-------------------------------------------------------------------------
Debian LTS Advisory DLA-3573-1                debian-lts@lists.debian.org
https://www.debian.org/lts/security/                      Markus Koschany
September 19, 2023                            https://wiki.debian.org/LTS
-------------------------------------------------------------------------

Package        : frr
Version        : 7.5.1-1.1+deb10u1
CVE ID         : CVE-2022-36440 CVE-2022-40302 CVE-2022-40318 CVE-2022-43681 
                 CVE-2023-31490 CVE-2023-38802 CVE-2023-41358 CVE-2023-41360 
                 CVE-2023-41361 CVE-2023-41909
Debian Bug     : 1035829 1036062

Multiple security vulnerabilities were found in frr, the FRRouting suite
of internet protocols. Maliciously constructed Border Gateway Protocol
(BGP) packages or corrupted tunnel attributes may cause a denial of service
(application crash) which could be exploited by a remote attacker.

For Debian 10 buster, these problems have been fixed in version
7.5.1-1.1+deb10u1.

We recommend that you upgrade your frr packages.

For the detailed security status of frr please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/source-package/frr

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS

Debian LTS: DLA-3573-1: frr security update

September 19, 2023
Multiple security vulnerabilities were found in frr, the FRRouting suite of internet protocols

Summary


Multiple security vulnerabilities were found in frr, the FRRouting suite
of internet protocols. Maliciously constructed Border Gateway Protocol
(BGP) packages or corrupted tunnel attributes may cause a denial of service
(application crash) which could be exploited by a remote attacker.

For Debian 10 buster, these problems have been fixed in version
7.5.1-1.1+deb10u1.

We recommend that you upgrade your frr packages.

For the detailed security status of frr please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/source-package/frr

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS


Severity
Package : frr
Version : 7.5.1-1.1+deb10u1
CVE ID : CVE-2022-36440 CVE-2022-40302 CVE-2022-40318 CVE-2022-43681
Debian Bug : 1035829 1036062

Related News

News

Powered By

Footer Logo

Linux Security - Your source for Top Linux News, Advisories, HowTo's and Feature Release.

Powered By

Footer Logo