SUSE update for frr
| Risk | Medium |
| Patch available | YES |
| Number of vulnerabilities | 2 |
| CVE-ID | CVE-2024-27913 CVE-2024-31948 |
| CWE-ID | CWE-20 CWE-119 |
| Exploitation vector | Network |
| Public exploit | N/A |
| Vulnerable software |
Server Applications Module Operating systems & Components / Operating system SUSE Linux Enterprise Server for SAP Applications 15 Operating systems & Components / Operating system SUSE Linux Enterprise Server 15 Operating systems & Components / Operating system SUSE Linux Enterprise Real Time 15 Operating systems & Components / Operating system SUSE Linux Enterprise High Performance Computing 15 Operating systems & Components / Operating system openSUSE Leap Operating systems & Components / Operating system frr-debuginfo Operating systems & Components / Operating system package or component libfrrsnmp0 Operating systems & Components / Operating system package or component libfrr_pb0 Operating systems & Components / Operating system package or component libfrrospfapiclient0-debuginfo Operating systems & Components / Operating system package or component libfrrcares0 Operating systems & Components / Operating system package or component libfrrospfapiclient0 Operating systems & Components / Operating system package or component frr-devel Operating systems & Components / Operating system package or component libfrrcares0-debuginfo Operating systems & Components / Operating system package or component frr-debugsource Operating systems & Components / Operating system package or component libfrr0-debuginfo Operating systems & Components / Operating system package or component libfrrzmq0 Operating systems & Components / Operating system package or component libfrrfpm_pb0 Operating systems & Components / Operating system package or component libfrr_pb0-debuginfo Operating systems & Components / Operating system package or component libmlag_pb0-debuginfo Operating systems & Components / Operating system package or component libmlag_pb0 Operating systems & Components / Operating system package or component libfrrsnmp0-debuginfo Operating systems & Components / Operating system package or component libfrrzmq0-debuginfo Operating systems & Components / Operating system package or component frr Operating systems & Components / Operating system package or component libfrr0 Operating systems & Components / Operating system package or component libfrrfpm_pb0-debuginfo Operating systems & Components / Operating system package or component |
| Vendor | SUSE |
Security Bulletin
This security bulletin contains information about 2 vulnerabilities.
1) Input validation error
EUVDB-ID: #VU101031
Risk: Medium
CVSSv4.0: 6.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2024-27913
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to insufficient validation of OSPF LSA packets within the ospf_te_parse_te() function in ospfd/ospf_te.c. A remote attacker can send specially crafted packets to the server and crash the ospfd daemon.
MitigationUpdate the affected package frr to the latest version.
Vulnerable software versionsServer Applications Module: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
frr-debuginfo: before 8.4-150500.4.20.1
libfrrsnmp0: before 8.4-150500.4.20.1
libfrr_pb0: before 8.4-150500.4.20.1
libfrrospfapiclient0-debuginfo: before 8.4-150500.4.20.1
libfrrcares0: before 8.4-150500.4.20.1
libfrrospfapiclient0: before 8.4-150500.4.20.1
frr-devel: before 8.4-150500.4.20.1
libfrrcares0-debuginfo: before 8.4-150500.4.20.1
frr-debugsource: before 8.4-150500.4.20.1
libfrr0-debuginfo: before 8.4-150500.4.20.1
libfrrzmq0: before 8.4-150500.4.20.1
libfrrfpm_pb0: before 8.4-150500.4.20.1
libfrr_pb0-debuginfo: before 8.4-150500.4.20.1
libmlag_pb0-debuginfo: before 8.4-150500.4.20.1
libmlag_pb0: before 8.4-150500.4.20.1
libfrrsnmp0-debuginfo: before 8.4-150500.4.20.1
libfrrzmq0-debuginfo: before 8.4-150500.4.20.1
frr: before 8.4-150500.4.20.1
libfrr0: before 8.4-150500.4.20.1
libfrrfpm_pb0-debuginfo: before 8.4-150500.4.20.1
CPE2.3- cpe:2.3:o:suse:server_applications_module:15-SP5:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP5:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP5:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_real_time_15:SP5:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_high_performance_computing_15:SP5:*:*:*:*:*:*:*
- cpe:2.3:o:suse:opensuse_leap:15.5:*:*:*:*:*:*:*
- cpe:2.3:o:suse:frr-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:libfrrsnmp0:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:libfrr_pb0:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:libfrrospfapiclient0-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:libfrrcares0:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:libfrrospfapiclient0:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:frr-devel:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:libfrrcares0-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:frr-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:libfrr0-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:libfrrzmq0:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:libfrrfpm_pb0:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:libfrr_pb0-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:libmlag_pb0-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:libmlag_pb0:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:libfrrsnmp0-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:libfrrzmq0-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:frr:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:libfrr0:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:libfrrfpm_pb0-debuginfo:*:*:*:*:*:suse_linux:*:*
http://www.suse.com/support/update/announcement/2024/suse-su-20241453-1/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) Buffer overflow
EUVDB-ID: #VU90721
Risk: Medium
CVSSv4.0: 6.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2024-31948
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to a boundary error when parsing Prefix SID attribute in a BGP UPDATE packet. A remote attacker can send specially crafted packets to the application, trigger memory corruption and crash the bgpd daemon.
Update the affected package frr to the latest version.
Vulnerable software versionsServer Applications Module: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise Real Time 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
frr-debuginfo: before 8.4-150500.4.20.1
libfrrsnmp0: before 8.4-150500.4.20.1
libfrr_pb0: before 8.4-150500.4.20.1
libfrrospfapiclient0-debuginfo: before 8.4-150500.4.20.1
libfrrcares0: before 8.4-150500.4.20.1
libfrrospfapiclient0: before 8.4-150500.4.20.1
frr-devel: before 8.4-150500.4.20.1
libfrrcares0-debuginfo: before 8.4-150500.4.20.1
frr-debugsource: before 8.4-150500.4.20.1
libfrr0-debuginfo: before 8.4-150500.4.20.1
libfrrzmq0: before 8.4-150500.4.20.1
libfrrfpm_pb0: before 8.4-150500.4.20.1
libfrr_pb0-debuginfo: before 8.4-150500.4.20.1
libmlag_pb0-debuginfo: before 8.4-150500.4.20.1
libmlag_pb0: before 8.4-150500.4.20.1
libfrrsnmp0-debuginfo: before 8.4-150500.4.20.1
libfrrzmq0-debuginfo: before 8.4-150500.4.20.1
frr: before 8.4-150500.4.20.1
libfrr0: before 8.4-150500.4.20.1
libfrrfpm_pb0-debuginfo: before 8.4-150500.4.20.1
CPE2.3- cpe:2.3:o:suse:server_applications_module:15-SP5:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP5:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP5:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_real_time_15:SP5:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_high_performance_computing_15:SP5:*:*:*:*:*:*:*
- cpe:2.3:o:suse:opensuse_leap:15.5:*:*:*:*:*:*:*
- cpe:2.3:o:suse:frr-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:libfrrsnmp0:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:libfrr_pb0:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:libfrrospfapiclient0-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:libfrrcares0:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:libfrrospfapiclient0:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:frr-devel:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:libfrrcares0-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:frr-debugsource:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:libfrr0-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:libfrrzmq0:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:libfrrfpm_pb0:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:libfrr_pb0-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:libmlag_pb0-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:libmlag_pb0:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:libfrrsnmp0-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:libfrrzmq0-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:frr:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:libfrr0:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:libfrrfpm_pb0-debuginfo:*:*:*:*:*:suse_linux:*:*
http://www.suse.com/support/update/announcement/2024/suse-su-20241453-1/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
