diff options
| author | Zhang Peng <peng.zhang1.cn@windriver.com> | 2024-11-18 18:03:14 +0800 |
|---|---|---|
| committer | Armin Kuster <akuster808@gmail.com> | 2024-12-08 15:00:01 -0500 |
| commit | 84ebedfcf49db71129a0b101bf74ff083811a80d (patch) | |
| tree | e779a9c1522b1945c1ade34f89e463d936bd5ced /meta-python/recipes-devtools/python/python3-aiofiles_0.8.0.bb | |
| parent | feb37930707107748a31300acb5f30189b7232a3 (diff) | |
| download | meta-openembedded-84ebedfcf49db71129a0b101bf74ff083811a80d.tar.gz | |
frr: fix multiple CVEs
CVE-2024-27913:
ospf_te_parse_te in ospfd/ospf_te.c in FRRouting (FRR) through 9.1
allows remote attackers to cause a denial of service (ospfd daemon
crash) via a malformed OSPF LSA packet, because of an attempted
access to a missing attribute field.
CVE-2024-34088:
In FRRouting (FRR) through 9.1, it is possible for the get_edge()
function in ospf_te.c in the OSPF daemon to return a NULL pointer.
In cases where calling functions do not handle the returned NULL
value, the OSPF daemon crashes, leading to denial of service.
CVE-2024-31950:
In FRRouting (FRR) through 9.1, there can be a buffer overflow and
daemon crash in ospf_te_parse_ri for OSPF LSA packets during an attempt
to read Segment Routing subTLVs (their size is not validated).
CVE-2024-31951:
In the Opaque LSA Extended Link parser in FRRouting (FRR) through 9.1,
there can be a buffer overflow and daemon crash in
ospf_te_parse_ext_link for OSPF LSA packets during an attempt to read
Segment Routing Adjacency SID subTLVs (lengths are not validated).
CVE-2024-31948:
In FRRouting (FRR) through 9.1, an attacker using a malformed Prefix SID
attribute in a BGP UPDATE packet can cause the bgpd daemon to crash.
Reference:
[https://nvd.nist.gov/vuln/detail/CVE-2024-27913]
[https://nvd.nist.gov/vuln/detail/CVE-2024-34088]
[https://nvd.nist.gov/vuln/detail/CVE-2024-31951]
[https://nvd.nist.gov/vuln/detail/CVE-2024-31950]
[https://nvd.nist.gov/vuln/detail/CVE-2024-31948]
Upstream patches:
[https://github.com/FRRouting/frr/commit/a73e66d07329d721f26f3f336f7735de420b0183]
[https://github.com/FRRouting/frr/commit/8c177d69e32b91b45bda5fc5da6511fa03dc11ca]
[https://github.com/FRRouting/frr/commit/5557a289acdaeec8cc63ffc97b5c2abf6dee7b3a]
[https://github.com/FRRouting/frr/commit/f69d1313b19047d3d83fc2b36a518355b861dfc4]
[https://github.com/FRRouting/frr/commit/babb23b74855e23c987a63f8256d24e28c044d07]
[https://github.com/FRRouting/frr/commit/ba6a8f1a31e1a88df2de69ea46068e8bd9b97138]
Signed-off-by: Zhang Peng <peng.zhang1.cn@windriver.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Diffstat (limited to 'meta-python/recipes-devtools/python/python3-aiofiles_0.8.0.bb')
0 files changed, 0 insertions, 0 deletions