ELSA-2024-2156

ULN >
Oracle Linux Errata repository >
ELSA-2024-2156

ELSA-2024-2156 - frr security update

Type:	SECURITY
Impact:	MODERATE
Release Date:	2024-05-02

Description

[8.5.3-4]
- Resolves: RHEL-14825 - crafted BGP UPDATE message leading to a crash

[8.5.3-3]
- Resolves: RHEL-14822 - mishandled malformed data leading to a crash

[8.5.3-2]
- Resolves: RHEL-15915 - crash from specially crafted MP_UNREACH_NLRI-containing BGP UPDATE message
- Resolves: RHEL-15918 - crash from malformed EOR-containing BGP UPDATE message

[8.5.3-1]
- Resolves: RHEL-15291 - Rebase FRR to version 8.5.3 in RHEL9

[8.3.1-12]
- Resolves: RHEL-3541 - Incorrect handling of a error in parsing of an invalid section of a BGP update can de-peer a router

Related CVEs

Updated Packages

Release/Architecture	Filename	sha256	Superseded By Advisory	Channel Label

Oracle Linux 9 (aarch64)	frr-8.5.3-4.el9.src.rpm	f11fa8310c40c7e7cd9bf93de53595109e50f2e5a61c30829aca303b57ed32cd	-	ol9_aarch64_appstream
	frr-8.5.3-4.el9.aarch64.rpm	af505d64def9de1f9953fa7ad4b853cd40dd8dc39a8a4ff7a92cf5c059501756	-	ol9_aarch64_appstream
	frr-selinux-8.5.3-4.el9.noarch.rpm	4b4a7c49921fcc70d6f17fc1b30840230d304bc9178749679e13de4d691cdc7e	-	ol9_aarch64_appstream

Oracle Linux 9 (x86_64)	frr-8.5.3-4.el9.src.rpm	f11fa8310c40c7e7cd9bf93de53595109e50f2e5a61c30829aca303b57ed32cd	-	ol9_x86_64_appstream
	frr-8.5.3-4.el9.x86_64.rpm	70aa7b6001bd6b40fe796aae10b0249f1cb970192ffc91e79fced7de46d8799c	-	ol9_x86_64_appstream
	frr-selinux-8.5.3-4.el9.noarch.rpm	4b4a7c49921fcc70d6f17fc1b30840230d304bc9178749679e13de4d691cdc7e	-	ol9_x86_64_appstream

This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

Technical information

Oracle Linux Support

Connect

Contact Us

Global contacts
Oracle 1-800-633-0691