USN-6323-1: FRR vulnerability
31 August 2023
FRR could be made to close sessions if it received speacially crafted network traffic.
Releases
Packages
- frr - FRRouting suite of internet protocols
Details
Ben Cartwright-Cox discovered that FRR did not handle RFC 7606
attributes properly. A remote attacker could possibly use this to
cause denial of service.
Update instructions
The problem can be corrected by updating your system to the following package versions:
Ubuntu 23.04
Ubuntu 22.04
In general, a standard system update will make all the necessary changes.
References
Related notices
- USN-6136-1: frr-snmp, frr-pythontools, frr-doc, frr, frr-rpki-rtrlib
- USN-6807-1: frr-snmp, frr-pythontools, frr-doc, frr, frr-rpki-rtrlib