It was discovered that the FRR did not properly check the attribute length in NRLI. A remote attacker could possibly use this issue to cause a denial of service. (CVE-2023-41358)
It was discovered that the FRR did not properly manage memory when reading initial bytes of ORF header. A remote attacker could possibly use this issue to cause a denial of service. (CVE-2023-41360)
It was discovered that FRR did not properly validate the attributes in the BGP FlowSpec functionality. A remote attacker could possibly use this issue to cause a denial of service. (CVE-2023-41909)
{ "binaries": [ { "binary_name": "frr", "binary_version": "7.2.1-1ubuntu0.2+esm1" }, { "binary_name": "frr-dbgsym", "binary_version": "7.2.1-1ubuntu0.2+esm1" }, { "binary_name": "frr-doc", "binary_version": "7.2.1-1ubuntu0.2+esm1" }, { "binary_name": "frr-pythontools", "binary_version": "7.2.1-1ubuntu0.2+esm1" }, { "binary_name": "frr-rpki-rtrlib", "binary_version": "7.2.1-1ubuntu0.2+esm1" }, { "binary_name": "frr-rpki-rtrlib-dbgsym", "binary_version": "7.2.1-1ubuntu0.2+esm1" }, { "binary_name": "frr-snmp", "binary_version": "7.2.1-1ubuntu0.2+esm1" }, { "binary_name": "frr-snmp-dbgsym", "binary_version": "7.2.1-1ubuntu0.2+esm1" } ], "availability": "Available with Ubuntu Pro: https://ubuntu.com/pro" }
{ "binaries": [ { "binary_name": "frr", "binary_version": "8.1-1ubuntu1.6" }, { "binary_name": "frr-dbgsym", "binary_version": "8.1-1ubuntu1.6" }, { "binary_name": "frr-doc", "binary_version": "8.1-1ubuntu1.6" }, { "binary_name": "frr-pythontools", "binary_version": "8.1-1ubuntu1.6" }, { "binary_name": "frr-rpki-rtrlib", "binary_version": "8.1-1ubuntu1.6" }, { "binary_name": "frr-rpki-rtrlib-dbgsym", "binary_version": "8.1-1ubuntu1.6" }, { "binary_name": "frr-snmp", "binary_version": "8.1-1ubuntu1.6" }, { "binary_name": "frr-snmp-dbgsym", "binary_version": "8.1-1ubuntu1.6" } ], "availability": "No subscription required" }