Tuesday, November 21, 2023

[USN-6498-1] FRR vulnerabilities

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEUMSg3c8x5FLOsZtRZWnYVadEvpMFAmVc2BgACgkQZWnYVadE
vpOlIBAAouScjr+qtc6ebHEiB4f7ZEACxZoFUGdnwu4A5WDmbNguZTIhVCI1FrYc
CKKlAAxHd3Ac3CB9KNvFWVP16TvcV3XctM+j9ueu9dxxhZaLwGOpWgPHhX7sfHH7
0MN+S7qDig4hT7KLuLeykaM0CxUXzT3zHPc4xYDXqpTmYFIB+eRYwcnrkNfv7nJU
ClMDOPqnBOtVC37DERX+m1eH2JfCqjemfdn8tbemL+HZPd9cf1ErBtz8ZUI8DHYn
p6j7qoqsJKmB8W2T7Igb/NK/wK3t7mRKke4h2GqEnbSEHE8zluaqw9JWiUvv+Wtf
Rjzl6qSq681hBbHUO5s68gGk4WxWdueIFzosEuexuIjFCCV0rfIvf5DPbUkzK6q2
yCtNxMYBY/apuxI0FkomFMJBBEdFFR4wyZzf6iU6KjlY8UGU/awCrzO633+ureBz
pRPI7L9oNPy9zLiGrhXm4M/AguypJ+Aq2auR79EtOcrQv2D9XkhuDYnbOs6z9mNK
RsLc7m013E8LPqwC/f++tRfLHcQ+8gJX0nguKTMOxuUDbUjejcxsG/TVERCinrAK
wS+gr7FzX+HktAqY1jrww5W2+by+dZjOfDokakjjvkOTksantk1nrWUuawiiq1C9
1qHIaSnQ6M5fqkvvmSqYaey3cT/m/1PgpDxVA4AFoBq+dRrgrd4=
=Xfci
-----END PGP SIGNATURE-----
==========================================================================
Ubuntu Security Notice USN-6498-1
November 21, 2023

frr vulnerabilities
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 23.10
- Ubuntu 23.04
- Ubuntu 22.04 LTS

Summary:

Several security issues were fixed in FRR.

Software Description:
- frr: FRRouting suite of internet protocols

Details:

It was discovered that FRR incorrectly handled certain BGP messages. A
remote attacker could possibly use this issue to cause FRR to crash,
resulting in a denial of service.

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 23.10:
frr 8.4.4-1.1ubuntu1.2

Ubuntu 23.04:
frr 8.4.2-1ubuntu1.6

Ubuntu 22.04 LTS:
frr 8.1-1ubuntu1.8

In general, a standard system update will make all the necessary changes.

References:
https://ubuntu.com/security/notices/USN-6498-1
CVE-2023-38406, CVE-2023-38407, CVE-2023-47234, CVE-2023-47235

Package Information:
https://launchpad.net/ubuntu/+source/frr/8.4.4-1.1ubuntu1.2
https://launchpad.net/ubuntu/+source/frr/8.4.2-1ubuntu1.6
https://launchpad.net/ubuntu/+source/frr/8.1-1ubuntu1.8

No comments:

Post a Comment