.Z.EUS:frr-debuginfo-0:8.0-5.el9_0.3.s390x",
"AppStream-9.0.0.Z.EUS:frr-debuginfo-0:8.0-5.el9_0.3.x86_64",
"AppStream-9.0.0.Z.EUS:frr-debugsource-0:8.0-5.el9_0.3.aarch64",
"AppStream-9.0.0.Z.EUS:frr-debugsource-0:8.0-5.el9_0.3.ppc64le",
"AppStream-9.0.0.Z.EUS:frr-debugsource-0:8.0-5.el9_0.3.s390x",
"AppStream-9.0.0.Z.EUS:frr-debugsource-0:8.0-5.el9_0.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "ffr: Flowspec overflow in bgpd/bgp_flowspec.c"
},
{
"cve": "CVE-2023-38407",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"discovery_date": "2023-11-06T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2248528"
}
],
"notes": [
{
"category": "description",
"text": "An out-of-bounds read flaw was found in FFrounting beyond the end of the stream during labeled unicast parsing. This issue may lead to application crash and denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "ffr: Out of bounds read in bgpd/bgp_label.c",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat OpenStack Platform does not ship its own version of the frr package, instead using the version from the underlying Red Hat Enterprise Linux. RHOSP is marked as Not Affected as no changes need to be made by the OpenStack engineering team. System administrators of OpenStack deployments should apply updates once available in RHEL.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.0.0.Z.EUS:frr-0:8.0-5.el9_0.3.aarch64",
"AppStream-9.0.0.Z.EUS:frr-0:8.0-5.el9_0.3.ppc64le",
"AppStream-9.0.0.Z.EUS:frr-0:8.0-5.el9_0.3.s390x",
"AppStream-9.0.0.Z.EUS:frr-0:8.0-5.el9_0.3.src",
"AppStream-9.0.0.Z.EUS:frr-0:8.0-5.el9_0.3.x86_64",
"AppStream-9.0.0.Z.EUS:frr-debuginfo-0:8.0-5.el9_0.3.aarch64",
"AppStream-9.0.0.Z.EUS:frr-debuginfo-0:8.0-5.el9_0.3.ppc64le",
"AppStream-9.0.0.Z.EUS:frr-debuginfo-0:8.0-5.el9_0.3.s390x",
"AppStream-9.0.0.Z.EUS:frr-debuginfo-0:8.0-5.el9_0.3.x86_64",
"AppStream-9.0.0.Z.EUS:frr-debugsource-0:8.0-5.el9_0.3.aarch64",
"AppStream-9.0.0.Z.EUS:frr-debugsource-0:8.0-5.el9_0.3.ppc64le",
"AppStream-9.0.0.Z.EUS:frr-debugsource-0:8.0-5.el9_0.3.s390x",
"AppStream-9.0.0.Z.EUS:frr-debugsource-0:8.0-5.el9_0.3.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-38407"
},
{
"category": "external",
"summary": "RHBZ#2248528",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2248528"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-38407",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38407"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-38407",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-38407"
},
{
"category": "external",
"summary": "https://github.com/FRRouting/frr/pull/12951",
"url": "https://github.com/FRRouting/frr/pull/12951"
},
{
"category": "external",
"summary": "https://github.com/FRRouting/frr/pull/12956",
"url": "https://github.com/FRRouting/frr/pull/12956"
}
],
"release_date": "2023-03-05T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-03-05T18:05:37+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.0.0.Z.EUS:frr-0:8.0-5.el9_0.3.aarch64",
"AppStream-9.0.0.Z.EUS:frr-0:8.0-5.el9_0.3.ppc64le",
"AppStream-9.0.0.Z.EUS:frr-0:8.0-5.el9_0.3.s390x",
"AppStream-9.0.0.Z.EUS:frr-0:8.0-5.el9_0.3.src",
"AppStream-9.0.0.Z.EUS:frr-0:8.0-5.el9_0.3.x86_64",
"AppStream-9.0.0.Z.EUS:frr-debuginfo-0:8.0-5.el9_0.3.aarch64",
"AppStream-9.0.0.Z.EUS:frr-debuginfo-0:8.0-5.el9_0.3.ppc64le",
"AppStream-9.0.0.Z.EUS:frr-debuginfo-0:8.0-5.el9_0.3.s390x",
"AppStream-9.0.0.Z.EUS:frr-debuginfo-0:8.0-5.el9_0.3.x86_64",
"AppStream-9.0.0.Z.EUS:frr-debugsource-0:8.0-5.el9_0.3.aarch64",
"AppStream-9.0.0.Z.EUS:frr-debugsource-0:8.0-5.el9_0.3.ppc64le",
"AppStream-9.0.0.Z.EUS:frr-debugsource-0:8.0-5.el9_0.3.s390x",
"AppStream-9.0.0.Z.EUS:frr-debugsource-0:8.0-5.el9_0.3.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:1152"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"AppStream-9.0.0.Z.EUS:frr-0:8.0-5.el9_0.3.aarch64",
"AppStream-9.0.0.Z.EUS:frr-0:8.0-5.el9_0.3.ppc64le",
"AppStream-9.0.0.Z.EUS:frr-0:8.0-5.el9_0.3.s390x",
"AppStream-9.0.0.Z.EUS:frr-0:8.0-5.el9_0.3.src",
"AppStream-9.0.0.Z.EUS:frr-0:8.0-5.el9_0.3.x86_64",
"AppStream-9.0.0.Z.EUS:frr-debuginfo-0:8.0-5.el9_0.3.aarch64",
"AppStream-9.0.0.Z.EUS:frr-debuginfo-0:8.0-5.el9_0.3.ppc64le",
"AppStream-9.0.0.Z.EUS:frr-debuginfo-0:8.0-5.el9_0.3.s390x",
"AppStream-9.0.0.Z.EUS:frr-debuginfo-0:8.0-5.el9_0.3.x86_64",
"AppStream-9.0.0.Z.EUS:frr-debugsource-0:8.0-5.el9_0.3.aarch64",
"AppStream-9.0.0.Z.EUS:frr-debugsource-0:8.0-5.el9_0.3.ppc64le",
"AppStream-9.0.0.Z.EUS:frr-debugsource-0:8.0-5.el9_0.3.s390x",
"AppStream-9.0.0.Z.EUS:frr-debugsource-0:8.0-5.el9_0.3.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-9.0.0.Z.EUS:frr-0:8.0-5.el9_0.3.aarch64",
"AppStream-9.0.0.Z.EUS:frr-0:8.0-5.el9_0.3.ppc64le",
"AppStream-9.0.0.Z.EUS:frr-0:8.0-5.el9_0.3.s390x",
"AppStream-9.0.0.Z.EUS:frr-0:8.0-5.el9_0.3.src",
"AppStream-9.0.0.Z.EUS:frr-0:8.0-5.el9_0.3.x86_64",
"AppStream-9.0.0.Z.EUS:frr-debuginfo-0:8.0-5.el9_0.3.aarch64",
"AppStream-9.0.0.Z.EUS:frr-debuginfo-0:8.0-5.el9_0.3.ppc64le",
"AppStream-9.0.0.Z.EUS:frr-debuginfo-0:8.0-5.el9_0.3.s390x",
"AppStream-9.0.0.Z.EUS:frr-debuginfo-0:8.0-5.el9_0.3.x86_64",
"AppStream-9.0.0.Z.EUS:frr-debugsource-0:8.0-5.el9_0.3.aarch64",
"AppStream-9.0.0.Z.EUS:frr-debugsource-0:8.0-5.el9_0.3.ppc64le",
"AppStream-9.0.0.Z.EUS:frr-debugsource-0:8.0-5.el9_0.3.s390x",
"AppStream-9.0.0.Z.EUS:frr-debugsource-0:8.0-5.el9_0.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "ffr: Out of bounds read in bgpd/bgp_label.c"
},
{
"cve": "CVE-2023-47234",
"discovery_date": "2023-11-06T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2248208"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in frr. A crash can occur when processing a crafted BGP UPDATE message with a MP_UNREACH_NLRI attribute and additional NLRI data that lacks mandatory path attributes.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "frr: crash from specially crafted MP_UNREACH_NLRI-containing BGP UPDATE message",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat OpenStack Platform does not ship its own version of the frr package, instead using the version from the underlying Red Hat Enterprise Linux. RHOSP is marked as Not Affected as no changes need to be made by the OpenStack engineering team. System administrators of OpenStack deployments should apply updates once available in RHEL.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.0.0.Z.EUS:frr-0:8.0-5.el9_0.3.aarch64",
"AppStream-9.0.0.Z.EUS:frr-0:8.0-5.el9_0.3.ppc64le",
"AppStream-9.0.0.Z.EUS:frr-0:8.0-5.el9_0.3.s390x",
"AppStream-9.0.0.Z.EUS:frr-0:8.0-5.el9_0.3.src",
"AppStream-9.0.0.Z.EUS:frr-0:8.0-5.el9_0.3.x86_64",
"AppStream-9.0.0.Z.EUS:frr-debuginfo-0:8.0-5.el9_0.3.aarch64",
"AppStream-9.0.0.Z.EUS:frr-debuginfo-0:8.0-5.el9_0.3.ppc64le",
"AppStream-9.0.0.Z.EUS:frr-debuginfo-0:8.0-5.el9_0.3.s390x",
"AppStream-9.0.0.Z.EUS:frr-debuginfo-0:8.0-5.el9_0.3.x86_64",
"AppStream-9.0.0.Z.EUS:frr-debugsource-0:8.0-5.el9_0.3.aarch64",
"AppStream-9.0.0.Z.EUS:frr-debugsource-0:8.0-5.el9_0.3.ppc64le",
"AppStream-9.0.0.Z.EUS:frr-debugsource-0:8.0-5.el9_0.3.s390x",
"AppStream-9.0.0.Z.EUS:frr-debugsource-0:8.0-5.el9_0.3.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-47234"
},
{
"category": "external",
"summary": "RHBZ#2248208",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2248208"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-47234",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-47234"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-47234",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-47234"
}
],
"release_date": "2023-11-03T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-03-05T18:05:37+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.0.0.Z.EUS:frr-0:8.0-5.el9_0.3.aarch64",
"AppStream-9.0.0.Z.EUS:frr-0:8.0-5.el9_0.3.ppc64le",
"AppStream-9.0.0.Z.EUS:frr-0:8.0-5.el9_0.3.s390x",
"AppStream-9.0.0.Z.EUS:frr-0:8.0-5.el9_0.3.src",
"AppStream-9.0.0.Z.EUS:frr-0:8.0-5.el9_0.3.x86_64",
"AppStream-9.0.0.Z.EUS:frr-debuginfo-0:8.0-5.el9_0.3.aarch64",
"AppStream-9.0.0.Z.EUS:frr-debuginfo-0:8.0-5.el9_0.3.ppc64le",
"AppStream-9.0.0.Z.EUS:frr-debuginfo-0:8.0-5.el9_0.3.s390x",
"AppStream-9.0.0.Z.EUS:frr-debuginfo-0:8.0-5.el9_0.3.x86_64",
"AppStream-9.0.0.Z.EUS:frr-debugsource-0:8.0-5.el9_0.3.aarch64",
"AppStream-9.0.0.Z.EUS:frr-debugsource-0:8.0-5.el9_0.3.ppc64le",
"AppStream-9.0.0.Z.EUS:frr-debugsource-0:8.0-5.el9_0.3.s390x",
"AppStream-9.0.0.Z.EUS:frr-debugsource-0:8.0-5.el9_0.3.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:1152"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"AppStream-9.0.0.Z.EUS:frr-0:8.0-5.el9_0.3.aarch64",
"AppStream-9.0.0.Z.EUS:frr-0:8.0-5.el9_0.3.ppc64le",
"AppStream-9.0.0.Z.EUS:frr-0:8.0-5.el9_0.3.s390x",
"AppStream-9.0.0.Z.EUS:frr-0:8.0-5.el9_0.3.src",
"AppStream-9.0.0.Z.EUS:frr-0:8.0-5.el9_0.3.x86_64",
"AppStream-9.0.0.Z.EUS:frr-debuginfo-0:8.0-5.el9_0.3.aarch64",
"AppStream-9.0.0.Z.EUS:frr-debuginfo-0:8.0-5.el9_0.3.ppc64le",
"AppStream-9.0.0.Z.EUS:frr-debuginfo-0:8.0-5.el9_0.3.s390x",
"AppStream-9.0.0.Z.EUS:frr-debuginfo-0:8.0-5.el9_0.3.x86_64",
"AppStream-9.0.0.Z.EUS:frr-debugsource-0:8.0-5.el9_0.3.aarch64",
"AppStream-9.0.0.Z.EUS:frr-debugsource-0:8.0-5.el9_0.3.ppc64le",
"AppStream-9.0.0.Z.EUS:frr-debugsource-0:8.0-5.el9_0.3.s390x",
"AppStream-9.0.0.Z.EUS:frr-debugsource-0:8.0-5.el9_0.3.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-9.0.0.Z.EUS:frr-0:8.0-5.el9_0.3.aarch64",
"AppStream-9.0.0.Z.EUS:frr-0:8.0-5.el9_0.3.ppc64le",
"AppStream-9.0.0.Z.EUS:frr-0:8.0-5.el9_0.3.s390x",
"AppStream-9.0.0.Z.EUS:frr-0:8.0-5.el9_0.3.src",
"AppStream-9.0.0.Z.EUS:frr-0:8.0-5.el9_0.3.x86_64",
"AppStream-9.0.0.Z.EUS:frr-debuginfo-0:8.0-5.el9_0.3.aarch64",
"AppStream-9.0.0.Z.EUS:frr-debuginfo-0:8.0-5.el9_0.3.ppc64le",
"AppStream-9.0.0.Z.EUS:frr-debuginfo-0:8.0-5.el9_0.3.s390x",
"AppStream-9.0.0.Z.EUS:frr-debuginfo-0:8.0-5.el9_0.3.x86_64",
"AppStream-9.0.0.Z.EUS:frr-debugsource-0:8.0-5.el9_0.3.aarch64",
"AppStream-9.0.0.Z.EUS:frr-debugsource-0:8.0-5.el9_0.3.ppc64le",
"AppStream-9.0.0.Z.EUS:frr-debugsource-0:8.0-5.el9_0.3.s390x",
"AppStream-9.0.0.Z.EUS:frr-debugsource-0:8.0-5.el9_0.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "frr: crash from specially crafted MP_UNREACH_NLRI-containing BGP UPDATE message"
},
{
"cve": "CVE-2023-47235",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2023-11-06T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2248207"
}
],
"notes": [
{
"category": "description",
"text": "An issue was found in FRRouting FRR, where a crash may occur when processing a malformed BGP UPDATE message with an EOR.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "frr: crash from malformed EOR-containing BGP UPDATE message",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "A moderate severity issue has been identified in FRRouting FRR, where a crash may occur when processing a malformed BGP UPDATE message with an EOR. It\u0027s important to note that Red Hat OpenStack Platform (RHOSP) is not directly affected, as it utilises the version from the underlying Red Hat Enterprise Linux and is marked as Not Affected, with no changes required by the OpenStack engineering team. However, system administrators of OpenStack deployments are advised to apply updates once available in RHEL to mitigate potential risks. Additionally, this flaw is discovered through fuzzing, where, in normal cases, such packets cannot exist.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.0.0.Z.EUS:frr-0:8.0-5.el9_0.3.aarch64",
"AppStream-9.0.0.Z.EUS:frr-0:8.0-5.el9_0.3.ppc64le",
"AppStream-9.0.0.Z.EUS:frr-0:8.0-5.el9_0.3.s390x",
"AppStream-9.0.0.Z.EUS:frr-0:8.0-5.el9_0.3.src",
"AppStream-9.0.0.Z.EUS:frr-0:8.0-5.el9_0.3.x86_64",
"AppStream-9.0.0.Z.EUS:frr-debuginfo-0:8.0-5.el9_0.3.aarch64",
"AppStream-9.0.0.Z.EUS:frr-debuginfo-0:8.0-5.el9_0.3.ppc64le",
"AppStream-9.0.0.Z.EUS:frr-debuginfo-0:8.0-5.el9_0.3.s390x",
"AppStream-9.0.0.Z.EUS:frr-debuginfo-0:8.0-5.el9_0.3.x86_64",
"AppStream-9.0.0.Z.EUS:frr-debugsource-0:8.0-5.el9_0.3.aarch64",
"AppStream-9.0.0.Z.EUS:frr-debugsource-0:8.0-5.el9_0.3.ppc64le",
"AppStream-9.0.0.Z.EUS:frr-debugsource-0:8.0-5.el9_0.3.s390x",
"AppStream-9.0.0.Z.EUS:frr-debugsource-0:8.0-5.el9_0.3.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-47235"
},
{
"category": "external",
"summary": "RHBZ#2248207",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2248207"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-47235",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-47235"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-47235",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-47235"
}
],
"release_date": "2023-11-03T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-03-05T18:05:37+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.0.0.Z.EUS:frr-0:8.0-5.el9_0.3.aarch64",
"AppStream-9.0.0.Z.EUS:frr-0:8.0-5.el9_0.3.ppc64le",
"AppStream-9.0.0.Z.EUS:frr-0:8.0-5.el9_0.3.s390x",
"AppStream-9.0.0.Z.EUS:frr-0:8.0-5.el9_0.3.src",
"AppStream-9.0.0.Z.EUS:frr-0:8.0-5.el9_0.3.x86_64",
"AppStream-9.0.0.Z.EUS:frr-debuginfo-0:8.0-5.el9_0.3.aarch64",
"AppStream-9.0.0.Z.EUS:frr-debuginfo-0:8.0-5.el9_0.3.ppc64le",
"AppStream-9.0.0.Z.EUS:frr-debuginfo-0:8.0-5.el9_0.3.s390x",
"AppStream-9.0.0.Z.EUS:frr-debuginfo-0:8.0-5.el9_0.3.x86_64",
"AppStream-9.0.0.Z.EUS:frr-debugsource-0:8.0-5.el9_0.3.aarch64",
"AppStream-9.0.0.Z.EUS:frr-debugsource-0:8.0-5.el9_0.3.ppc64le",
"AppStream-9.0.0.Z.EUS:frr-debugsource-0:8.0-5.el9_0.3.s390x",
"AppStream-9.0.0.Z.EUS:frr-debugsource-0:8.0-5.el9_0.3.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:1152"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"AppStream-9.0.0.Z.EUS:frr-0:8.0-5.el9_0.3.aarch64",
"AppStream-9.0.0.Z.EUS:frr-0:8.0-5.el9_0.3.ppc64le",
"AppStream-9.0.0.Z.EUS:frr-0:8.0-5.el9_0.3.s390x",
"AppStream-9.0.0.Z.EUS:frr-0:8.0-5.el9_0.3.src",
"AppStream-9.0.0.Z.EUS:frr-0:8.0-5.el9_0.3.x86_64",
"AppStream-9.0.0.Z.EUS:frr-debuginfo-0:8.0-5.el9_0.3.aarch64",
"AppStream-9.0.0.Z.EUS:frr-debuginfo-0:8.0-5.el9_0.3.ppc64le",
"AppStream-9.0.0.Z.EUS:frr-debuginfo-0:8.0-5.el9_0.3.s390x",
"AppStream-9.0.0.Z.EUS:frr-debuginfo-0:8.0-5.el9_0.3.x86_64",
"AppStream-9.0.0.Z.EUS:frr-debugsource-0:8.0-5.el9_0.3.aarch64",
"AppStream-9.0.0.Z.EUS:frr-debugsource-0:8.0-5.el9_0.3.ppc64le",
"AppStream-9.0.0.Z.EUS:frr-debugsource-0:8.0-5.el9_0.3.s390x",
"AppStream-9.0.0.Z.EUS:frr-debugsource-0:8.0-5.el9_0.3.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-9.0.0.Z.EUS:frr-0:8.0-5.el9_0.3.aarch64",
"AppStream-9.0.0.Z.EUS:frr-0:8.0-5.el9_0.3.ppc64le",
"AppStream-9.0.0.Z.EUS:frr-0:8.0-5.el9_0.3.s390x",
"AppStream-9.0.0.Z.EUS:frr-0:8.0-5.el9_0.3.src",
"AppStream-9.0.0.Z.EUS:frr-0:8.0-5.el9_0.3.x86_64",
"AppStream-9.0.0.Z.EUS:frr-debuginfo-0:8.0-5.el9_0.3.aarch64",
"AppStream-9.0.0.Z.EUS:frr-debuginfo-0:8.0-5.el9_0.3.ppc64le",
"AppStream-9.0.0.Z.EUS:frr-debuginfo-0:8.0-5.el9_0.3.s390x",
"AppStream-9.0.0.Z.EUS:frr-debuginfo-0:8.0-5.el9_0.3.x86_64",
"AppStream-9.0.0.Z.EUS:frr-debugsource-0:8.0-5.el9_0.3.aarch64",
"AppStream-9.0.0.Z.EUS:frr-debugsource-0:8.0-5.el9_0.3.ppc64le",
"AppStream-9.0.0.Z.EUS:frr-debugsource-0:8.0-5.el9_0.3.s390x",
"AppStream-9.0.0.Z.EUS:frr-debugsource-0:8.0-5.el9_0.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "frr: crash from malformed EOR-containing BGP UPDATE message"
}
]
}
SUSE-SU-2023:4663-1
Vulnerability from csaf_suse - Published: 2023-12-06 12:27 - Updated: 2023-12-06 12:27Summary
Security update for frr
Severity
Important
Notes
Title of the patch: Security update for frr
Description of the patch: This update for frr fixes the following issues:
- CVE-2023-47235: Fixed denial of service caused by malformed BGP UPDATE message with an EOR is processed (bsc#1216896).
- CVE-2023-47234: Fixed denial of service caused by crafted BGP UPDATE message with a MP_UNREACH_NLRI attribute (bsc#1216897).
- CVE-2023-38407: Fixed read beyond the end of the stream during labeled unicast parsing (bsc#1216899).
- CVE-2023-38406: Fixed mishandling of nlri length of zero, aka a 'flowspec overflow (bsc#1216900).
Patchnames: SUSE-2023-4663,SUSE-SLE-Module-Server-Applications-15-SP5-2023-4663,openSUSE-SLE-15.5-2023-4663
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
5.9 (Medium)
Affected products
Recommended
80 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15 SP5:frr-8.4-150500.4.15.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15 SP5:frr-8.4-150500.4.15.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15 SP5:frr-8.4-150500.4.15.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15 SP5:frr-8.4-150500.4.15.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15 SP5:frr-devel-8.4-150500.4.15.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15 SP5:frr-devel-8.4-150500.4.15.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15 SP5:frr-devel-8.4-150500.4.15.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15 SP5:frr-devel-8.4-150500.4.15.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrr0-8.4-150500.4.15.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrr0-8.4-150500.4.15.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrr0-8.4-150500.4.15.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrr0-8.4-150500.4.15.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrr_pb0-8.4-150500.4.15.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrr_pb0-8.4-150500.4.15.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrr_pb0-8.4-150500.4.15.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrr_pb0-8.4-150500.4.15.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrrcares0-8.4-150500.4.15.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrrcares0-8.4-150500.4.15.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrrcares0-8.4-150500.4.15.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrrcares0-8.4-150500.4.15.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrrfpm_pb0-8.4-150500.4.15.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrrfpm_pb0-8.4-150500.4.15.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrrfpm_pb0-8.4-150500.4.15.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrrfpm_pb0-8.4-150500.4.15.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrrospfapiclient0-8.4-150500.4.15.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrrospfapiclient0-8.4-150500.4.15.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrrospfapiclient0-8.4-150500.4.15.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrrospfapiclient0-8.4-150500.4.15.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrrsnmp0-8.4-150500.4.15.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrrsnmp0-8.4-150500.4.15.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrrsnmp0-8.4-150500.4.15.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrrsnmp0-8.4-150500.4.15.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrrzmq0-8.4-150500.4.15.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrrzmq0-8.4-150500.4.15.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrrzmq0-8.4-150500.4.15.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrrzmq0-8.4-150500.4.15.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15 SP5:libmlag_pb0-8.4-150500.4.15.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15 SP5:libmlag_pb0-8.4-150500.4.15.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15 SP5:libmlag_pb0-8.4-150500.4.15.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15 SP5:libmlag_pb0-8.4-150500.4.15.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:frr-8.4-150500.4.15.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:frr-8.4-150500.4.15.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:frr-8.4-150500.4.15.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:frr-8.4-150500.4.15.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:frr-devel-8.4-150500.4.15.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:frr-devel-8.4-150500.4.15.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:frr-devel-8.4-150500.4.15.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:frr-devel-8.4-150500.4.15.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:libfrr0-8.4-150500.4.15.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:libfrr0-8.4-150500.4.15.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:libfrr0-8.4-150500.4.15.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:libfrr0-8.4-150500.4.15.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:libfrr_pb0-8.4-150500.4.15.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:libfrr_pb0-8.4-150500.4.15.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:libfrr_pb0-8.4-150500.4.15.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:libfrr_pb0-8.4-150500.4.15.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:libfrrcares0-8.4-150500.4.15.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:libfrrcares0-8.4-150500.4.15.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:libfrrcares0-8.4-150500.4.15.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:libfrrcares0-8.4-150500.4.15.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:libfrrfpm_pb0-8.4-150500.4.15.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:libfrrfpm_pb0-8.4-150500.4.15.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:libfrrfpm_pb0-8.4-150500.4.15.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:libfrrfpm_pb0-8.4-150500.4.15.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:libfrrospfapiclient0-8.4-150500.4.15.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:libfrrospfapiclient0-8.4-150500.4.15.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:libfrrospfapiclient0-8.4-150500.4.15.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:libfrrospfapiclient0-8.4-150500.4.15.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:libfrrsnmp0-8.4-150500.4.15.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:libfrrsnmp0-8.4-150500.4.15.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:libfrrsnmp0-8.4-150500.4.15.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:libfrrsnmp0-8.4-150500.4.15.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:libfrrzmq0-8.4-150500.4.15.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:libfrrzmq0-8.4-150500.4.15.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:libfrrzmq0-8.4-150500.4.15.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:libfrrzmq0-8.4-150500.4.15.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:libmlag_pb0-8.4-150500.4.15.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:libmlag_pb0-8.4-150500.4.15.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:libmlag_pb0-8.4-150500.4.15.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:libmlag_pb0-8.4-150500.4.15.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
5.9 (Medium)
Affected products
Recommended
80 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15 SP5:frr-8.4-150500.4.15.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15 SP5:frr-8.4-150500.4.15.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15 SP5:frr-8.4-150500.4.15.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15 SP5:frr-8.4-150500.4.15.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15 SP5:frr-devel-8.4-150500.4.15.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15 SP5:frr-devel-8.4-150500.4.15.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15 SP5:frr-devel-8.4-150500.4.15.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15 SP5:frr-devel-8.4-150500.4.15.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrr0-8.4-150500.4.15.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrr0-8.4-150500.4.15.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrr0-8.4-150500.4.15.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrr0-8.4-150500.4.15.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrr_pb0-8.4-150500.4.15.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrr_pb0-8.4-150500.4.15.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrr_pb0-8.4-150500.4.15.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrr_pb0-8.4-150500.4.15.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrrcares0-8.4-150500.4.15.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrrcares0-8.4-150500.4.15.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrrcares0-8.4-150500.4.15.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrrcares0-8.4-150500.4.15.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrrfpm_pb0-8.4-150500.4.15.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrrfpm_pb0-8.4-150500.4.15.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrrfpm_pb0-8.4-150500.4.15.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrrfpm_pb0-8.4-150500.4.15.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrrospfapiclient0-8.4-150500.4.15.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrrospfapiclient0-8.4-150500.4.15.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrrospfapiclient0-8.4-150500.4.15.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrrospfapiclient0-8.4-150500.4.15.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrrsnmp0-8.4-150500.4.15.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrrsnmp0-8.4-150500.4.15.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrrsnmp0-8.4-150500.4.15.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrrsnmp0-8.4-150500.4.15.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrrzmq0-8.4-150500.4.15.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrrzmq0-8.4-150500.4.15.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrrzmq0-8.4-150500.4.15.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrrzmq0-8.4-150500.4.15.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15 SP5:libmlag_pb0-8.4-150500.4.15.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15 SP5:libmlag_pb0-8.4-150500.4.15.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15 SP5:libmlag_pb0-8.4-150500.4.15.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15 SP5:libmlag_pb0-8.4-150500.4.15.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:frr-8.4-150500.4.15.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:frr-8.4-150500.4.15.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:frr-8.4-150500.4.15.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:frr-8.4-150500.4.15.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:frr-devel-8.4-150500.4.15.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:frr-devel-8.4-150500.4.15.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:frr-devel-8.4-150500.4.15.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:frr-devel-8.4-150500.4.15.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:libfrr0-8.4-150500.4.15.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:libfrr0-8.4-150500.4.15.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:libfrr0-8.4-150500.4.15.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:libfrr0-8.4-150500.4.15.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:libfrr_pb0-8.4-150500.4.15.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:libfrr_pb0-8.4-150500.4.15.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:libfrr_pb0-8.4-150500.4.15.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:libfrr_pb0-8.4-150500.4.15.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:libfrrcares0-8.4-150500.4.15.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:libfrrcares0-8.4-150500.4.15.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:libfrrcares0-8.4-150500.4.15.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:libfrrcares0-8.4-150500.4.15.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:libfrrfpm_pb0-8.4-150500.4.15.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:libfrrfpm_pb0-8.4-150500.4.15.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:libfrrfpm_pb0-8.4-150500.4.15.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:libfrrfpm_pb0-8.4-150500.4.15.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:libfrrospfapiclient0-8.4-150500.4.15.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:libfrrospfapiclient0-8.4-150500.4.15.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:libfrrospfapiclient0-8.4-150500.4.15.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:libfrrospfapiclient0-8.4-150500.4.15.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:libfrrsnmp0-8.4-150500.4.15.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:libfrrsnmp0-8.4-150500.4.15.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:libfrrsnmp0-8.4-150500.4.15.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:libfrrsnmp0-8.4-150500.4.15.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:libfrrzmq0-8.4-150500.4.15.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:libfrrzmq0-8.4-150500.4.15.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:libfrrzmq0-8.4-150500.4.15.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:libfrrzmq0-8.4-150500.4.15.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:libmlag_pb0-8.4-150500.4.15.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:libmlag_pb0-8.4-150500.4.15.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:libmlag_pb0-8.4-150500.4.15.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:libmlag_pb0-8.4-150500.4.15.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
7.5 (High)
Affected products
Recommended
80 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15 SP5:frr-8.4-150500.4.15.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15 SP5:frr-8.4-150500.4.15.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15 SP5:frr-8.4-150500.4.15.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15 SP5:frr-8.4-150500.4.15.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15 SP5:frr-devel-8.4-150500.4.15.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15 SP5:frr-devel-8.4-150500.4.15.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15 SP5:frr-devel-8.4-150500.4.15.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15 SP5:frr-devel-8.4-150500.4.15.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrr0-8.4-150500.4.15.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrr0-8.4-150500.4.15.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrr0-8.4-150500.4.15.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrr0-8.4-150500.4.15.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrr_pb0-8.4-150500.4.15.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrr_pb0-8.4-150500.4.15.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrr_pb0-8.4-150500.4.15.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrr_pb0-8.4-150500.4.15.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrrcares0-8.4-150500.4.15.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrrcares0-8.4-150500.4.15.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrrcares0-8.4-150500.4.15.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrrcares0-8.4-150500.4.15.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrrfpm_pb0-8.4-150500.4.15.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrrfpm_pb0-8.4-150500.4.15.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrrfpm_pb0-8.4-150500.4.15.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrrfpm_pb0-8.4-150500.4.15.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrrospfapiclient0-8.4-150500.4.15.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrrospfapiclient0-8.4-150500.4.15.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrrospfapiclient0-8.4-150500.4.15.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrrospfapiclient0-8.4-150500.4.15.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrrsnmp0-8.4-150500.4.15.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrrsnmp0-8.4-150500.4.15.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrrsnmp0-8.4-150500.4.15.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrrsnmp0-8.4-150500.4.15.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrrzmq0-8.4-150500.4.15.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrrzmq0-8.4-150500.4.15.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrrzmq0-8.4-150500.4.15.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrrzmq0-8.4-150500.4.15.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15 SP5:libmlag_pb0-8.4-150500.4.15.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15 SP5:libmlag_pb0-8.4-150500.4.15.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15 SP5:libmlag_pb0-8.4-150500.4.15.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15 SP5:libmlag_pb0-8.4-150500.4.15.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:frr-8.4-150500.4.15.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:frr-8.4-150500.4.15.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:frr-8.4-150500.4.15.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:frr-8.4-150500.4.15.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:frr-devel-8.4-150500.4.15.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:frr-devel-8.4-150500.4.15.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:frr-devel-8.4-150500.4.15.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:frr-devel-8.4-150500.4.15.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:libfrr0-8.4-150500.4.15.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:libfrr0-8.4-150500.4.15.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:libfrr0-8.4-150500.4.15.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:libfrr0-8.4-150500.4.15.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:libfrr_pb0-8.4-150500.4.15.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:libfrr_pb0-8.4-150500.4.15.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:libfrr_pb0-8.4-150500.4.15.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:libfrr_pb0-8.4-150500.4.15.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:libfrrcares0-8.4-150500.4.15.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:libfrrcares0-8.4-150500.4.15.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:libfrrcares0-8.4-150500.4.15.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:libfrrcares0-8.4-150500.4.15.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:libfrrfpm_pb0-8.4-150500.4.15.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:libfrrfpm_pb0-8.4-150500.4.15.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:libfrrfpm_pb0-8.4-150500.4.15.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:libfrrfpm_pb0-8.4-150500.4.15.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:libfrrospfapiclient0-8.4-150500.4.15.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:libfrrospfapiclient0-8.4-150500.4.15.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:libfrrospfapiclient0-8.4-150500.4.15.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:libfrrospfapiclient0-8.4-150500.4.15.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:libfrrsnmp0-8.4-150500.4.15.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:libfrrsnmp0-8.4-150500.4.15.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:libfrrsnmp0-8.4-150500.4.15.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:libfrrsnmp0-8.4-150500.4.15.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:libfrrzmq0-8.4-150500.4.15.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:libfrrzmq0-8.4-150500.4.15.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:libfrrzmq0-8.4-150500.4.15.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:libfrrzmq0-8.4-150500.4.15.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:libmlag_pb0-8.4-150500.4.15.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:libmlag_pb0-8.4-150500.4.15.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:libmlag_pb0-8.4-150500.4.15.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:libmlag_pb0-8.4-150500.4.15.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
7.5 (High)
Affected products
Recommended
80 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15 SP5:frr-8.4-150500.4.15.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15 SP5:frr-8.4-150500.4.15.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15 SP5:frr-8.4-150500.4.15.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15 SP5:frr-8.4-150500.4.15.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15 SP5:frr-devel-8.4-150500.4.15.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15 SP5:frr-devel-8.4-150500.4.15.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15 SP5:frr-devel-8.4-150500.4.15.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15 SP5:frr-devel-8.4-150500.4.15.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrr0-8.4-150500.4.15.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrr0-8.4-150500.4.15.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrr0-8.4-150500.4.15.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrr0-8.4-150500.4.15.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrr_pb0-8.4-150500.4.15.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrr_pb0-8.4-150500.4.15.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrr_pb0-8.4-150500.4.15.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrr_pb0-8.4-150500.4.15.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrrcares0-8.4-150500.4.15.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrrcares0-8.4-150500.4.15.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrrcares0-8.4-150500.4.15.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrrcares0-8.4-150500.4.15.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrrfpm_pb0-8.4-150500.4.15.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrrfpm_pb0-8.4-150500.4.15.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrrfpm_pb0-8.4-150500.4.15.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrrfpm_pb0-8.4-150500.4.15.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrrospfapiclient0-8.4-150500.4.15.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrrospfapiclient0-8.4-150500.4.15.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrrospfapiclient0-8.4-150500.4.15.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrrospfapiclient0-8.4-150500.4.15.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrrsnmp0-8.4-150500.4.15.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrrsnmp0-8.4-150500.4.15.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrrsnmp0-8.4-150500.4.15.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrrsnmp0-8.4-150500.4.15.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrrzmq0-8.4-150500.4.15.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrrzmq0-8.4-150500.4.15.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrrzmq0-8.4-150500.4.15.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrrzmq0-8.4-150500.4.15.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15 SP5:libmlag_pb0-8.4-150500.4.15.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15 SP5:libmlag_pb0-8.4-150500.4.15.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15 SP5:libmlag_pb0-8.4-150500.4.15.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Server Applications 15 SP5:libmlag_pb0-8.4-150500.4.15.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:frr-8.4-150500.4.15.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:frr-8.4-150500.4.15.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:frr-8.4-150500.4.15.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:frr-8.4-150500.4.15.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:frr-devel-8.4-150500.4.15.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:frr-devel-8.4-150500.4.15.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:frr-devel-8.4-150500.4.15.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:frr-devel-8.4-150500.4.15.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:libfrr0-8.4-150500.4.15.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:libfrr0-8.4-150500.4.15.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:libfrr0-8.4-150500.4.15.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:libfrr0-8.4-150500.4.15.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:libfrr_pb0-8.4-150500.4.15.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:libfrr_pb0-8.4-150500.4.15.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:libfrr_pb0-8.4-150500.4.15.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:libfrr_pb0-8.4-150500.4.15.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:libfrrcares0-8.4-150500.4.15.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:libfrrcares0-8.4-150500.4.15.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:libfrrcares0-8.4-150500.4.15.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:libfrrcares0-8.4-150500.4.15.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:libfrrfpm_pb0-8.4-150500.4.15.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:libfrrfpm_pb0-8.4-150500.4.15.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:libfrrfpm_pb0-8.4-150500.4.15.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:libfrrfpm_pb0-8.4-150500.4.15.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:libfrrospfapiclient0-8.4-150500.4.15.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:libfrrospfapiclient0-8.4-150500.4.15.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:libfrrospfapiclient0-8.4-150500.4.15.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:libfrrospfapiclient0-8.4-150500.4.15.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:libfrrsnmp0-8.4-150500.4.15.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:libfrrsnmp0-8.4-150500.4.15.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:libfrrsnmp0-8.4-150500.4.15.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:libfrrsnmp0-8.4-150500.4.15.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:libfrrzmq0-8.4-150500.4.15.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:libfrrzmq0-8.4-150500.4.15.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:libfrrzmq0-8.4-150500.4.15.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:libfrrzmq0-8.4-150500.4.15.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:libmlag_pb0-8.4-150500.4.15.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:libmlag_pb0-8.4-150500.4.15.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:libmlag_pb0-8.4-150500.4.15.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:libmlag_pb0-8.4-150500.4.15.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
References
20 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for frr",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for frr fixes the following issues:\n\n- CVE-2023-47235: Fixed denial of service caused by malformed BGP UPDATE message with an EOR is processed (bsc#1216896).\n- CVE-2023-47234: Fixed denial of service caused by crafted BGP UPDATE message with a MP_UNREACH_NLRI attribute (bsc#1216897).\n- CVE-2023-38407: Fixed read beyond the end of the stream during labeled unicast parsing (bsc#1216899).\n- CVE-2023-38406: Fixed mishandling of nlri length of zero, aka a \u0027flowspec overflow (bsc#1216900).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2023-4663,SUSE-SLE-Module-Server-Applications-15-SP5-2023-4663,openSUSE-SLE-15.5-2023-4663",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2023_4663-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2023:4663-1",
"url": "https://www.suse.com/support/update/announcement/2023/suse-su-20234663-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2023:4663-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2023-December/017287.html"
},
{
"category": "self",
"summary": "SUSE Bug 1216896",
"url": "https://bugzilla.suse.com/1216896"
},
{
"category": "self",
"summary": "SUSE Bug 1216897",
"url": "https://bugzilla.suse.com/1216897"
},
{
"category": "self",
"summary": "SUSE Bug 1216899",
"url": "https://bugzilla.suse.com/1216899"
},
{
"category": "self",
"summary": "SUSE Bug 1216900",
"url": "https://bugzilla.suse.com/1216900"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-38406 page",
"url": "https://www.suse.com/security/cve/CVE-2023-38406/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-38407 page",
"url": "https://www.suse.com/security/cve/CVE-2023-38407/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-47234 page",
"url": "https://www.suse.com/security/cve/CVE-2023-47234/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-47235 page",
"url": "https://www.suse.com/security/cve/CVE-2023-47235/"
}
],
"title": "Security update for frr",
"tracking": {
"current_release_date": "2023-12-06T12:27:39Z",
"generator": {
"date": "2023-12-06T12:27:39Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2023:4663-1",
"initial_release_date": "2023-12-06T12:27:39Z",
"revision_history": [
{
"date": "2023-12-06T12:27:39Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "frr-8.4-150500.4.15.1.aarch64",
"product": {
"name": "frr-8.4-150500.4.15.1.aarch64",
"product_id": "frr-8.4-150500.4.15.1.aarch64"
}
},
{
"category": "product_version",
"name": "frr-devel-8.4-150500.4.15.1.aarch64",
"product": {
"name": "frr-devel-8.4-150500.4.15.1.aarch64",
"product_id": "frr-devel-8.4-150500.4.15.1.aarch64"
}
},
{
"category": "product_version",
"name": "libfrr0-8.4-150500.4.15.1.aarch64",
"product": {
"name": "libfrr0-8.4-150500.4.15.1.aarch64",
"product_id": "libfrr0-8.4-150500.4.15.1.aarch64"
}
},
{
"category": "product_version",
"name": "libfrr_pb0-8.4-150500.4.15.1.aarch64",
"product": {
"name": "libfrr_pb0-8.4-150500.4.15.1.aarch64",
"product_id": "libfrr_pb0-8.4-150500.4.15.1.aarch64"
}
},
{
"category": "product_version",
"name": "libfrrcares0-8.4-150500.4.15.1.aarch64",
"product": {
"name": "libfrrcares0-8.4-150500.4.15.1.aarch64",
"product_id": "libfrrcares0-8.4-150500.4.15.1.aarch64"
}
},
{
"category": "product_version",
"name": "libfrrfpm_pb0-8.4-150500.4.15.1.aarch64",
"product": {
"name": "libfrrfpm_pb0-8.4-150500.4.15.1.aarch64",
"product_id": "libfrrfpm_pb0-8.4-150500.4.15.1.aarch64"
}
},
{
"category": "product_version",
"name": "libfrrospfapiclient0-8.4-150500.4.15.1.aarch64",
"product": {
"name": "libfrrospfapiclient0-8.4-150500.4.15.1.aarch64",
"product_id": "libfrrospfapiclient0-8.4-150500.4.15.1.aarch64"
}
},
{
"category": "product_version",
"name": "libfrrsnmp0-8.4-150500.4.15.1.aarch64",
"product": {
"name": "libfrrsnmp0-8.4-150500.4.15.1.aarch64",
"product_id": "libfrrsnmp0-8.4-150500.4.15.1.aarch64"
}
},
{
"category": "product_version",
"name": "libfrrzmq0-8.4-150500.4.15.1.aarch64",
"product": {
"name": "libfrrzmq0-8.4-150500.4.15.1.aarch64",
"product_id": "libfrrzmq0-8.4-150500.4.15.1.aarch64"
}
},
{
"category": "product_version",
"name": "libmlag_pb0-8.4-150500.4.15.1.aarch64",
"product": {
"name": "libmlag_pb0-8.4-150500.4.15.1.aarch64",
"product_id": "libmlag_pb0-8.4-150500.4.15.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "frr-8.4-150500.4.15.1.i586",
"product": {
"name": "frr-8.4-150500.4.15.1.i586",
"product_id": "frr-8.4-150500.4.15.1.i586"
}
},
{
"category": "product_version",
"name": "frr-devel-8.4-150500.4.15.1.i586",
"product": {
"name": "frr-devel-8.4-150500.4.15.1.i586",
"product_id": "frr-devel-8.4-150500.4.15.1.i586"
}
},
{
"category": "product_version",
"name": "libfrr0-8.4-150500.4.15.1.i586",
"product": {
"name": "libfrr0-8.4-150500.4.15.1.i586",
"product_id": "libfrr0-8.4-150500.4.15.1.i586"
}
},
{
"category": "product_version",
"name": "libfrr_pb0-8.4-150500.4.15.1.i586",
"product": {
"name": "libfrr_pb0-8.4-150500.4.15.1.i586",
"product_id": "libfrr_pb0-8.4-150500.4.15.1.i586"
}
},
{
"category": "product_version",
"name": "libfrrcares0-8.4-150500.4.15.1.i586",
"product": {
"name": "libfrrcares0-8.4-150500.4.15.1.i586",
"product_id": "libfrrcares0-8.4-150500.4.15.1.i586"
}
},
{
"category": "product_version",
"name": "libfrrfpm_pb0-8.4-150500.4.15.1.i586",
"product": {
"name": "libfrrfpm_pb0-8.4-150500.4.15.1.i586",
"product_id": "libfrrfpm_pb0-8.4-150500.4.15.1.i586"
}
},
{
"category": "product_version",
"name": "libfrrospfapiclient0-8.4-150500.4.15.1.i586",
"product": {
"name": "libfrrospfapiclient0-8.4-150500.4.15.1.i586",
"product_id": "libfrrospfapiclient0-8.4-150500.4.15.1.i586"
}
},
{
"category": "product_version",
"name": "libfrrsnmp0-8.4-150500.4.15.1.i586",
"product": {
"name": "libfrrsnmp0-8.4-150500.4.15.1.i586",
"product_id": "libfrrsnmp0-8.4-150500.4.15.1.i586"
}
},
{
"category": "product_version",
"name": "libfrrzmq0-8.4-150500.4.15.1.i586",
"product": {
"name": "libfrrzmq0-8.4-150500.4.15.1.i586",
"product_id": "libfrrzmq0-8.4-150500.4.15.1.i586"
}
},
{
"category": "product_version",
"name": "libmlag_pb0-8.4-150500.4.15.1.i586",
"product": {
"name": "libmlag_pb0-8.4-150500.4.15.1.i586",
"product_id": "libmlag_pb0-8.4-150500.4.15.1.i586"
}
}
],
"category": "architecture",
"name": "i586"
},
{
"branches": [
{
"category": "product_version",
"name": "frr-8.4-150500.4.15.1.ppc64le",
"product": {
"name": "frr-8.4-150500.4.15.1.ppc64le",
"product_id": "frr-8.4-150500.4.15.1.ppc64le"
}
},
{
"category": "product_version",
"name": "frr-devel-8.4-150500.4.15.1.ppc64le",
"product": {
"name": "frr-devel-8.4-150500.4.15.1.ppc64le",
"product_id": "frr-devel-8.4-150500.4.15.1.ppc64le"
}
},
{
"category": "product_version",
"name": "libfrr0-8.4-150500.4.15.1.ppc64le",
"product": {
"name": "libfrr0-8.4-150500.4.15.1.ppc64le",
"product_id": "libfrr0-8.4-150500.4.15.1.ppc64le"
}
},
{
"category": "product_version",
"name": "libfrr_pb0-8.4-150500.4.15.1.ppc64le",
"product": {
"name": "libfrr_pb0-8.4-150500.4.15.1.ppc64le",
"product_id": "libfrr_pb0-8.4-150500.4.15.1.ppc64le"
}
},
{
"category": "product_version",
"name": "libfrrcares0-8.4-150500.4.15.1.ppc64le",
"product": {
"name": "libfrrcares0-8.4-150500.4.15.1.ppc64le",
"product_id": "libfrrcares0-8.4-150500.4.15.1.ppc64le"
}
},
{
"category": "product_version",
"name": "libfrrfpm_pb0-8.4-150500.4.15.1.ppc64le",
"product": {
"name": "libfrrfpm_pb0-8.4-150500.4.15.1.ppc64le",
"product_id": "libfrrfpm_pb0-8.4-150500.4.15.1.ppc64le"
}
},
{
"category": "product_version",
"name": "libfrrospfapiclient0-8.4-150500.4.15.1.ppc64le",
"product": {
"name": "libfrrospfapiclient0-8.4-150500.4.15.1.ppc64le",
"product_id": "libfrrospfapiclient0-8.4-150500.4.15.1.ppc64le"
}
},
{
"category": "product_version",
"name": "libfrrsnmp0-8.4-150500.4.15.1.ppc64le",
"product": {
"name": "libfrrsnmp0-8.4-150500.4.15.1.ppc64le",
"product_id": "libfrrsnmp0-8.4-150500.4.15.1.ppc64le"
}
},
{
"category": "product_version",
"name": "libfrrzmq0-8.4-150500.4.15.1.ppc64le",
"product": {
"name": "libfrrzmq0-8.4-150500.4.15.1.ppc64le",
"product_id": "libfrrzmq0-8.4-150500.4.15.1.ppc64le"
}
},
{
"category": "product_version",
"name": "libmlag_pb0-8.4-150500.4.15.1.ppc64le",
"product": {
"name": "libmlag_pb0-8.4-150500.4.15.1.ppc64le",
"product_id": "libmlag_pb0-8.4-150500.4.15.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "frr-8.4-150500.4.15.1.s390x",
"product": {
"name": "frr-8.4-150500.4.15.1.s390x",
"product_id": "frr-8.4-150500.4.15.1.s390x"
}
},
{
"category": "product_version",
"name": "frr-devel-8.4-150500.4.15.1.s390x",
"product": {
"name": "frr-devel-8.4-150500.4.15.1.s390x",
"product_id": "frr-devel-8.4-150500.4.15.1.s390x"
}
},
{
"category": "product_version",
"name": "libfrr0-8.4-150500.4.15.1.s390x",
"product": {
"name": "libfrr0-8.4-150500.4.15.1.s390x",
"product_id": "libfrr0-8.4-150500.4.15.1.s390x"
}
},
{
"category": "product_version",
"name": "libfrr_pb0-8.4-150500.4.15.1.s390x",
"product": {
"name": "libfrr_pb0-8.4-150500.4.15.1.s390x",
"product_id": "libfrr_pb0-8.4-150500.4.15.1.s390x"
}
},
{
"category": "product_version",
"name": "libfrrcares0-8.4-150500.4.15.1.s390x",
"product": {
"name": "libfrrcares0-8.4-150500.4.15.1.s390x",
"product_id": "libfrrcares0-8.4-150500.4.15.1.s390x"
}
},
{
"category": "product_version",
"name": "libfrrfpm_pb0-8.4-150500.4.15.1.s390x",
"product": {
"name": "libfrrfpm_pb0-8.4-150500.4.15.1.s390x",
"product_id": "libfrrfpm_pb0-8.4-150500.4.15.1.s390x"
}
},
{
"category": "product_version",
"name": "libfrrospfapiclient0-8.4-150500.4.15.1.s390x",
"product": {
"name": "libfrrospfapiclient0-8.4-150500.4.15.1.s390x",
"product_id": "libfrrospfapiclient0-8.4-150500.4.15.1.s390x"
}
},
{
"category": "product_version",
"name": "libfrrsnmp0-8.4-150500.4.15.1.s390x",
"product": {
"name": "libfrrsnmp0-8.4-150500.4.15.1.s390x",
"product_id": "libfrrsnmp0-8.4-150500.4.15.1.s390x"
}
},
{
"category": "product_version",
"name": "libfrrzmq0-8.4-150500.4.15.1.s390x",
"product": {
"name": "libfrrzmq0-8.4-150500.4.15.1.s390x",
"product_id": "libfrrzmq0-8.4-150500.4.15.1.s390x"
}
},
{
"category": "product_version",
"name": "libmlag_pb0-8.4-150500.4.15.1.s390x",
"product": {
"name": "libmlag_pb0-8.4-150500.4.15.1.s390x",
"product_id": "libmlag_pb0-8.4-150500.4.15.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "frr-8.4-150500.4.15.1.x86_64",
"product": {
"name": "frr-8.4-150500.4.15.1.x86_64",
"product_id": "frr-8.4-150500.4.15.1.x86_64"
}
},
{
"category": "product_version",
"name": "frr-devel-8.4-150500.4.15.1.x86_64",
"product": {
"name": "frr-devel-8.4-150500.4.15.1.x86_64",
"product_id": "frr-devel-8.4-150500.4.15.1.x86_64"
}
},
{
"category": "product_version",
"name": "libfrr0-8.4-150500.4.15.1.x86_64",
"product": {
"name": "libfrr0-8.4-150500.4.15.1.x86_64",
"product_id": "libfrr0-8.4-150500.4.15.1.x86_64"
}
},
{
"category": "product_version",
"name": "libfrr_pb0-8.4-150500.4.15.1.x86_64",
"product": {
"name": "libfrr_pb0-8.4-150500.4.15.1.x86_64",
"product_id": "libfrr_pb0-8.4-150500.4.15.1.x86_64"
}
},
{
"category": "product_version",
"name": "libfrrcares0-8.4-150500.4.15.1.x86_64",
"product": {
"name": "libfrrcares0-8.4-150500.4.15.1.x86_64",
"product_id": "libfrrcares0-8.4-150500.4.15.1.x86_64"
}
},
{
"category": "product_version",
"name": "libfrrfpm_pb0-8.4-150500.4.15.1.x86_64",
"product": {
"name": "libfrrfpm_pb0-8.4-150500.4.15.1.x86_64",
"product_id": "libfrrfpm_pb0-8.4-150500.4.15.1.x86_64"
}
},
{
"category": "product_version",
"name": "libfrrospfapiclient0-8.4-150500.4.15.1.x86_64",
"product": {
"name": "libfrrospfapiclient0-8.4-150500.4.15.1.x86_64",
"product_id": "libfrrospfapiclient0-8.4-150500.4.15.1.x86_64"
}
},
{
"category": "product_version",
"name": "libfrrsnmp0-8.4-150500.4.15.1.x86_64",
"product": {
"name": "libfrrsnmp0-8.4-150500.4.15.1.x86_64",
"product_id": "libfrrsnmp0-8.4-150500.4.15.1.x86_64"
}
},
{
"category": "product_version",
"name": "libfrrzmq0-8.4-150500.4.15.1.x86_64",
"product": {
"name": "libfrrzmq0-8.4-150500.4.15.1.x86_64",
"product_id": "libfrrzmq0-8.4-150500.4.15.1.x86_64"
}
},
{
"category": "product_version",
"name": "libmlag_pb0-8.4-150500.4.15.1.x86_64",
"product": {
"name": "libmlag_pb0-8.4-150500.4.15.1.x86_64",
"product_id": "libmlag_pb0-8.4-150500.4.15.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Module for Server Applications 15 SP5",
"product": {
"name": "SUSE Linux Enterprise Module for Server Applications 15 SP5",
"product_id": "SUSE Linux Enterprise Module for Server Applications 15 SP5",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-server-applications:15:sp5"
}
}
},
{
"category": "product_name",
"name": "openSUSE Leap 15.5",
"product": {
"name": "openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:leap:15.5"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "frr-8.4-150500.4.15.1.aarch64 as component of SUSE Linux Enterprise Module for Server Applications 15 SP5",
"product_id": "SUSE Linux Enterprise Module for Server Applications 15 SP5:frr-8.4-150500.4.15.1.aarch64"
},
"product_reference": "frr-8.4-150500.4.15.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Server Applications 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "frr-8.4-150500.4.15.1.ppc64le as component of SUSE Linux Enterprise Module for Server Applications 15 SP5",
"product_id": "SUSE Linux Enterprise Module for Server Applications 15 SP5:frr-8.4-150500.4.15.1.ppc64le"
},
"product_reference": "frr-8.4-150500.4.15.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Server Applications 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "frr-8.4-150500.4.15.1.s390x as component of SUSE Linux Enterprise Module for Server Applications 15 SP5",
"product_id": "SUSE Linux Enterprise Module for Server Applications 15 SP5:frr-8.4-150500.4.15.1.s390x"
},
"product_reference": "frr-8.4-150500.4.15.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Server Applications 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "frr-8.4-150500.4.15.1.x86_64 as component of SUSE Linux Enterprise Module for Server Applications 15 SP5",
"product_id": "SUSE Linux Enterprise Module for Server Applications 15 SP5:frr-8.4-150500.4.15.1.x86_64"
},
"product_reference": "frr-8.4-150500.4.15.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Server Applications 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "frr-devel-8.4-150500.4.15.1.aarch64 as component of SUSE Linux Enterprise Module for Server Applications 15 SP5",
"product_id": "SUSE Linux Enterprise Module for Server Applications 15 SP5:frr-devel-8.4-150500.4.15.1.aarch64"
},
"product_reference": "frr-devel-8.4-150500.4.15.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Server Applications 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "frr-devel-8.4-150500.4.15.1.ppc64le as component of SUSE Linux Enterprise Module for Server Applications 15 SP5",
"product_id": "SUSE Linux Enterprise Module for Server Applications 15 SP5:frr-devel-8.4-150500.4.15.1.ppc64le"
},
"product_reference": "frr-devel-8.4-150500.4.15.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Server Applications 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "frr-devel-8.4-150500.4.15.1.s390x as component of SUSE Linux Enterprise Module for Server Applications 15 SP5",
"product_id": "SUSE Linux Enterprise Module for Server Applications 15 SP5:frr-devel-8.4-150500.4.15.1.s390x"
},
"product_reference": "frr-devel-8.4-150500.4.15.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Server Applications 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "frr-devel-8.4-150500.4.15.1.x86_64 as component of SUSE Linux Enterprise Module for Server Applications 15 SP5",
"product_id": "SUSE Linux Enterprise Module for Server Applications 15 SP5:frr-devel-8.4-150500.4.15.1.x86_64"
},
"product_reference": "frr-devel-8.4-150500.4.15.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Server Applications 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libfrr0-8.4-150500.4.15.1.aarch64 as component of SUSE Linux Enterprise Module for Server Applications 15 SP5",
"product_id": "SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrr0-8.4-150500.4.15.1.aarch64"
},
"product_reference": "libfrr0-8.4-150500.4.15.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Server Applications 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libfrr0-8.4-150500.4.15.1.ppc64le as component of SUSE Linux Enterprise Module for Server Applications 15 SP5",
"product_id": "SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrr0-8.4-150500.4.15.1.ppc64le"
},
"product_reference": "libfrr0-8.4-150500.4.15.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Server Applications 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libfrr0-8.4-150500.4.15.1.s390x as component of SUSE Linux Enterprise Module for Server Applications 15 SP5",
"product_id": "SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrr0-8.4-150500.4.15.1.s390x"
},
"product_reference": "libfrr0-8.4-150500.4.15.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Server Applications 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libfrr0-8.4-150500.4.15.1.x86_64 as component of SUSE Linux Enterprise Module for Server Applications 15 SP5",
"product_id": "SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrr0-8.4-150500.4.15.1.x86_64"
},
"product_reference": "libfrr0-8.4-150500.4.15.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Server Applications 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libfrr_pb0-8.4-150500.4.15.1.aarch64 as component of SUSE Linux Enterprise Module for Server Applications 15 SP5",
"product_id": "SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrr_pb0-8.4-150500.4.15.1.aarch64"
},
"product_reference": "libfrr_pb0-8.4-150500.4.15.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Server Applications 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libfrr_pb0-8.4-150500.4.15.1.ppc64le as component of SUSE Linux Enterprise Module for Server Applications 15 SP5",
"product_id": "SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrr_pb0-8.4-150500.4.15.1.ppc64le"
},
"product_reference": "libfrr_pb0-8.4-150500.4.15.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Server Applications 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libfrr_pb0-8.4-150500.4.15.1.s390x as component of SUSE Linux Enterprise Module for Server Applications 15 SP5",
"product_id": "SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrr_pb0-8.4-150500.4.15.1.s390x"
},
"product_reference": "libfrr_pb0-8.4-150500.4.15.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Server Applications 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libfrr_pb0-8.4-150500.4.15.1.x86_64 as component of SUSE Linux Enterprise Module for Server Applications 15 SP5",
"product_id": "SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrr_pb0-8.4-150500.4.15.1.x86_64"
},
"product_reference": "libfrr_pb0-8.4-150500.4.15.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Server Applications 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libfrrcares0-8.4-150500.4.15.1.aarch64 as component of SUSE Linux Enterprise Module for Server Applications 15 SP5",
"product_id": "SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrrcares0-8.4-150500.4.15.1.aarch64"
},
"product_reference": "libfrrcares0-8.4-150500.4.15.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Server Applications 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libfrrcares0-8.4-150500.4.15.1.ppc64le as component of SUSE Linux Enterprise Module for Server Applications 15 SP5",
"product_id": "SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrrcares0-8.4-150500.4.15.1.ppc64le"
},
"product_reference": "libfrrcares0-8.4-150500.4.15.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Server Applications 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libfrrcares0-8.4-150500.4.15.1.s390x as component of SUSE Linux Enterprise Module for Server Applications 15 SP5",
"product_id": "SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrrcares0-8.4-150500.4.15.1.s390x"
},
"product_reference": "libfrrcares0-8.4-150500.4.15.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Server Applications 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libfrrcares0-8.4-150500.4.15.1.x86_64 as component of SUSE Linux Enterprise Module for Server Applications 15 SP5",
"product_id": "SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrrcares0-8.4-150500.4.15.1.x86_64"
},
"product_reference": "libfrrcares0-8.4-150500.4.15.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Server Applications 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libfrrfpm_pb0-8.4-150500.4.15.1.aarch64 as component of SUSE Linux Enterprise Module for Server Applications 15 SP5",
"product_id": "SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrrfpm_pb0-8.4-150500.4.15.1.aarch64"
},
"product_reference": "libfrrfpm_pb0-8.4-150500.4.15.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Server Applications 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libfrrfpm_pb0-8.4-150500.4.15.1.ppc64le as component of SUSE Linux Enterprise Module for Server Applications 15 SP5",
"product_id": "SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrrfpm_pb0-8.4-150500.4.15.1.ppc64le"
},
"product_reference": "libfrrfpm_pb0-8.4-150500.4.15.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Server Applications 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libfrrfpm_pb0-8.4-150500.4.15.1.s390x as component of SUSE Linux Enterprise Module for Server Applications 15 SP5",
"product_id": "SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrrfpm_pb0-8.4-150500.4.15.1.s390x"
},
"product_reference": "libfrrfpm_pb0-8.4-150500.4.15.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Server Applications 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libfrrfpm_pb0-8.4-150500.4.15.1.x86_64 as component of SUSE Linux Enterprise Module for Server Applications 15 SP5",
"product_id": "SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrrfpm_pb0-8.4-150500.4.15.1.x86_64"
},
"product_reference": "libfrrfpm_pb0-8.4-150500.4.15.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Server Applications 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libfrrospfapiclient0-8.4-150500.4.15.1.aarch64 as component of SUSE Linux Enterprise Module for Server Applications 15 SP5",
"product_id": "SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrrospfapiclient0-8.4-150500.4.15.1.aarch64"
},
"product_reference": "libfrrospfapiclient0-8.4-150500.4.15.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Server Applications 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libfrrospfapiclient0-8.4-150500.4.15.1.ppc64le as component of SUSE Linux Enterprise Module for Server Applications 15 SP5",
"product_id": "SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrrospfapiclient0-8.4-150500.4.15.1.ppc64le"
},
"product_reference": "libfrrospfapiclient0-8.4-150500.4.15.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Server Applications 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libfrrospfapiclient0-8.4-150500.4.15.1.s390x as component of SUSE Linux Enterprise Module for Server Applications 15 SP5",
"product_id": "SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrrospfapiclient0-8.4-150500.4.15.1.s390x"
},
"product_reference": "libfrrospfapiclient0-8.4-150500.4.15.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Server Applications 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libfrrospfapiclient0-8.4-150500.4.15.1.x86_64 as component of SUSE Linux Enterprise Module for Server Applications 15 SP5",
"product_id": "SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrrospfapiclient0-8.4-150500.4.15.1.x86_64"
},
"product_reference": "libfrrospfapiclient0-8.4-150500.4.15.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Server Applications 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libfrrsnmp0-8.4-150500.4.15.1.aarch64 as component of SUSE Linux Enterprise Module for Server Applications 15 SP5",
"product_id": "SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrrsnmp0-8.4-150500.4.15.1.aarch64"
},
"product_reference": "libfrrsnmp0-8.4-150500.4.15.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Server Applications 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libfrrsnmp0-8.4-150500.4.15.1.ppc64le as component of SUSE Linux Enterprise Module for Server Applications 15 SP5",
"product_id": "SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrrsnmp0-8.4-150500.4.15.1.ppc64le"
},
"product_reference": "libfrrsnmp0-8.4-150500.4.15.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Server Applications 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libfrrsnmp0-8.4-150500.4.15.1.s390x as component of SUSE Linux Enterprise Module for Server Applications 15 SP5",
"product_id": "SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrrsnmp0-8.4-150500.4.15.1.s390x"
},
"product_reference": "libfrrsnmp0-8.4-150500.4.15.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Server Applications 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libfrrsnmp0-8.4-150500.4.15.1.x86_64 as component of SUSE Linux Enterprise Module for Server Applications 15 SP5",
"product_id": "SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrrsnmp0-8.4-150500.4.15.1.x86_64"
},
"product_reference": "libfrrsnmp0-8.4-150500.4.15.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Server Applications 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libfrrzmq0-8.4-150500.4.15.1.aarch64 as component of SUSE Linux Enterprise Module for Server Applications 15 SP5",
"product_id": "SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrrzmq0-8.4-150500.4.15.1.aarch64"
},
"product_reference": "libfrrzmq0-8.4-150500.4.15.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Server Applications 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libfrrzmq0-8.4-150500.4.15.1.ppc64le as component of SUSE Linux Enterprise Module for Server Applications 15 SP5",
"product_id": "SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrrzmq0-8.4-150500.4.15.1.ppc64le"
},
"product_reference": "libfrrzmq0-8.4-150500.4.15.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Server Applications 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libfrrzmq0-8.4-150500.4.15.1.s390x as component of SUSE Linux Enterprise Module for Server Applications 15 SP5",
"product_id": "SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrrzmq0-8.4-150500.4.15.1.s390x"
},
"product_reference": "libfrrzmq0-8.4-150500.4.15.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Server Applications 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libfrrzmq0-8.4-150500.4.15.1.x86_64 as component of SUSE Linux Enterprise Module for Server Applications 15 SP5",
"product_id": "SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrrzmq0-8.4-150500.4.15.1.x86_64"
},
"product_reference": "libfrrzmq0-8.4-150500.4.15.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Server Applications 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libmlag_pb0-8.4-150500.4.15.1.aarch64 as component of SUSE Linux Enterprise Module for Server Applications 15 SP5",
"product_id": "SUSE Linux Enterprise Module for Server Applications 15 SP5:libmlag_pb0-8.4-150500.4.15.1.aarch64"
},
"product_reference": "libmlag_pb0-8.4-150500.4.15.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Server Applications 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libmlag_pb0-8.4-150500.4.15.1.ppc64le as component of SUSE Linux Enterprise Module for Server Applications 15 SP5",
"product_id": "SUSE Linux Enterprise Module for Server Applications 15 SP5:libmlag_pb0-8.4-150500.4.15.1.ppc64le"
},
"product_reference": "libmlag_pb0-8.4-150500.4.15.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Server Applications 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libmlag_pb0-8.4-150500.4.15.1.s390x as component of SUSE Linux Enterprise Module for Server Applications 15 SP5",
"product_id": "SUSE Linux Enterprise Module for Server Applications 15 SP5:libmlag_pb0-8.4-150500.4.15.1.s390x"
},
"product_reference": "libmlag_pb0-8.4-150500.4.15.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Server Applications 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libmlag_pb0-8.4-150500.4.15.1.x86_64 as component of SUSE Linux Enterprise Module for Server Applications 15 SP5",
"product_id": "SUSE Linux Enterprise Module for Server Applications 15 SP5:libmlag_pb0-8.4-150500.4.15.1.x86_64"
},
"product_reference": "libmlag_pb0-8.4-150500.4.15.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Server Applications 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "frr-8.4-150500.4.15.1.aarch64 as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:frr-8.4-150500.4.15.1.aarch64"
},
"product_reference": "frr-8.4-150500.4.15.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "frr-8.4-150500.4.15.1.ppc64le as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:frr-8.4-150500.4.15.1.ppc64le"
},
"product_reference": "frr-8.4-150500.4.15.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "frr-8.4-150500.4.15.1.s390x as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:frr-8.4-150500.4.15.1.s390x"
},
"product_reference": "frr-8.4-150500.4.15.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "frr-8.4-150500.4.15.1.x86_64 as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:frr-8.4-150500.4.15.1.x86_64"
},
"product_reference": "frr-8.4-150500.4.15.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "frr-devel-8.4-150500.4.15.1.aarch64 as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:frr-devel-8.4-150500.4.15.1.aarch64"
},
"product_reference": "frr-devel-8.4-150500.4.15.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "frr-devel-8.4-150500.4.15.1.ppc64le as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:frr-devel-8.4-150500.4.15.1.ppc64le"
},
"product_reference": "frr-devel-8.4-150500.4.15.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "frr-devel-8.4-150500.4.15.1.s390x as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:frr-devel-8.4-150500.4.15.1.s390x"
},
"product_reference": "frr-devel-8.4-150500.4.15.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "frr-devel-8.4-150500.4.15.1.x86_64 as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:frr-devel-8.4-150500.4.15.1.x86_64"
},
"product_reference": "frr-devel-8.4-150500.4.15.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libfrr0-8.4-150500.4.15.1.aarch64 as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:libfrr0-8.4-150500.4.15.1.aarch64"
},
"product_reference": "libfrr0-8.4-150500.4.15.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libfrr0-8.4-150500.4.15.1.ppc64le as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:libfrr0-8.4-150500.4.15.1.ppc64le"
},
"product_reference": "libfrr0-8.4-150500.4.15.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libfrr0-8.4-150500.4.15.1.s390x as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:libfrr0-8.4-150500.4.15.1.s390x"
},
"product_reference": "libfrr0-8.4-150500.4.15.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libfrr0-8.4-150500.4.15.1.x86_64 as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:libfrr0-8.4-150500.4.15.1.x86_64"
},
"product_reference": "libfrr0-8.4-150500.4.15.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libfrr_pb0-8.4-150500.4.15.1.aarch64 as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:libfrr_pb0-8.4-150500.4.15.1.aarch64"
},
"product_reference": "libfrr_pb0-8.4-150500.4.15.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libfrr_pb0-8.4-150500.4.15.1.ppc64le as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:libfrr_pb0-8.4-150500.4.15.1.ppc64le"
},
"product_reference": "libfrr_pb0-8.4-150500.4.15.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libfrr_pb0-8.4-150500.4.15.1.s390x as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:libfrr_pb0-8.4-150500.4.15.1.s390x"
},
"product_reference": "libfrr_pb0-8.4-150500.4.15.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libfrr_pb0-8.4-150500.4.15.1.x86_64 as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:libfrr_pb0-8.4-150500.4.15.1.x86_64"
},
"product_reference": "libfrr_pb0-8.4-150500.4.15.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libfrrcares0-8.4-150500.4.15.1.aarch64 as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:libfrrcares0-8.4-150500.4.15.1.aarch64"
},
"product_reference": "libfrrcares0-8.4-150500.4.15.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libfrrcares0-8.4-150500.4.15.1.ppc64le as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:libfrrcares0-8.4-150500.4.15.1.ppc64le"
},
"product_reference": "libfrrcares0-8.4-150500.4.15.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libfrrcares0-8.4-150500.4.15.1.s390x as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:libfrrcares0-8.4-150500.4.15.1.s390x"
},
"product_reference": "libfrrcares0-8.4-150500.4.15.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libfrrcares0-8.4-150500.4.15.1.x86_64 as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:libfrrcares0-8.4-150500.4.15.1.x86_64"
},
"product_reference": "libfrrcares0-8.4-150500.4.15.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libfrrfpm_pb0-8.4-150500.4.15.1.aarch64 as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:libfrrfpm_pb0-8.4-150500.4.15.1.aarch64"
},
"product_reference": "libfrrfpm_pb0-8.4-150500.4.15.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libfrrfpm_pb0-8.4-150500.4.15.1.ppc64le as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:libfrrfpm_pb0-8.4-150500.4.15.1.ppc64le"
},
"product_reference": "libfrrfpm_pb0-8.4-150500.4.15.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libfrrfpm_pb0-8.4-150500.4.15.1.s390x as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:libfrrfpm_pb0-8.4-150500.4.15.1.s390x"
},
"product_reference": "libfrrfpm_pb0-8.4-150500.4.15.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libfrrfpm_pb0-8.4-150500.4.15.1.x86_64 as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:libfrrfpm_pb0-8.4-150500.4.15.1.x86_64"
},
"product_reference": "libfrrfpm_pb0-8.4-150500.4.15.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libfrrospfapiclient0-8.4-150500.4.15.1.aarch64 as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:libfrrospfapiclient0-8.4-150500.4.15.1.aarch64"
},
"product_reference": "libfrrospfapiclient0-8.4-150500.4.15.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libfrrospfapiclient0-8.4-150500.4.15.1.ppc64le as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:libfrrospfapiclient0-8.4-150500.4.15.1.ppc64le"
},
"product_reference": "libfrrospfapiclient0-8.4-150500.4.15.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libfrrospfapiclient0-8.4-150500.4.15.1.s390x as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:libfrrospfapiclient0-8.4-150500.4.15.1.s390x"
},
"product_reference": "libfrrospfapiclient0-8.4-150500.4.15.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libfrrospfapiclient0-8.4-150500.4.15.1.x86_64 as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:libfrrospfapiclient0-8.4-150500.4.15.1.x86_64"
},
"product_reference": "libfrrospfapiclient0-8.4-150500.4.15.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libfrrsnmp0-8.4-150500.4.15.1.aarch64 as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:libfrrsnmp0-8.4-150500.4.15.1.aarch64"
},
"product_reference": "libfrrsnmp0-8.4-150500.4.15.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libfrrsnmp0-8.4-150500.4.15.1.ppc64le as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:libfrrsnmp0-8.4-150500.4.15.1.ppc64le"
},
"product_reference": "libfrrsnmp0-8.4-150500.4.15.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libfrrsnmp0-8.4-150500.4.15.1.s390x as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:libfrrsnmp0-8.4-150500.4.15.1.s390x"
},
"product_reference": "libfrrsnmp0-8.4-150500.4.15.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libfrrsnmp0-8.4-150500.4.15.1.x86_64 as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:libfrrsnmp0-8.4-150500.4.15.1.x86_64"
},
"product_reference": "libfrrsnmp0-8.4-150500.4.15.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libfrrzmq0-8.4-150500.4.15.1.aarch64 as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:libfrrzmq0-8.4-150500.4.15.1.aarch64"
},
"product_reference": "libfrrzmq0-8.4-150500.4.15.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libfrrzmq0-8.4-150500.4.15.1.ppc64le as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:libfrrzmq0-8.4-150500.4.15.1.ppc64le"
},
"product_reference": "libfrrzmq0-8.4-150500.4.15.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libfrrzmq0-8.4-150500.4.15.1.s390x as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:libfrrzmq0-8.4-150500.4.15.1.s390x"
},
"product_reference": "libfrrzmq0-8.4-150500.4.15.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libfrrzmq0-8.4-150500.4.15.1.x86_64 as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:libfrrzmq0-8.4-150500.4.15.1.x86_64"
},
"product_reference": "libfrrzmq0-8.4-150500.4.15.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libmlag_pb0-8.4-150500.4.15.1.aarch64 as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:libmlag_pb0-8.4-150500.4.15.1.aarch64"
},
"product_reference": "libmlag_pb0-8.4-150500.4.15.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libmlag_pb0-8.4-150500.4.15.1.ppc64le as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:libmlag_pb0-8.4-150500.4.15.1.ppc64le"
},
"product_reference": "libmlag_pb0-8.4-150500.4.15.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libmlag_pb0-8.4-150500.4.15.1.s390x as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:libmlag_pb0-8.4-150500.4.15.1.s390x"
},
"product_reference": "libmlag_pb0-8.4-150500.4.15.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libmlag_pb0-8.4-150500.4.15.1.x86_64 as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:libmlag_pb0-8.4-150500.4.15.1.x86_64"
},
"product_reference": "libmlag_pb0-8.4-150500.4.15.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.5"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-38406",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-38406"
}
],
"notes": [
{
"category": "general",
"text": "bgpd/bgp_flowspec.c in FRRouting (FRR) before 8.4.3 mishandles an nlri length of zero, aka a \"flowspec overflow.\"",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Server Applications 15 SP5:frr-8.4-150500.4.15.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:frr-8.4-150500.4.15.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:frr-8.4-150500.4.15.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:frr-8.4-150500.4.15.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:frr-devel-8.4-150500.4.15.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:frr-devel-8.4-150500.4.15.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:frr-devel-8.4-150500.4.15.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:frr-devel-8.4-150500.4.15.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrr0-8.4-150500.4.15.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrr0-8.4-150500.4.15.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrr0-8.4-150500.4.15.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrr0-8.4-150500.4.15.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrr_pb0-8.4-150500.4.15.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrr_pb0-8.4-150500.4.15.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrr_pb0-8.4-150500.4.15.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrr_pb0-8.4-150500.4.15.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrrcares0-8.4-150500.4.15.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrrcares0-8.4-150500.4.15.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrrcares0-8.4-150500.4.15.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrrcares0-8.4-150500.4.15.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrrfpm_pb0-8.4-150500.4.15.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrrfpm_pb0-8.4-150500.4.15.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrrfpm_pb0-8.4-150500.4.15.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrrfpm_pb0-8.4-150500.4.15.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrrospfapiclient0-8.4-150500.4.15.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrrospfapiclient0-8.4-150500.4.15.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrrospfapiclient0-8.4-150500.4.15.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrrospfapiclient0-8.4-150500.4.15.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrrsnmp0-8.4-150500.4.15.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrrsnmp0-8.4-150500.4.15.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrrsnmp0-8.4-150500.4.15.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrrsnmp0-8.4-150500.4.15.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrrzmq0-8.4-150500.4.15.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrrzmq0-8.4-150500.4.15.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrrzmq0-8.4-150500.4.15.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrrzmq0-8.4-150500.4.15.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libmlag_pb0-8.4-150500.4.15.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libmlag_pb0-8.4-150500.4.15.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libmlag_pb0-8.4-150500.4.15.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libmlag_pb0-8.4-150500.4.15.1.x86_64",
"openSUSE Leap 15.5:frr-8.4-150500.4.15.1.aarch64",
"openSUSE Leap 15.5:frr-8.4-150500.4.15.1.ppc64le",
"openSUSE Leap 15.5:frr-8.4-150500.4.15.1.s390x",
"openSUSE Leap 15.5:frr-8.4-150500.4.15.1.x86_64",
"openSUSE Leap 15.5:frr-devel-8.4-150500.4.15.1.aarch64",
"openSUSE Leap 15.5:frr-devel-8.4-150500.4.15.1.ppc64le",
"openSUSE Leap 15.5:frr-devel-8.4-150500.4.15.1.s390x",
"openSUSE Leap 15.5:frr-devel-8.4-150500.4.15.1.x86_64",
"openSUSE Leap 15.5:libfrr0-8.4-150500.4.15.1.aarch64",
"openSUSE Leap 15.5:libfrr0-8.4-150500.4.15.1.ppc64le",
"openSUSE Leap 15.5:libfrr0-8.4-150500.4.15.1.s390x",
"openSUSE Leap 15.5:libfrr0-8.4-150500.4.15.1.x86_64",
"openSUSE Leap 15.5:libfrr_pb0-8.4-150500.4.15.1.aarch64",
"openSUSE Leap 15.5:libfrr_pb0-8.4-150500.4.15.1.ppc64le",
"openSUSE Leap 15.5:libfrr_pb0-8.4-150500.4.15.1.s390x",
"openSUSE Leap 15.5:libfrr_pb0-8.4-150500.4.15.1.x86_64",
"openSUSE Leap 15.5:libfrrcares0-8.4-150500.4.15.1.aarch64",
"openSUSE Leap 15.5:libfrrcares0-8.4-150500.4.15.1.ppc64le",
"openSUSE Leap 15.5:libfrrcares0-8.4-150500.4.15.1.s390x",
"openSUSE Leap 15.5:libfrrcares0-8.4-150500.4.15.1.x86_64",
"openSUSE Leap 15.5:libfrrfpm_pb0-8.4-150500.4.15.1.aarch64",
"openSUSE Leap 15.5:libfrrfpm_pb0-8.4-150500.4.15.1.ppc64le",
"openSUSE Leap 15.5:libfrrfpm_pb0-8.4-150500.4.15.1.s390x",
"openSUSE Leap 15.5:libfrrfpm_pb0-8.4-150500.4.15.1.x86_64",
"openSUSE Leap 15.5:libfrrospfapiclient0-8.4-150500.4.15.1.aarch64",
"openSUSE Leap 15.5:libfrrospfapiclient0-8.4-150500.4.15.1.ppc64le",
"openSUSE Leap 15.5:libfrrospfapiclient0-8.4-150500.4.15.1.s390x",
"openSUSE Leap 15.5:libfrrospfapiclient0-8.4-150500.4.15.1.x86_64",
"openSUSE Leap 15.5:libfrrsnmp0-8.4-150500.4.15.1.aarch64",
"openSUSE Leap 15.5:libfrrsnmp0-8.4-150500.4.15.1.ppc64le",
"openSUSE Leap 15.5:libfrrsnmp0-8.4-150500.4.15.1.s390x",
"openSUSE Leap 15.5:libfrrsnmp0-8.4-150500.4.15.1.x86_64",
"openSUSE Leap 15.5:libfrrzmq0-8.4-150500.4.15.1.aarch64",
"openSUSE Leap 15.5:libfrrzmq0-8.4-150500.4.15.1.ppc64le",
"openSUSE Leap 15.5:libfrrzmq0-8.4-150500.4.15.1.s390x",
"openSUSE Leap 15.5:libfrrzmq0-8.4-150500.4.15.1.x86_64",
"openSUSE Leap 15.5:libmlag_pb0-8.4-150500.4.15.1.aarch64",
"openSUSE Leap 15.5:libmlag_pb0-8.4-150500.4.15.1.ppc64le",
"openSUSE Leap 15.5:libmlag_pb0-8.4-150500.4.15.1.s390x",
"openSUSE Leap 15.5:libmlag_pb0-8.4-150500.4.15.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-38406",
"url": "https://www.suse.com/security/cve/CVE-2023-38406"
},
{
"category": "external",
"summary": "SUSE Bug 1216900 for CVE-2023-38406",
"url": "https://bugzilla.suse.com/1216900"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Server Applications 15 SP5:frr-8.4-150500.4.15.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:frr-8.4-150500.4.15.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:frr-8.4-150500.4.15.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:frr-8.4-150500.4.15.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:frr-devel-8.4-150500.4.15.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:frr-devel-8.4-150500.4.15.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:frr-devel-8.4-150500.4.15.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:frr-devel-8.4-150500.4.15.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrr0-8.4-150500.4.15.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrr0-8.4-150500.4.15.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrr0-8.4-150500.4.15.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrr0-8.4-150500.4.15.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrr_pb0-8.4-150500.4.15.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrr_pb0-8.4-150500.4.15.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrr_pb0-8.4-150500.4.15.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrr_pb0-8.4-150500.4.15.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrrcares0-8.4-150500.4.15.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrrcares0-8.4-150500.4.15.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrrcares0-8.4-150500.4.15.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrrcares0-8.4-150500.4.15.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrrfpm_pb0-8.4-150500.4.15.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrrfpm_pb0-8.4-150500.4.15.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrrfpm_pb0-8.4-150500.4.15.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrrfpm_pb0-8.4-150500.4.15.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrrospfapiclient0-8.4-150500.4.15.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrrospfapiclient0-8.4-150500.4.15.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrrospfapiclient0-8.4-150500.4.15.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrrospfapiclient0-8.4-150500.4.15.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrrsnmp0-8.4-150500.4.15.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrrsnmp0-8.4-150500.4.15.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrrsnmp0-8.4-150500.4.15.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrrsnmp0-8.4-150500.4.15.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrrzmq0-8.4-150500.4.15.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrrzmq0-8.4-150500.4.15.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrrzmq0-8.4-150500.4.15.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrrzmq0-8.4-150500.4.15.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libmlag_pb0-8.4-150500.4.15.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libmlag_pb0-8.4-150500.4.15.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libmlag_pb0-8.4-150500.4.15.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libmlag_pb0-8.4-150500.4.15.1.x86_64",
"openSUSE Leap 15.5:frr-8.4-150500.4.15.1.aarch64",
"openSUSE Leap 15.5:frr-8.4-150500.4.15.1.ppc64le",
"openSUSE Leap 15.5:frr-8.4-150500.4.15.1.s390x",
"openSUSE Leap 15.5:frr-8.4-150500.4.15.1.x86_64",
"openSUSE Leap 15.5:frr-devel-8.4-150500.4.15.1.aarch64",
"openSUSE Leap 15.5:frr-devel-8.4-150500.4.15.1.ppc64le",
"openSUSE Leap 15.5:frr-devel-8.4-150500.4.15.1.s390x",
"openSUSE Leap 15.5:frr-devel-8.4-150500.4.15.1.x86_64",
"openSUSE Leap 15.5:libfrr0-8.4-150500.4.15.1.aarch64",
"openSUSE Leap 15.5:libfrr0-8.4-150500.4.15.1.ppc64le",
"openSUSE Leap 15.5:libfrr0-8.4-150500.4.15.1.s390x",
"openSUSE Leap 15.5:libfrr0-8.4-150500.4.15.1.x86_64",
"openSUSE Leap 15.5:libfrr_pb0-8.4-150500.4.15.1.aarch64",
"openSUSE Leap 15.5:libfrr_pb0-8.4-150500.4.15.1.ppc64le",
"openSUSE Leap 15.5:libfrr_pb0-8.4-150500.4.15.1.s390x",
"openSUSE Leap 15.5:libfrr_pb0-8.4-150500.4.15.1.x86_64",
"openSUSE Leap 15.5:libfrrcares0-8.4-150500.4.15.1.aarch64",
"openSUSE Leap 15.5:libfrrcares0-8.4-150500.4.15.1.ppc64le",
"openSUSE Leap 15.5:libfrrcares0-8.4-150500.4.15.1.s390x",
"openSUSE Leap 15.5:libfrrcares0-8.4-150500.4.15.1.x86_64",
"openSUSE Leap 15.5:libfrrfpm_pb0-8.4-150500.4.15.1.aarch64",
"openSUSE Leap 15.5:libfrrfpm_pb0-8.4-150500.4.15.1.ppc64le",
"openSUSE Leap 15.5:libfrrfpm_pb0-8.4-150500.4.15.1.s390x",
"openSUSE Leap 15.5:libfrrfpm_pb0-8.4-150500.4.15.1.x86_64",
"openSUSE Leap 15.5:libfrrospfapiclient0-8.4-150500.4.15.1.aarch64",
"openSUSE Leap 15.5:libfrrospfapiclient0-8.4-150500.4.15.1.ppc64le",
"openSUSE Leap 15.5:libfrrospfapiclient0-8.4-150500.4.15.1.s390x",
"openSUSE Leap 15.5:libfrrospfapiclient0-8.4-150500.4.15.1.x86_64",
"openSUSE Leap 15.5:libfrrsnmp0-8.4-150500.4.15.1.aarch64",
"openSUSE Leap 15.5:libfrrsnmp0-8.4-150500.4.15.1.ppc64le",
"openSUSE Leap 15.5:libfrrsnmp0-8.4-150500.4.15.1.s390x",
"openSUSE Leap 15.5:libfrrsnmp0-8.4-150500.4.15.1.x86_64",
"openSUSE Leap 15.5:libfrrzmq0-8.4-150500.4.15.1.aarch64",
"openSUSE Leap 15.5:libfrrzmq0-8.4-150500.4.15.1.ppc64le",
"openSUSE Leap 15.5:libfrrzmq0-8.4-150500.4.15.1.s390x",
"openSUSE Leap 15.5:libfrrzmq0-8.4-150500.4.15.1.x86_64",
"openSUSE Leap 15.5:libmlag_pb0-8.4-150500.4.15.1.aarch64",
"openSUSE Leap 15.5:libmlag_pb0-8.4-150500.4.15.1.ppc64le",
"openSUSE Leap 15.5:libmlag_pb0-8.4-150500.4.15.1.s390x",
"openSUSE Leap 15.5:libmlag_pb0-8.4-150500.4.15.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Server Applications 15 SP5:frr-8.4-150500.4.15.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:frr-8.4-150500.4.15.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:frr-8.4-150500.4.15.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:frr-8.4-150500.4.15.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:frr-devel-8.4-150500.4.15.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:frr-devel-8.4-150500.4.15.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:frr-devel-8.4-150500.4.15.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:frr-devel-8.4-150500.4.15.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrr0-8.4-150500.4.15.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrr0-8.4-150500.4.15.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrr0-8.4-150500.4.15.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrr0-8.4-150500.4.15.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrr_pb0-8.4-150500.4.15.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrr_pb0-8.4-150500.4.15.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrr_pb0-8.4-150500.4.15.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrr_pb0-8.4-150500.4.15.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrrcares0-8.4-150500.4.15.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrrcares0-8.4-150500.4.15.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrrcares0-8.4-150500.4.15.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrrcares0-8.4-150500.4.15.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrrfpm_pb0-8.4-150500.4.15.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrrfpm_pb0-8.4-150500.4.15.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrrfpm_pb0-8.4-150500.4.15.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrrfpm_pb0-8.4-150500.4.15.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrrospfapiclient0-8.4-150500.4.15.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrrospfapiclient0-8.4-150500.4.15.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrrospfapiclient0-8.4-150500.4.15.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrrospfapiclient0-8.4-150500.4.15.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrrsnmp0-8.4-150500.4.15.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrrsnmp0-8.4-150500.4.15.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrrsnmp0-8.4-150500.4.15.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrrsnmp0-8.4-150500.4.15.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrrzmq0-8.4-150500.4.15.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrrzmq0-8.4-150500.4.15.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrrzmq0-8.4-150500.4.15.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrrzmq0-8.4-150500.4.15.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libmlag_pb0-8.4-150500.4.15.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libmlag_pb0-8.4-150500.4.15.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libmlag_pb0-8.4-150500.4.15.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libmlag_pb0-8.4-150500.4.15.1.x86_64",
"openSUSE Leap 15.5:frr-8.4-150500.4.15.1.aarch64",
"openSUSE Leap 15.5:frr-8.4-150500.4.15.1.ppc64le",
"openSUSE Leap 15.5:frr-8.4-150500.4.15.1.s390x",
"openSUSE Leap 15.5:frr-8.4-150500.4.15.1.x86_64",
"openSUSE Leap 15.5:frr-devel-8.4-150500.4.15.1.aarch64",
"openSUSE Leap 15.5:frr-devel-8.4-150500.4.15.1.ppc64le",
"openSUSE Leap 15.5:frr-devel-8.4-150500.4.15.1.s390x",
"openSUSE Leap 15.5:frr-devel-8.4-150500.4.15.1.x86_64",
"openSUSE Leap 15.5:libfrr0-8.4-150500.4.15.1.aarch64",
"openSUSE Leap 15.5:libfrr0-8.4-150500.4.15.1.ppc64le",
"openSUSE Leap 15.5:libfrr0-8.4-150500.4.15.1.s390x",
"openSUSE Leap 15.5:libfrr0-8.4-150500.4.15.1.x86_64",
"openSUSE Leap 15.5:libfrr_pb0-8.4-150500.4.15.1.aarch64",
"openSUSE Leap 15.5:libfrr_pb0-8.4-150500.4.15.1.ppc64le",
"openSUSE Leap 15.5:libfrr_pb0-8.4-150500.4.15.1.s390x",
"openSUSE Leap 15.5:libfrr_pb0-8.4-150500.4.15.1.x86_64",
"openSUSE Leap 15.5:libfrrcares0-8.4-150500.4.15.1.aarch64",
"openSUSE Leap 15.5:libfrrcares0-8.4-150500.4.15.1.ppc64le",
"openSUSE Leap 15.5:libfrrcares0-8.4-150500.4.15.1.s390x",
"openSUSE Leap 15.5:libfrrcares0-8.4-150500.4.15.1.x86_64",
"openSUSE Leap 15.5:libfrrfpm_pb0-8.4-150500.4.15.1.aarch64",
"openSUSE Leap 15.5:libfrrfpm_pb0-8.4-150500.4.15.1.ppc64le",
"openSUSE Leap 15.5:libfrrfpm_pb0-8.4-150500.4.15.1.s390x",
"openSUSE Leap 15.5:libfrrfpm_pb0-8.4-150500.4.15.1.x86_64",
"openSUSE Leap 15.5:libfrrospfapiclient0-8.4-150500.4.15.1.aarch64",
"openSUSE Leap 15.5:libfrrospfapiclient0-8.4-150500.4.15.1.ppc64le",
"openSUSE Leap 15.5:libfrrospfapiclient0-8.4-150500.4.15.1.s390x",
"openSUSE Leap 15.5:libfrrospfapiclient0-8.4-150500.4.15.1.x86_64",
"openSUSE Leap 15.5:libfrrsnmp0-8.4-150500.4.15.1.aarch64",
"openSUSE Leap 15.5:libfrrsnmp0-8.4-150500.4.15.1.ppc64le",
"openSUSE Leap 15.5:libfrrsnmp0-8.4-150500.4.15.1.s390x",
"openSUSE Leap 15.5:libfrrsnmp0-8.4-150500.4.15.1.x86_64",
"openSUSE Leap 15.5:libfrrzmq0-8.4-150500.4.15.1.aarch64",
"openSUSE Leap 15.5:libfrrzmq0-8.4-150500.4.15.1.ppc64le",
"openSUSE Leap 15.5:libfrrzmq0-8.4-150500.4.15.1.s390x",
"openSUSE Leap 15.5:libfrrzmq0-8.4-150500.4.15.1.x86_64",
"openSUSE Leap 15.5:libmlag_pb0-8.4-150500.4.15.1.aarch64",
"openSUSE Leap 15.5:libmlag_pb0-8.4-150500.4.15.1.ppc64le",
"openSUSE Leap 15.5:libmlag_pb0-8.4-150500.4.15.1.s390x",
"openSUSE Leap 15.5:libmlag_pb0-8.4-150500.4.15.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-12-06T12:27:39Z",
"details": "moderate"
}
],
"title": "CVE-2023-38406"
},
{
"cve": "CVE-2023-38407",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-38407"
}
],
"notes": [
{
"category": "general",
"text": "bgpd/bgp_label.c in FRRouting (FRR) before 8.5 attempts to read beyond the end of the stream during labeled unicast parsing.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Server Applications 15 SP5:frr-8.4-150500.4.15.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:frr-8.4-150500.4.15.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:frr-8.4-150500.4.15.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:frr-8.4-150500.4.15.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:frr-devel-8.4-150500.4.15.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:frr-devel-8.4-150500.4.15.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:frr-devel-8.4-150500.4.15.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:frr-devel-8.4-150500.4.15.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrr0-8.4-150500.4.15.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrr0-8.4-150500.4.15.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrr0-8.4-150500.4.15.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrr0-8.4-150500.4.15.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrr_pb0-8.4-150500.4.15.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrr_pb0-8.4-150500.4.15.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrr_pb0-8.4-150500.4.15.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrr_pb0-8.4-150500.4.15.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrrcares0-8.4-150500.4.15.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrrcares0-8.4-150500.4.15.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrrcares0-8.4-150500.4.15.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrrcares0-8.4-150500.4.15.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrrfpm_pb0-8.4-150500.4.15.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrrfpm_pb0-8.4-150500.4.15.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrrfpm_pb0-8.4-150500.4.15.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrrfpm_pb0-8.4-150500.4.15.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrrospfapiclient0-8.4-150500.4.15.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrrospfapiclient0-8.4-150500.4.15.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrrospfapiclient0-8.4-150500.4.15.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrrospfapiclient0-8.4-150500.4.15.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrrsnmp0-8.4-150500.4.15.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrrsnmp0-8.4-150500.4.15.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrrsnmp0-8.4-150500.4.15.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrrsnmp0-8.4-150500.4.15.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrrzmq0-8.4-150500.4.15.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrrzmq0-8.4-150500.4.15.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrrzmq0-8.4-150500.4.15.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrrzmq0-8.4-150500.4.15.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libmlag_pb0-8.4-150500.4.15.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libmlag_pb0-8.4-150500.4.15.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libmlag_pb0-8.4-150500.4.15.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libmlag_pb0-8.4-150500.4.15.1.x86_64",
"openSUSE Leap 15.5:frr-8.4-150500.4.15.1.aarch64",
"openSUSE Leap 15.5:frr-8.4-150500.4.15.1.ppc64le",
"openSUSE Leap 15.5:frr-8.4-150500.4.15.1.s390x",
"openSUSE Leap 15.5:frr-8.4-150500.4.15.1.x86_64",
"openSUSE Leap 15.5:frr-devel-8.4-150500.4.15.1.aarch64",
"openSUSE Leap 15.5:frr-devel-8.4-150500.4.15.1.ppc64le",
"openSUSE Leap 15.5:frr-devel-8.4-150500.4.15.1.s390x",
"openSUSE Leap 15.5:frr-devel-8.4-150500.4.15.1.x86_64",
"openSUSE Leap 15.5:libfrr0-8.4-150500.4.15.1.aarch64",
"openSUSE Leap 15.5:libfrr0-8.4-150500.4.15.1.ppc64le",
"openSUSE Leap 15.5:libfrr0-8.4-150500.4.15.1.s390x",
"openSUSE Leap 15.5:libfrr0-8.4-150500.4.15.1.x86_64",
"openSUSE Leap 15.5:libfrr_pb0-8.4-150500.4.15.1.aarch64",
"openSUSE Leap 15.5:libfrr_pb0-8.4-150500.4.15.1.ppc64le",
"openSUSE Leap 15.5:libfrr_pb0-8.4-150500.4.15.1.s390x",
"openSUSE Leap 15.5:libfrr_pb0-8.4-150500.4.15.1.x86_64",
"openSUSE Leap 15.5:libfrrcares0-8.4-150500.4.15.1.aarch64",
"openSUSE Leap 15.5:libfrrcares0-8.4-150500.4.15.1.ppc64le",
"openSUSE Leap 15.5:libfrrcares0-8.4-150500.4.15.1.s390x",
"openSUSE Leap 15.5:libfrrcares0-8.4-150500.4.15.1.x86_64",
"openSUSE Leap 15.5:libfrrfpm_pb0-8.4-150500.4.15.1.aarch64",
"openSUSE Leap 15.5:libfrrfpm_pb0-8.4-150500.4.15.1.ppc64le",
"openSUSE Leap 15.5:libfrrfpm_pb0-8.4-150500.4.15.1.s390x",
"openSUSE Leap 15.5:libfrrfpm_pb0-8.4-150500.4.15.1.x86_64",
"openSUSE Leap 15.5:libfrrospfapiclient0-8.4-150500.4.15.1.aarch64",
"openSUSE Leap 15.5:libfrrospfapiclient0-8.4-150500.4.15.1.ppc64le",
"openSUSE Leap 15.5:libfrrospfapiclient0-8.4-150500.4.15.1.s390x",
"openSUSE Leap 15.5:libfrrospfapiclient0-8.4-150500.4.15.1.x86_64",
"openSUSE Leap 15.5:libfrrsnmp0-8.4-150500.4.15.1.aarch64",
"openSUSE Leap 15.5:libfrrsnmp0-8.4-150500.4.15.1.ppc64le",
"openSUSE Leap 15.5:libfrrsnmp0-8.4-150500.4.15.1.s390x",
"openSUSE Leap 15.5:libfrrsnmp0-8.4-150500.4.15.1.x86_64",
"openSUSE Leap 15.5:libfrrzmq0-8.4-150500.4.15.1.aarch64",
"openSUSE Leap 15.5:libfrrzmq0-8.4-150500.4.15.1.ppc64le",
"openSUSE Leap 15.5:libfrrzmq0-8.4-150500.4.15.1.s390x",
"openSUSE Leap 15.5:libfrrzmq0-8.4-150500.4.15.1.x86_64",
"openSUSE Leap 15.5:libmlag_pb0-8.4-150500.4.15.1.aarch64",
"openSUSE Leap 15.5:libmlag_pb0-8.4-150500.4.15.1.ppc64le",
"openSUSE Leap 15.5:libmlag_pb0-8.4-150500.4.15.1.s390x",
"openSUSE Leap 15.5:libmlag_pb0-8.4-150500.4.15.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-38407",
"url": "https://www.suse.com/security/cve/CVE-2023-38407"
},
{
"category": "external",
"summary": "SUSE Bug 1216899 for CVE-2023-38407",
"url": "https://bugzilla.suse.com/1216899"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Server Applications 15 SP5:frr-8.4-150500.4.15.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:frr-8.4-150500.4.15.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:frr-8.4-150500.4.15.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:frr-8.4-150500.4.15.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:frr-devel-8.4-150500.4.15.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:frr-devel-8.4-150500.4.15.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:frr-devel-8.4-150500.4.15.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:frr-devel-8.4-150500.4.15.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrr0-8.4-150500.4.15.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrr0-8.4-150500.4.15.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrr0-8.4-150500.4.15.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrr0-8.4-150500.4.15.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrr_pb0-8.4-150500.4.15.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrr_pb0-8.4-150500.4.15.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrr_pb0-8.4-150500.4.15.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrr_pb0-8.4-150500.4.15.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrrcares0-8.4-150500.4.15.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrrcares0-8.4-150500.4.15.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrrcares0-8.4-150500.4.15.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrrcares0-8.4-150500.4.15.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrrfpm_pb0-8.4-150500.4.15.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrrfpm_pb0-8.4-150500.4.15.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrrfpm_pb0-8.4-150500.4.15.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrrfpm_pb0-8.4-150500.4.15.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrrospfapiclient0-8.4-150500.4.15.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrrospfapiclient0-8.4-150500.4.15.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrrospfapiclient0-8.4-150500.4.15.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrrospfapiclient0-8.4-150500.4.15.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrrsnmp0-8.4-150500.4.15.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrrsnmp0-8.4-150500.4.15.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrrsnmp0-8.4-150500.4.15.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrrsnmp0-8.4-150500.4.15.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrrzmq0-8.4-150500.4.15.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrrzmq0-8.4-150500.4.15.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrrzmq0-8.4-150500.4.15.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrrzmq0-8.4-150500.4.15.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libmlag_pb0-8.4-150500.4.15.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libmlag_pb0-8.4-150500.4.15.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libmlag_pb0-8.4-150500.4.15.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libmlag_pb0-8.4-150500.4.15.1.x86_64",
"openSUSE Leap 15.5:frr-8.4-150500.4.15.1.aarch64",
"openSUSE Leap 15.5:frr-8.4-150500.4.15.1.ppc64le",
"openSUSE Leap 15.5:frr-8.4-150500.4.15.1.s390x",
"openSUSE Leap 15.5:frr-8.4-150500.4.15.1.x86_64",
"openSUSE Leap 15.5:frr-devel-8.4-150500.4.15.1.aarch64",
"openSUSE Leap 15.5:frr-devel-8.4-150500.4.15.1.ppc64le",
"openSUSE Leap 15.5:frr-devel-8.4-150500.4.15.1.s390x",
"openSUSE Leap 15.5:frr-devel-8.4-150500.4.15.1.x86_64",
"openSUSE Leap 15.5:libfrr0-8.4-150500.4.15.1.aarch64",
"openSUSE Leap 15.5:libfrr0-8.4-150500.4.15.1.ppc64le",
"openSUSE Leap 15.5:libfrr0-8.4-150500.4.15.1.s390x",
"openSUSE Leap 15.5:libfrr0-8.4-150500.4.15.1.x86_64",
"openSUSE Leap 15.5:libfrr_pb0-8.4-150500.4.15.1.aarch64",
"openSUSE Leap 15.5:libfrr_pb0-8.4-150500.4.15.1.ppc64le",
"openSUSE Leap 15.5:libfrr_pb0-8.4-150500.4.15.1.s390x",
"openSUSE Leap 15.5:libfrr_pb0-8.4-150500.4.15.1.x86_64",
"openSUSE Leap 15.5:libfrrcares0-8.4-150500.4.15.1.aarch64",
"openSUSE Leap 15.5:libfrrcares0-8.4-150500.4.15.1.ppc64le",
"openSUSE Leap 15.5:libfrrcares0-8.4-150500.4.15.1.s390x",
"openSUSE Leap 15.5:libfrrcares0-8.4-150500.4.15.1.x86_64",
"openSUSE Leap 15.5:libfrrfpm_pb0-8.4-150500.4.15.1.aarch64",
"openSUSE Leap 15.5:libfrrfpm_pb0-8.4-150500.4.15.1.ppc64le",
"openSUSE Leap 15.5:libfrrfpm_pb0-8.4-150500.4.15.1.s390x",
"openSUSE Leap 15.5:libfrrfpm_pb0-8.4-150500.4.15.1.x86_64",
"openSUSE Leap 15.5:libfrrospfapiclient0-8.4-150500.4.15.1.aarch64",
"openSUSE Leap 15.5:libfrrospfapiclient0-8.4-150500.4.15.1.ppc64le",
"openSUSE Leap 15.5:libfrrospfapiclient0-8.4-150500.4.15.1.s390x",
"openSUSE Leap 15.5:libfrrospfapiclient0-8.4-150500.4.15.1.x86_64",
"openSUSE Leap 15.5:libfrrsnmp0-8.4-150500.4.15.1.aarch64",
"openSUSE Leap 15.5:libfrrsnmp0-8.4-150500.4.15.1.ppc64le",
"openSUSE Leap 15.5:libfrrsnmp0-8.4-150500.4.15.1.s390x",
"openSUSE Leap 15.5:libfrrsnmp0-8.4-150500.4.15.1.x86_64",
"openSUSE Leap 15.5:libfrrzmq0-8.4-150500.4.15.1.aarch64",
"openSUSE Leap 15.5:libfrrzmq0-8.4-150500.4.15.1.ppc64le",
"openSUSE Leap 15.5:libfrrzmq0-8.4-150500.4.15.1.s390x",
"openSUSE Leap 15.5:libfrrzmq0-8.4-150500.4.15.1.x86_64",
"openSUSE Leap 15.5:libmlag_pb0-8.4-150500.4.15.1.aarch64",
"openSUSE Leap 15.5:libmlag_pb0-8.4-150500.4.15.1.ppc64le",
"openSUSE Leap 15.5:libmlag_pb0-8.4-150500.4.15.1.s390x",
"openSUSE Leap 15.5:libmlag_pb0-8.4-150500.4.15.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Server Applications 15 SP5:frr-8.4-150500.4.15.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:frr-8.4-150500.4.15.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:frr-8.4-150500.4.15.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:frr-8.4-150500.4.15.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:frr-devel-8.4-150500.4.15.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:frr-devel-8.4-150500.4.15.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:frr-devel-8.4-150500.4.15.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:frr-devel-8.4-150500.4.15.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrr0-8.4-150500.4.15.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrr0-8.4-150500.4.15.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrr0-8.4-150500.4.15.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrr0-8.4-150500.4.15.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrr_pb0-8.4-150500.4.15.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrr_pb0-8.4-150500.4.15.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrr_pb0-8.4-150500.4.15.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrr_pb0-8.4-150500.4.15.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrrcares0-8.4-150500.4.15.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrrcares0-8.4-150500.4.15.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrrcares0-8.4-150500.4.15.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrrcares0-8.4-150500.4.15.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrrfpm_pb0-8.4-150500.4.15.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrrfpm_pb0-8.4-150500.4.15.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrrfpm_pb0-8.4-150500.4.15.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrrfpm_pb0-8.4-150500.4.15.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrrospfapiclient0-8.4-150500.4.15.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrrospfapiclient0-8.4-150500.4.15.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrrospfapiclient0-8.4-150500.4.15.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrrospfapiclient0-8.4-150500.4.15.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrrsnmp0-8.4-150500.4.15.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrrsnmp0-8.4-150500.4.15.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrrsnmp0-8.4-150500.4.15.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrrsnmp0-8.4-150500.4.15.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrrzmq0-8.4-150500.4.15.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrrzmq0-8.4-150500.4.15.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrrzmq0-8.4-150500.4.15.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrrzmq0-8.4-150500.4.15.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libmlag_pb0-8.4-150500.4.15.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libmlag_pb0-8.4-150500.4.15.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libmlag_pb0-8.4-150500.4.15.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libmlag_pb0-8.4-150500.4.15.1.x86_64",
"openSUSE Leap 15.5:frr-8.4-150500.4.15.1.aarch64",
"openSUSE Leap 15.5:frr-8.4-150500.4.15.1.ppc64le",
"openSUSE Leap 15.5:frr-8.4-150500.4.15.1.s390x",
"openSUSE Leap 15.5:frr-8.4-150500.4.15.1.x86_64",
"openSUSE Leap 15.5:frr-devel-8.4-150500.4.15.1.aarch64",
"openSUSE Leap 15.5:frr-devel-8.4-150500.4.15.1.ppc64le",
"openSUSE Leap 15.5:frr-devel-8.4-150500.4.15.1.s390x",
"openSUSE Leap 15.5:frr-devel-8.4-150500.4.15.1.x86_64",
"openSUSE Leap 15.5:libfrr0-8.4-150500.4.15.1.aarch64",
"openSUSE Leap 15.5:libfrr0-8.4-150500.4.15.1.ppc64le",
"openSUSE Leap 15.5:libfrr0-8.4-150500.4.15.1.s390x",
"openSUSE Leap 15.5:libfrr0-8.4-150500.4.15.1.x86_64",
"openSUSE Leap 15.5:libfrr_pb0-8.4-150500.4.15.1.aarch64",
"openSUSE Leap 15.5:libfrr_pb0-8.4-150500.4.15.1.ppc64le",
"openSUSE Leap 15.5:libfrr_pb0-8.4-150500.4.15.1.s390x",
"openSUSE Leap 15.5:libfrr_pb0-8.4-150500.4.15.1.x86_64",
"openSUSE Leap 15.5:libfrrcares0-8.4-150500.4.15.1.aarch64",
"openSUSE Leap 15.5:libfrrcares0-8.4-150500.4.15.1.ppc64le",
"openSUSE Leap 15.5:libfrrcares0-8.4-150500.4.15.1.s390x",
"openSUSE Leap 15.5:libfrrcares0-8.4-150500.4.15.1.x86_64",
"openSUSE Leap 15.5:libfrrfpm_pb0-8.4-150500.4.15.1.aarch64",
"openSUSE Leap 15.5:libfrrfpm_pb0-8.4-150500.4.15.1.ppc64le",
"openSUSE Leap 15.5:libfrrfpm_pb0-8.4-150500.4.15.1.s390x",
"openSUSE Leap 15.5:libfrrfpm_pb0-8.4-150500.4.15.1.x86_64",
"openSUSE Leap 15.5:libfrrospfapiclient0-8.4-150500.4.15.1.aarch64",
"openSUSE Leap 15.5:libfrrospfapiclient0-8.4-150500.4.15.1.ppc64le",
"openSUSE Leap 15.5:libfrrospfapiclient0-8.4-150500.4.15.1.s390x",
"openSUSE Leap 15.5:libfrrospfapiclient0-8.4-150500.4.15.1.x86_64",
"openSUSE Leap 15.5:libfrrsnmp0-8.4-150500.4.15.1.aarch64",
"openSUSE Leap 15.5:libfrrsnmp0-8.4-150500.4.15.1.ppc64le",
"openSUSE Leap 15.5:libfrrsnmp0-8.4-150500.4.15.1.s390x",
"openSUSE Leap 15.5:libfrrsnmp0-8.4-150500.4.15.1.x86_64",
"openSUSE Leap 15.5:libfrrzmq0-8.4-150500.4.15.1.aarch64",
"openSUSE Leap 15.5:libfrrzmq0-8.4-150500.4.15.1.ppc64le",
"openSUSE Leap 15.5:libfrrzmq0-8.4-150500.4.15.1.s390x",
"openSUSE Leap 15.5:libfrrzmq0-8.4-150500.4.15.1.x86_64",
"openSUSE Leap 15.5:libmlag_pb0-8.4-150500.4.15.1.aarch64",
"openSUSE Leap 15.5:libmlag_pb0-8.4-150500.4.15.1.ppc64le",
"openSUSE Leap 15.5:libmlag_pb0-8.4-150500.4.15.1.s390x",
"openSUSE Leap 15.5:libmlag_pb0-8.4-150500.4.15.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-12-06T12:27:39Z",
"details": "moderate"
}
],
"title": "CVE-2023-38407"
},
{
"cve": "CVE-2023-47234",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-47234"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in FRRouting FRR through 9.0.1. A crash can occur when processing a crafted BGP UPDATE message with a MP_UNREACH_NLRI attribute and additional NLRI data (that lacks mandatory path attributes).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Server Applications 15 SP5:frr-8.4-150500.4.15.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:frr-8.4-150500.4.15.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:frr-8.4-150500.4.15.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:frr-8.4-150500.4.15.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:frr-devel-8.4-150500.4.15.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:frr-devel-8.4-150500.4.15.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:frr-devel-8.4-150500.4.15.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:frr-devel-8.4-150500.4.15.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrr0-8.4-150500.4.15.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrr0-8.4-150500.4.15.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrr0-8.4-150500.4.15.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrr0-8.4-150500.4.15.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrr_pb0-8.4-150500.4.15.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrr_pb0-8.4-150500.4.15.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrr_pb0-8.4-150500.4.15.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrr_pb0-8.4-150500.4.15.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrrcares0-8.4-150500.4.15.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrrcares0-8.4-150500.4.15.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrrcares0-8.4-150500.4.15.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrrcares0-8.4-150500.4.15.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrrfpm_pb0-8.4-150500.4.15.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrrfpm_pb0-8.4-150500.4.15.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrrfpm_pb0-8.4-150500.4.15.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrrfpm_pb0-8.4-150500.4.15.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrrospfapiclient0-8.4-150500.4.15.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrrospfapiclient0-8.4-150500.4.15.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrrospfapiclient0-8.4-150500.4.15.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrrospfapiclient0-8.4-150500.4.15.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrrsnmp0-8.4-150500.4.15.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrrsnmp0-8.4-150500.4.15.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrrsnmp0-8.4-150500.4.15.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrrsnmp0-8.4-150500.4.15.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrrzmq0-8.4-150500.4.15.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrrzmq0-8.4-150500.4.15.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrrzmq0-8.4-150500.4.15.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrrzmq0-8.4-150500.4.15.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libmlag_pb0-8.4-150500.4.15.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libmlag_pb0-8.4-150500.4.15.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libmlag_pb0-8.4-150500.4.15.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libmlag_pb0-8.4-150500.4.15.1.x86_64",
"openSUSE Leap 15.5:frr-8.4-150500.4.15.1.aarch64",
"openSUSE Leap 15.5:frr-8.4-150500.4.15.1.ppc64le",
"openSUSE Leap 15.5:frr-8.4-150500.4.15.1.s390x",
"openSUSE Leap 15.5:frr-8.4-150500.4.15.1.x86_64",
"openSUSE Leap 15.5:frr-devel-8.4-150500.4.15.1.aarch64",
"openSUSE Leap 15.5:frr-devel-8.4-150500.4.15.1.ppc64le",
"openSUSE Leap 15.5:frr-devel-8.4-150500.4.15.1.s390x",
"openSUSE Leap 15.5:frr-devel-8.4-150500.4.15.1.x86_64",
"openSUSE Leap 15.5:libfrr0-8.4-150500.4.15.1.aarch64",
"openSUSE Leap 15.5:libfrr0-8.4-150500.4.15.1.ppc64le",
"openSUSE Leap 15.5:libfrr0-8.4-150500.4.15.1.s390x",
"openSUSE Leap 15.5:libfrr0-8.4-150500.4.15.1.x86_64",
"openSUSE Leap 15.5:libfrr_pb0-8.4-150500.4.15.1.aarch64",
"openSUSE Leap 15.5:libfrr_pb0-8.4-150500.4.15.1.ppc64le",
"openSUSE Leap 15.5:libfrr_pb0-8.4-150500.4.15.1.s390x",
"openSUSE Leap 15.5:libfrr_pb0-8.4-150500.4.15.1.x86_64",
"openSUSE Leap 15.5:libfrrcares0-8.4-150500.4.15.1.aarch64",
"openSUSE Leap 15.5:libfrrcares0-8.4-150500.4.15.1.ppc64le",
"openSUSE Leap 15.5:libfrrcares0-8.4-150500.4.15.1.s390x",
"openSUSE Leap 15.5:libfrrcares0-8.4-150500.4.15.1.x86_64",
"openSUSE Leap 15.5:libfrrfpm_pb0-8.4-150500.4.15.1.aarch64",
"openSUSE Leap 15.5:libfrrfpm_pb0-8.4-150500.4.15.1.ppc64le",
"openSUSE Leap 15.5:libfrrfpm_pb0-8.4-150500.4.15.1.s390x",
"openSUSE Leap 15.5:libfrrfpm_pb0-8.4-150500.4.15.1.x86_64",
"openSUSE Leap 15.5:libfrrospfapiclient0-8.4-150500.4.15.1.aarch64",
"openSUSE Leap 15.5:libfrrospfapiclient0-8.4-150500.4.15.1.ppc64le",
"openSUSE Leap 15.5:libfrrospfapiclient0-8.4-150500.4.15.1.s390x",
"openSUSE Leap 15.5:libfrrospfapiclient0-8.4-150500.4.15.1.x86_64",
"openSUSE Leap 15.5:libfrrsnmp0-8.4-150500.4.15.1.aarch64",
"openSUSE Leap 15.5:libfrrsnmp0-8.4-150500.4.15.1.ppc64le",
"openSUSE Leap 15.5:libfrrsnmp0-8.4-150500.4.15.1.s390x",
"openSUSE Leap 15.5:libfrrsnmp0-8.4-150500.4.15.1.x86_64",
"openSUSE Leap 15.5:libfrrzmq0-8.4-150500.4.15.1.aarch64",
"openSUSE Leap 15.5:libfrrzmq0-8.4-150500.4.15.1.ppc64le",
"openSUSE Leap 15.5:libfrrzmq0-8.4-150500.4.15.1.s390x",
"openSUSE Leap 15.5:libfrrzmq0-8.4-150500.4.15.1.x86_64",
"openSUSE Leap 15.5:libmlag_pb0-8.4-150500.4.15.1.aarch64",
"openSUSE Leap 15.5:libmlag_pb0-8.4-150500.4.15.1.ppc64le",
"openSUSE Leap 15.5:libmlag_pb0-8.4-150500.4.15.1.s390x",
"openSUSE Leap 15.5:libmlag_pb0-8.4-150500.4.15.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-47234",
"url": "https://www.suse.com/security/cve/CVE-2023-47234"
},
{
"category": "external",
"summary": "SUSE Bug 1216897 for CVE-2023-47234",
"url": "https://bugzilla.suse.com/1216897"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Server Applications 15 SP5:frr-8.4-150500.4.15.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:frr-8.4-150500.4.15.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:frr-8.4-150500.4.15.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:frr-8.4-150500.4.15.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:frr-devel-8.4-150500.4.15.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:frr-devel-8.4-150500.4.15.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:frr-devel-8.4-150500.4.15.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:frr-devel-8.4-150500.4.15.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrr0-8.4-150500.4.15.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrr0-8.4-150500.4.15.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrr0-8.4-150500.4.15.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrr0-8.4-150500.4.15.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrr_pb0-8.4-150500.4.15.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrr_pb0-8.4-150500.4.15.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrr_pb0-8.4-150500.4.15.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrr_pb0-8.4-150500.4.15.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrrcares0-8.4-150500.4.15.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrrcares0-8.4-150500.4.15.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrrcares0-8.4-150500.4.15.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrrcares0-8.4-150500.4.15.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrrfpm_pb0-8.4-150500.4.15.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrrfpm_pb0-8.4-150500.4.15.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrrfpm_pb0-8.4-150500.4.15.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrrfpm_pb0-8.4-150500.4.15.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrrospfapiclient0-8.4-150500.4.15.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrrospfapiclient0-8.4-150500.4.15.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrrospfapiclient0-8.4-150500.4.15.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrrospfapiclient0-8.4-150500.4.15.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrrsnmp0-8.4-150500.4.15.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrrsnmp0-8.4-150500.4.15.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrrsnmp0-8.4-150500.4.15.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrrsnmp0-8.4-150500.4.15.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrrzmq0-8.4-150500.4.15.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrrzmq0-8.4-150500.4.15.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrrzmq0-8.4-150500.4.15.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrrzmq0-8.4-150500.4.15.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libmlag_pb0-8.4-150500.4.15.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libmlag_pb0-8.4-150500.4.15.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libmlag_pb0-8.4-150500.4.15.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libmlag_pb0-8.4-150500.4.15.1.x86_64",
"openSUSE Leap 15.5:frr-8.4-150500.4.15.1.aarch64",
"openSUSE Leap 15.5:frr-8.4-150500.4.15.1.ppc64le",
"openSUSE Leap 15.5:frr-8.4-150500.4.15.1.s390x",
"openSUSE Leap 15.5:frr-8.4-150500.4.15.1.x86_64",
"openSUSE Leap 15.5:frr-devel-8.4-150500.4.15.1.aarch64",
"openSUSE Leap 15.5:frr-devel-8.4-150500.4.15.1.ppc64le",
"openSUSE Leap 15.5:frr-devel-8.4-150500.4.15.1.s390x",
"openSUSE Leap 15.5:frr-devel-8.4-150500.4.15.1.x86_64",
"openSUSE Leap 15.5:libfrr0-8.4-150500.4.15.1.aarch64",
"openSUSE Leap 15.5:libfrr0-8.4-150500.4.15.1.ppc64le",
"openSUSE Leap 15.5:libfrr0-8.4-150500.4.15.1.s390x",
"openSUSE Leap 15.5:libfrr0-8.4-150500.4.15.1.x86_64",
"openSUSE Leap 15.5:libfrr_pb0-8.4-150500.4.15.1.aarch64",
"openSUSE Leap 15.5:libfrr_pb0-8.4-150500.4.15.1.ppc64le",
"openSUSE Leap 15.5:libfrr_pb0-8.4-150500.4.15.1.s390x",
"openSUSE Leap 15.5:libfrr_pb0-8.4-150500.4.15.1.x86_64",
"openSUSE Leap 15.5:libfrrcares0-8.4-150500.4.15.1.aarch64",
"openSUSE Leap 15.5:libfrrcares0-8.4-150500.4.15.1.ppc64le",
"openSUSE Leap 15.5:libfrrcares0-8.4-150500.4.15.1.s390x",
"openSUSE Leap 15.5:libfrrcares0-8.4-150500.4.15.1.x86_64",
"openSUSE Leap 15.5:libfrrfpm_pb0-8.4-150500.4.15.1.aarch64",
"openSUSE Leap 15.5:libfrrfpm_pb0-8.4-150500.4.15.1.ppc64le",
"openSUSE Leap 15.5:libfrrfpm_pb0-8.4-150500.4.15.1.s390x",
"openSUSE Leap 15.5:libfrrfpm_pb0-8.4-150500.4.15.1.x86_64",
"openSUSE Leap 15.5:libfrrospfapiclient0-8.4-150500.4.15.1.aarch64",
"openSUSE Leap 15.5:libfrrospfapiclient0-8.4-150500.4.15.1.ppc64le",
"openSUSE Leap 15.5:libfrrospfapiclient0-8.4-150500.4.15.1.s390x",
"openSUSE Leap 15.5:libfrrospfapiclient0-8.4-150500.4.15.1.x86_64",
"openSUSE Leap 15.5:libfrrsnmp0-8.4-150500.4.15.1.aarch64",
"openSUSE Leap 15.5:libfrrsnmp0-8.4-150500.4.15.1.ppc64le",
"openSUSE Leap 15.5:libfrrsnmp0-8.4-150500.4.15.1.s390x",
"openSUSE Leap 15.5:libfrrsnmp0-8.4-150500.4.15.1.x86_64",
"openSUSE Leap 15.5:libfrrzmq0-8.4-150500.4.15.1.aarch64",
"openSUSE Leap 15.5:libfrrzmq0-8.4-150500.4.15.1.ppc64le",
"openSUSE Leap 15.5:libfrrzmq0-8.4-150500.4.15.1.s390x",
"openSUSE Leap 15.5:libfrrzmq0-8.4-150500.4.15.1.x86_64",
"openSUSE Leap 15.5:libmlag_pb0-8.4-150500.4.15.1.aarch64",
"openSUSE Leap 15.5:libmlag_pb0-8.4-150500.4.15.1.ppc64le",
"openSUSE Leap 15.5:libmlag_pb0-8.4-150500.4.15.1.s390x",
"openSUSE Leap 15.5:libmlag_pb0-8.4-150500.4.15.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Server Applications 15 SP5:frr-8.4-150500.4.15.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:frr-8.4-150500.4.15.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:frr-8.4-150500.4.15.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:frr-8.4-150500.4.15.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:frr-devel-8.4-150500.4.15.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:frr-devel-8.4-150500.4.15.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:frr-devel-8.4-150500.4.15.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:frr-devel-8.4-150500.4.15.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrr0-8.4-150500.4.15.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrr0-8.4-150500.4.15.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrr0-8.4-150500.4.15.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrr0-8.4-150500.4.15.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrr_pb0-8.4-150500.4.15.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrr_pb0-8.4-150500.4.15.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrr_pb0-8.4-150500.4.15.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrr_pb0-8.4-150500.4.15.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrrcares0-8.4-150500.4.15.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrrcares0-8.4-150500.4.15.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrrcares0-8.4-150500.4.15.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrrcares0-8.4-150500.4.15.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrrfpm_pb0-8.4-150500.4.15.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrrfpm_pb0-8.4-150500.4.15.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrrfpm_pb0-8.4-150500.4.15.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrrfpm_pb0-8.4-150500.4.15.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrrospfapiclient0-8.4-150500.4.15.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrrospfapiclient0-8.4-150500.4.15.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrrospfapiclient0-8.4-150500.4.15.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrrospfapiclient0-8.4-150500.4.15.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrrsnmp0-8.4-150500.4.15.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrrsnmp0-8.4-150500.4.15.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrrsnmp0-8.4-150500.4.15.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrrsnmp0-8.4-150500.4.15.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrrzmq0-8.4-150500.4.15.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrrzmq0-8.4-150500.4.15.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrrzmq0-8.4-150500.4.15.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrrzmq0-8.4-150500.4.15.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libmlag_pb0-8.4-150500.4.15.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libmlag_pb0-8.4-150500.4.15.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libmlag_pb0-8.4-150500.4.15.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libmlag_pb0-8.4-150500.4.15.1.x86_64",
"openSUSE Leap 15.5:frr-8.4-150500.4.15.1.aarch64",
"openSUSE Leap 15.5:frr-8.4-150500.4.15.1.ppc64le",
"openSUSE Leap 15.5:frr-8.4-150500.4.15.1.s390x",
"openSUSE Leap 15.5:frr-8.4-150500.4.15.1.x86_64",
"openSUSE Leap 15.5:frr-devel-8.4-150500.4.15.1.aarch64",
"openSUSE Leap 15.5:frr-devel-8.4-150500.4.15.1.ppc64le",
"openSUSE Leap 15.5:frr-devel-8.4-150500.4.15.1.s390x",
"openSUSE Leap 15.5:frr-devel-8.4-150500.4.15.1.x86_64",
"openSUSE Leap 15.5:libfrr0-8.4-150500.4.15.1.aarch64",
"openSUSE Leap 15.5:libfrr0-8.4-150500.4.15.1.ppc64le",
"openSUSE Leap 15.5:libfrr0-8.4-150500.4.15.1.s390x",
"openSUSE Leap 15.5:libfrr0-8.4-150500.4.15.1.x86_64",
"openSUSE Leap 15.5:libfrr_pb0-8.4-150500.4.15.1.aarch64",
"openSUSE Leap 15.5:libfrr_pb0-8.4-150500.4.15.1.ppc64le",
"openSUSE Leap 15.5:libfrr_pb0-8.4-150500.4.15.1.s390x",
"openSUSE Leap 15.5:libfrr_pb0-8.4-150500.4.15.1.x86_64",
"openSUSE Leap 15.5:libfrrcares0-8.4-150500.4.15.1.aarch64",
"openSUSE Leap 15.5:libfrrcares0-8.4-150500.4.15.1.ppc64le",
"openSUSE Leap 15.5:libfrrcares0-8.4-150500.4.15.1.s390x",
"openSUSE Leap 15.5:libfrrcares0-8.4-150500.4.15.1.x86_64",
"openSUSE Leap 15.5:libfrrfpm_pb0-8.4-150500.4.15.1.aarch64",
"openSUSE Leap 15.5:libfrrfpm_pb0-8.4-150500.4.15.1.ppc64le",
"openSUSE Leap 15.5:libfrrfpm_pb0-8.4-150500.4.15.1.s390x",
"openSUSE Leap 15.5:libfrrfpm_pb0-8.4-150500.4.15.1.x86_64",
"openSUSE Leap 15.5:libfrrospfapiclient0-8.4-150500.4.15.1.aarch64",
"openSUSE Leap 15.5:libfrrospfapiclient0-8.4-150500.4.15.1.ppc64le",
"openSUSE Leap 15.5:libfrrospfapiclient0-8.4-150500.4.15.1.s390x",
"openSUSE Leap 15.5:libfrrospfapiclient0-8.4-150500.4.15.1.x86_64",
"openSUSE Leap 15.5:libfrrsnmp0-8.4-150500.4.15.1.aarch64",
"openSUSE Leap 15.5:libfrrsnmp0-8.4-150500.4.15.1.ppc64le",
"openSUSE Leap 15.5:libfrrsnmp0-8.4-150500.4.15.1.s390x",
"openSUSE Leap 15.5:libfrrsnmp0-8.4-150500.4.15.1.x86_64",
"openSUSE Leap 15.5:libfrrzmq0-8.4-150500.4.15.1.aarch64",
"openSUSE Leap 15.5:libfrrzmq0-8.4-150500.4.15.1.ppc64le",
"openSUSE Leap 15.5:libfrrzmq0-8.4-150500.4.15.1.s390x",
"openSUSE Leap 15.5:libfrrzmq0-8.4-150500.4.15.1.x86_64",
"openSUSE Leap 15.5:libmlag_pb0-8.4-150500.4.15.1.aarch64",
"openSUSE Leap 15.5:libmlag_pb0-8.4-150500.4.15.1.ppc64le",
"openSUSE Leap 15.5:libmlag_pb0-8.4-150500.4.15.1.s390x",
"openSUSE Leap 15.5:libmlag_pb0-8.4-150500.4.15.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-12-06T12:27:39Z",
"details": "important"
}
],
"title": "CVE-2023-47234"
},
{
"cve": "CVE-2023-47235",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-47235"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in FRRouting FRR through 9.0.1. A crash can occur when a malformed BGP UPDATE message with an EOR is processed, because the presence of EOR does not lead to a treat-as-withdraw outcome.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Server Applications 15 SP5:frr-8.4-150500.4.15.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:frr-8.4-150500.4.15.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:frr-8.4-150500.4.15.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:frr-8.4-150500.4.15.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:frr-devel-8.4-150500.4.15.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:frr-devel-8.4-150500.4.15.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:frr-devel-8.4-150500.4.15.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:frr-devel-8.4-150500.4.15.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrr0-8.4-150500.4.15.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrr0-8.4-150500.4.15.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrr0-8.4-150500.4.15.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrr0-8.4-150500.4.15.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrr_pb0-8.4-150500.4.15.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrr_pb0-8.4-150500.4.15.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrr_pb0-8.4-150500.4.15.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrr_pb0-8.4-150500.4.15.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrrcares0-8.4-150500.4.15.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrrcares0-8.4-150500.4.15.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrrcares0-8.4-150500.4.15.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrrcares0-8.4-150500.4.15.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrrfpm_pb0-8.4-150500.4.15.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrrfpm_pb0-8.4-150500.4.15.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrrfpm_pb0-8.4-150500.4.15.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrrfpm_pb0-8.4-150500.4.15.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrrospfapiclient0-8.4-150500.4.15.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrrospfapiclient0-8.4-150500.4.15.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrrospfapiclient0-8.4-150500.4.15.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrrospfapiclient0-8.4-150500.4.15.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrrsnmp0-8.4-150500.4.15.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrrsnmp0-8.4-150500.4.15.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrrsnmp0-8.4-150500.4.15.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrrsnmp0-8.4-150500.4.15.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrrzmq0-8.4-150500.4.15.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrrzmq0-8.4-150500.4.15.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrrzmq0-8.4-150500.4.15.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrrzmq0-8.4-150500.4.15.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libmlag_pb0-8.4-150500.4.15.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libmlag_pb0-8.4-150500.4.15.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libmlag_pb0-8.4-150500.4.15.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libmlag_pb0-8.4-150500.4.15.1.x86_64",
"openSUSE Leap 15.5:frr-8.4-150500.4.15.1.aarch64",
"openSUSE Leap 15.5:frr-8.4-150500.4.15.1.ppc64le",
"openSUSE Leap 15.5:frr-8.4-150500.4.15.1.s390x",
"openSUSE Leap 15.5:frr-8.4-150500.4.15.1.x86_64",
"openSUSE Leap 15.5:frr-devel-8.4-150500.4.15.1.aarch64",
"openSUSE Leap 15.5:frr-devel-8.4-150500.4.15.1.ppc64le",
"openSUSE Leap 15.5:frr-devel-8.4-150500.4.15.1.s390x",
"openSUSE Leap 15.5:frr-devel-8.4-150500.4.15.1.x86_64",
"openSUSE Leap 15.5:libfrr0-8.4-150500.4.15.1.aarch64",
"openSUSE Leap 15.5:libfrr0-8.4-150500.4.15.1.ppc64le",
"openSUSE Leap 15.5:libfrr0-8.4-150500.4.15.1.s390x",
"openSUSE Leap 15.5:libfrr0-8.4-150500.4.15.1.x86_64",
"openSUSE Leap 15.5:libfrr_pb0-8.4-150500.4.15.1.aarch64",
"openSUSE Leap 15.5:libfrr_pb0-8.4-150500.4.15.1.ppc64le",
"openSUSE Leap 15.5:libfrr_pb0-8.4-150500.4.15.1.s390x",
"openSUSE Leap 15.5:libfrr_pb0-8.4-150500.4.15.1.x86_64",
"openSUSE Leap 15.5:libfrrcares0-8.4-150500.4.15.1.aarch64",
"openSUSE Leap 15.5:libfrrcares0-8.4-150500.4.15.1.ppc64le",
"openSUSE Leap 15.5:libfrrcares0-8.4-150500.4.15.1.s390x",
"openSUSE Leap 15.5:libfrrcares0-8.4-150500.4.15.1.x86_64",
"openSUSE Leap 15.5:libfrrfpm_pb0-8.4-150500.4.15.1.aarch64",
"openSUSE Leap 15.5:libfrrfpm_pb0-8.4-150500.4.15.1.ppc64le",
"openSUSE Leap 15.5:libfrrfpm_pb0-8.4-150500.4.15.1.s390x",
"openSUSE Leap 15.5:libfrrfpm_pb0-8.4-150500.4.15.1.x86_64",
"openSUSE Leap 15.5:libfrrospfapiclient0-8.4-150500.4.15.1.aarch64",
"openSUSE Leap 15.5:libfrrospfapiclient0-8.4-150500.4.15.1.ppc64le",
"openSUSE Leap 15.5:libfrrospfapiclient0-8.4-150500.4.15.1.s390x",
"openSUSE Leap 15.5:libfrrospfapiclient0-8.4-150500.4.15.1.x86_64",
"openSUSE Leap 15.5:libfrrsnmp0-8.4-150500.4.15.1.aarch64",
"openSUSE Leap 15.5:libfrrsnmp0-8.4-150500.4.15.1.ppc64le",
"openSUSE Leap 15.5:libfrrsnmp0-8.4-150500.4.15.1.s390x",
"openSUSE Leap 15.5:libfrrsnmp0-8.4-150500.4.15.1.x86_64",
"openSUSE Leap 15.5:libfrrzmq0-8.4-150500.4.15.1.aarch64",
"openSUSE Leap 15.5:libfrrzmq0-8.4-150500.4.15.1.ppc64le",
"openSUSE Leap 15.5:libfrrzmq0-8.4-150500.4.15.1.s390x",
"openSUSE Leap 15.5:libfrrzmq0-8.4-150500.4.15.1.x86_64",
"openSUSE Leap 15.5:libmlag_pb0-8.4-150500.4.15.1.aarch64",
"openSUSE Leap 15.5:libmlag_pb0-8.4-150500.4.15.1.ppc64le",
"openSUSE Leap 15.5:libmlag_pb0-8.4-150500.4.15.1.s390x",
"openSUSE Leap 15.5:libmlag_pb0-8.4-150500.4.15.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-47235",
"url": "https://www.suse.com/security/cve/CVE-2023-47235"
},
{
"category": "external",
"summary": "SUSE Bug 1216896 for CVE-2023-47235",
"url": "https://bugzilla.suse.com/1216896"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Server Applications 15 SP5:frr-8.4-150500.4.15.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:frr-8.4-150500.4.15.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:frr-8.4-150500.4.15.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:frr-8.4-150500.4.15.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:frr-devel-8.4-150500.4.15.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:frr-devel-8.4-150500.4.15.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:frr-devel-8.4-150500.4.15.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:frr-devel-8.4-150500.4.15.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrr0-8.4-150500.4.15.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrr0-8.4-150500.4.15.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrr0-8.4-150500.4.15.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrr0-8.4-150500.4.15.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrr_pb0-8.4-150500.4.15.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrr_pb0-8.4-150500.4.15.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrr_pb0-8.4-150500.4.15.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrr_pb0-8.4-150500.4.15.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrrcares0-8.4-150500.4.15.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrrcares0-8.4-150500.4.15.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrrcares0-8.4-150500.4.15.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrrcares0-8.4-150500.4.15.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrrfpm_pb0-8.4-150500.4.15.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrrfpm_pb0-8.4-150500.4.15.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrrfpm_pb0-8.4-150500.4.15.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrrfpm_pb0-8.4-150500.4.15.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrrospfapiclient0-8.4-150500.4.15.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrrospfapiclient0-8.4-150500.4.15.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrrospfapiclient0-8.4-150500.4.15.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrrospfapiclient0-8.4-150500.4.15.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrrsnmp0-8.4-150500.4.15.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrrsnmp0-8.4-150500.4.15.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrrsnmp0-8.4-150500.4.15.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrrsnmp0-8.4-150500.4.15.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrrzmq0-8.4-150500.4.15.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrrzmq0-8.4-150500.4.15.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrrzmq0-8.4-150500.4.15.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrrzmq0-8.4-150500.4.15.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libmlag_pb0-8.4-150500.4.15.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libmlag_pb0-8.4-150500.4.15.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libmlag_pb0-8.4-150500.4.15.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libmlag_pb0-8.4-150500.4.15.1.x86_64",
"openSUSE Leap 15.5:frr-8.4-150500.4.15.1.aarch64",
"openSUSE Leap 15.5:frr-8.4-150500.4.15.1.ppc64le",
"openSUSE Leap 15.5:frr-8.4-150500.4.15.1.s390x",
"openSUSE Leap 15.5:frr-8.4-150500.4.15.1.x86_64",
"openSUSE Leap 15.5:frr-devel-8.4-150500.4.15.1.aarch64",
"openSUSE Leap 15.5:frr-devel-8.4-150500.4.15.1.ppc64le",
"openSUSE Leap 15.5:frr-devel-8.4-150500.4.15.1.s390x",
"openSUSE Leap 15.5:frr-devel-8.4-150500.4.15.1.x86_64",
"openSUSE Leap 15.5:libfrr0-8.4-150500.4.15.1.aarch64",
"openSUSE Leap 15.5:libfrr0-8.4-150500.4.15.1.ppc64le",
"openSUSE Leap 15.5:libfrr0-8.4-150500.4.15.1.s390x",
"openSUSE Leap 15.5:libfrr0-8.4-150500.4.15.1.x86_64",
"openSUSE Leap 15.5:libfrr_pb0-8.4-150500.4.15.1.aarch64",
"openSUSE Leap 15.5:libfrr_pb0-8.4-150500.4.15.1.ppc64le",
"openSUSE Leap 15.5:libfrr_pb0-8.4-150500.4.15.1.s390x",
"openSUSE Leap 15.5:libfrr_pb0-8.4-150500.4.15.1.x86_64",
"openSUSE Leap 15.5:libfrrcares0-8.4-150500.4.15.1.aarch64",
"openSUSE Leap 15.5:libfrrcares0-8.4-150500.4.15.1.ppc64le",
"openSUSE Leap 15.5:libfrrcares0-8.4-150500.4.15.1.s390x",
"openSUSE Leap 15.5:libfrrcares0-8.4-150500.4.15.1.x86_64",
"openSUSE Leap 15.5:libfrrfpm_pb0-8.4-150500.4.15.1.aarch64",
"openSUSE Leap 15.5:libfrrfpm_pb0-8.4-150500.4.15.1.ppc64le",
"openSUSE Leap 15.5:libfrrfpm_pb0-8.4-150500.4.15.1.s390x",
"openSUSE Leap 15.5:libfrrfpm_pb0-8.4-150500.4.15.1.x86_64",
"openSUSE Leap 15.5:libfrrospfapiclient0-8.4-150500.4.15.1.aarch64",
"openSUSE Leap 15.5:libfrrospfapiclient0-8.4-150500.4.15.1.ppc64le",
"openSUSE Leap 15.5:libfrrospfapiclient0-8.4-150500.4.15.1.s390x",
"openSUSE Leap 15.5:libfrrospfapiclient0-8.4-150500.4.15.1.x86_64",
"openSUSE Leap 15.5:libfrrsnmp0-8.4-150500.4.15.1.aarch64",
"openSUSE Leap 15.5:libfrrsnmp0-8.4-150500.4.15.1.ppc64le",
"openSUSE Leap 15.5:libfrrsnmp0-8.4-150500.4.15.1.s390x",
"openSUSE Leap 15.5:libfrrsnmp0-8.4-150500.4.15.1.x86_64",
"openSUSE Leap 15.5:libfrrzmq0-8.4-150500.4.15.1.aarch64",
"openSUSE Leap 15.5:libfrrzmq0-8.4-150500.4.15.1.ppc64le",
"openSUSE Leap 15.5:libfrrzmq0-8.4-150500.4.15.1.s390x",
"openSUSE Leap 15.5:libfrrzmq0-8.4-150500.4.15.1.x86_64",
"openSUSE Leap 15.5:libmlag_pb0-8.4-150500.4.15.1.aarch64",
"openSUSE Leap 15.5:libmlag_pb0-8.4-150500.4.15.1.ppc64le",
"openSUSE Leap 15.5:libmlag_pb0-8.4-150500.4.15.1.s390x",
"openSUSE Leap 15.5:libmlag_pb0-8.4-150500.4.15.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Server Applications 15 SP5:frr-8.4-150500.4.15.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:frr-8.4-150500.4.15.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:frr-8.4-150500.4.15.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:frr-8.4-150500.4.15.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:frr-devel-8.4-150500.4.15.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:frr-devel-8.4-150500.4.15.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:frr-devel-8.4-150500.4.15.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:frr-devel-8.4-150500.4.15.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrr0-8.4-150500.4.15.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrr0-8.4-150500.4.15.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrr0-8.4-150500.4.15.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrr0-8.4-150500.4.15.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrr_pb0-8.4-150500.4.15.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrr_pb0-8.4-150500.4.15.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrr_pb0-8.4-150500.4.15.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrr_pb0-8.4-150500.4.15.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrrcares0-8.4-150500.4.15.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrrcares0-8.4-150500.4.15.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrrcares0-8.4-150500.4.15.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrrcares0-8.4-150500.4.15.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrrfpm_pb0-8.4-150500.4.15.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrrfpm_pb0-8.4-150500.4.15.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrrfpm_pb0-8.4-150500.4.15.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrrfpm_pb0-8.4-150500.4.15.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrrospfapiclient0-8.4-150500.4.15.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrrospfapiclient0-8.4-150500.4.15.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrrospfapiclient0-8.4-150500.4.15.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrrospfapiclient0-8.4-150500.4.15.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrrsnmp0-8.4-150500.4.15.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrrsnmp0-8.4-150500.4.15.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrrsnmp0-8.4-150500.4.15.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrrsnmp0-8.4-150500.4.15.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrrzmq0-8.4-150500.4.15.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrrzmq0-8.4-150500.4.15.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrrzmq0-8.4-150500.4.15.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libfrrzmq0-8.4-150500.4.15.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libmlag_pb0-8.4-150500.4.15.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libmlag_pb0-8.4-150500.4.15.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libmlag_pb0-8.4-150500.4.15.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:libmlag_pb0-8.4-150500.4.15.1.x86_64",
"openSUSE Leap 15.5:frr-8.4-150500.4.15.1.aarch64",
"openSUSE Leap 15.5:frr-8.4-150500.4.15.1.ppc64le",
"openSUSE Leap 15.5:frr-8.4-150500.4.15.1.s390x",
"openSUSE Leap 15.5:frr-8.4-150500.4.15.1.x86_64",
"openSUSE Leap 15.5:frr-devel-8.4-150500.4.15.1.aarch64",
"openSUSE Leap 15.5:frr-devel-8.4-150500.4.15.1.ppc64le",
"openSUSE Leap 15.5:frr-devel-8.4-150500.4.15.1.s390x",
"openSUSE Leap 15.5:frr-devel-8.4-150500.4.15.1.x86_64",
"openSUSE Leap 15.5:libfrr0-8.4-150500.4.15.1.aarch64",
"openSUSE Leap 15.5:libfrr0-8.4-150500.4.15.1.ppc64le",
"openSUSE Leap 15.5:libfrr0-8.4-150500.4.15.1.s390x",
"openSUSE Leap 15.5:libfrr0-8.4-150500.4.15.1.x86_64",
"openSUSE Leap 15.5:libfrr_pb0-8.4-150500.4.15.1.aarch64",
"openSUSE Leap 15.5:libfrr_pb0-8.4-150500.4.15.1.ppc64le",
"openSUSE Leap 15.5:libfrr_pb0-8.4-150500.4.15.1.s390x",
"openSUSE Leap 15.5:libfrr_pb0-8.4-150500.4.15.1.x86_64",
"openSUSE Leap 15.5:libfrrcares0-8.4-150500.4.15.1.aarch64",
"openSUSE Leap 15.5:libfrrcares0-8.4-150500.4.15.1.ppc64le",
"openSUSE Leap 15.5:libfrrcares0-8.4-150500.4.15.1.s390x",
"openSUSE Leap 15.5:libfrrcares0-8.4-150500.4.15.1.x86_64",
"openSUSE Leap 15.5:libfrrfpm_pb0-8.4-150500.4.15.1.aarch64",
"openSUSE Leap 15.5:libfrrfpm_pb0-8.4-150500.4.15.1.ppc64le",
"openSUSE Leap 15.5:libfrrfpm_pb0-8.4-150500.4.15.1.s390x",
"openSUSE Leap 15.5:libfrrfpm_pb0-8.4-150500.4.15.1.x86_64",
"openSUSE Leap 15.5:libfrrospfapiclient0-8.4-150500.4.15.1.aarch64",
"openSUSE Leap 15.5:libfrrospfapiclient0-8.4-150500.4.15.1.ppc64le",
"openSUSE Leap 15.5:libfrrospfapiclient0-8.4-150500.4.15.1.s390x",
"openSUSE Leap 15.5:libfrrospfapiclient0-8.4-150500.4.15.1.x86_64",
"openSUSE Leap 15.5:libfrrsnmp0-8.4-150500.4.15.1.aarch64",
"openSUSE Leap 15.5:libfrrsnmp0-8.4-150500.4.15.1.ppc64le",
"openSUSE Leap 15.5:libfrrsnmp0-8.4-150500.4.15.1.s390x",
"openSUSE Leap 15.5:libfrrsnmp0-8.4-150500.4.15.1.x86_64",
"openSUSE Leap 15.5:libfrrzmq0-8.4-150500.4.15.1.aarch64",
"openSUSE Leap 15.5:libfrrzmq0-8.4-150500.4.15.1.ppc64le",
"openSUSE Leap 15.5:libfrrzmq0-8.4-150500.4.15.1.s390x",
"openSUSE Leap 15.5:libfrrzmq0-8.4-150500.4.15.1.x86_64",
"openSUSE Leap 15.5:libmlag_pb0-8.4-150500.4.15.1.aarch64",
"openSUSE Leap 15.5:libmlag_pb0-8.4-150500.4.15.1.ppc64le",
"openSUSE Leap 15.5:libmlag_pb0-8.4-150500.4.15.1.s390x",
"openSUSE Leap 15.5:libmlag_pb0-8.4-150500.4.15.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-12-06T12:27:39Z",
"details": "important"
}
],
"title": "CVE-2023-47235"
}
]
}
Loading…
Trend slope:
-
(linear fit over daily sighting counts)
Show additional events:
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…