SB2022031815 - SUSE update for frr

Main Vulnerability Database SB2022031815

SB2022031815 - SUSE update for frr

Published: March 18, 2022

Security Bulletin ID SB2022031815

Severity

High

Patch available

YES

Number of vulnerabilities 5

Exploitation vector Remote access

Highest impact Code execution

Breakdown by Severity

Low
Medium
High
Critical

Description

This security bulletin contains information about 5 secuirty vulnerabilities.

1) Buffer overflow (CVE-ID: CVE-2022-26125)

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error when handling packets within isisd/isis_tlvs.c. A remote attacker can send specially crafted packets to the application, trigger memory corruption and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

2) Buffer overflow (CVE-ID: CVE-2022-26126)

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error in isis_nb_notifications.c. A remote attacker can pass specially crafted data to the application, trigger memory corruption and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

3) Buffer overflow (CVE-ID: CVE-2022-26127)

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error within the babel_packet_examin() function in babeld/message.c. A remote attacker can pass specially crafted data to the application, trigger memory corruption and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

4) Buffer overflow (CVE-ID: CVE-2022-26128)

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error within the babel_packet_examin() function in babeld/message.c. A remote attacker can send specially crafted data to the application, trigger memory corruption and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

5) Buffer overflow (CVE-ID: CVE-2022-26129)

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error within the parse_hello_subtlv(), parse_ihu_subtlv(), and parse_update_subtlv() functions in babeld/message.c. A remote attacker can pass specially crafted data to the application, trigger memory corruption and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Remediation

Install update from vendor's website.

References

https://www.suse.com/support/update/announcement/2022/suse-su-20220901-1/

Vulnerable Software

SUSE Linux Enterprise Server: 15-SP3-LTSS - 15-SP4
SUSE Linux Enterprise High Performance Computing: 15-SP3-LTSS - 15-SP4
SUSE Manager Server: 4.2
SUSE Manager Proxy: 4.2
SUSE Linux Enterprise Server for SAP Applications: 15-SP3 - 15-SP4
SUSE Linux Enterprise Module for Server Applications: 15-SP3 - 15-SP4
libmlag_pb0-debuginfo: before 7.4-150300.4.3.1
libmlag_pb0: before 7.4-150300.4.3.1
libfrrzmq0-debuginfo: before 7.4-150300.4.3.1
libfrrzmq0: before 7.4-150300.4.3.1
libfrrsnmp0-debuginfo: before 7.4-150300.4.3.1
libfrrsnmp0: before 7.4-150300.4.3.1
libfrrospfapiclient0-debuginfo: before 7.4-150300.4.3.1
libfrrospfapiclient0: before 7.4-150300.4.3.1
libfrrgrpc_pb0-debuginfo: before 7.4-150300.4.3.1
libfrrgrpc_pb0: before 7.4-150300.4.3.1
libfrrfpm_pb0-debuginfo: before 7.4-150300.4.3.1
libfrrfpm_pb0: before 7.4-150300.4.3.1
libfrrcares0-debuginfo: before 7.4-150300.4.3.1
libfrrcares0: before 7.4-150300.4.3.1
libfrr_pb0-debuginfo: before 7.4-150300.4.3.1
libfrr_pb0: before 7.4-150300.4.3.1
libfrr0-debuginfo: before 7.4-150300.4.3.1
libfrr0: before 7.4-150300.4.3.1
frr-devel: before 7.4-150300.4.3.1
frr-debugsource: before 7.4-150300.4.3.1
frr-debuginfo: before 7.4-150300.4.3.1
frr: before 7.4-150300.4.3.1