SUSE-SU-2023:4663-1 -- SLES frr, libfrrcares0, libfrrfpm_pb0, libfrrospfapiclient0, libmlag_pb0, libfrrsnmp0, libfrr0, libfrr_pb0, libfrrzmq0ID: oval:org.secpod.oval:def:89051217 | Date: (C)2024-01-23 (M)2024-04-29 |
Class: PATCH | Family: unix |
This update for frr fixes the following issues: * CVE-2023-47235: Fixed denial of service caused by malformed BGP UPDATE message with an EOR is processed . * CVE-2023-47234: Fixed denial of service caused by crafted BGP UPDATE message with a MP_UNREACH_NLRI attribute . * CVE-2023-38407: Fixed read beyond the end of the stream during labeled unicast parsing . * CVE-2023-38406: Fixed mishandling of nlri length of zero, aka a "flowspec overflow .
Platform: |
SUSE Linux Enterprise Server 15 SP5 |
Product: |
frr |
libfrrcares0 |
libfrrfpm_pb0 |
libfrrospfapiclient0 |
libmlag_pb0 |
libfrrsnmp0 |
libfrr0 |
libfrr_pb0 |
libfrrzmq0 |