SUSE-SU-2024:4090-1: important: Security update for frr
SLE-SECURITY-UPDATES
null at suse.de
Thu Nov 28 08:30:02 UTC 2024
# Security update for frr
Announcement ID: SUSE-SU-2024:4090-1
Release Date: 2024-11-28T07:58:02Z
Rating: important
References:
* jsc#PED-11092
Cross-References:
* CVE-2023-31489
* CVE-2023-31490
* CVE-2023-3748
* CVE-2023-38406
* CVE-2023-38407
* CVE-2023-38802
* CVE-2023-41358
* CVE-2023-41360
* CVE-2023-41909
* CVE-2023-46752
* CVE-2023-46753
* CVE-2023-47234
* CVE-2023-47235
* CVE-2024-27913
* CVE-2024-31948
* CVE-2024-31950
* CVE-2024-31951
* CVE-2024-34088
* CVE-2024-44070
CVSS scores:
* CVE-2023-31489 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
* CVE-2023-31489 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
* CVE-2023-31490 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-31490 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-3748 ( SUSE ): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-3748 ( NVD ): 3.5 CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
* CVE-2023-38406 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-38406 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
* CVE-2023-38407 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-38407 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-38802 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-38802 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-41358 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-41358 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-41360 ( SUSE ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
* CVE-2023-41360 ( NVD ): 9.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
* CVE-2023-41360 ( NVD ): 9.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
* CVE-2023-41909 ( SUSE ): 3.1 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L
* CVE-2023-41909 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-46752 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-46752 ( NVD ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-46753 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-46753 ( NVD ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-47234 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-47234 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-47235 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-47235 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-27913 ( SUSE ): 6.5 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-31948 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-31950 ( SUSE ): 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-31951 ( SUSE ): 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-31951 ( NVD ): 6.5 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-34088 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-34088 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-44070 ( SUSE ): 8.7
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2024-44070 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-44070 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Affected Products:
* openSUSE Leap 15.5
* openSUSE Leap 15.6
* Server Applications Module 15-SP5
* Server Applications Module 15-SP6
* SUSE Linux Enterprise High Performance Computing 15 SP5
* SUSE Linux Enterprise Real Time 15 SP5
* SUSE Linux Enterprise Real Time 15 SP6
* SUSE Linux Enterprise Server 15 SP5
* SUSE Linux Enterprise Server 15 SP6
* SUSE Linux Enterprise Server for SAP Applications 15 SP5
* SUSE Linux Enterprise Server for SAP Applications 15 SP6
An update that solves 19 vulnerabilities and contains one feature can now be
installed.
## Description:
This update for frr fixes the following issues:
Update to frr 8.5.6 (jsc#PED-PED-11092) including fixes for:
* CVE-2024-44070,CVE-2024-34088,CVE-2024-31951,CVE-2024-31950,
CVE-2024-31948,CVE-2024-27913,CVE-2023-47235,CVE-2023-47234,
CVE-2023-46753,CVE-2023-46752,CVE-2023-41909,CVE-2023-41360,
CVE-2023-41358,CVE-2023-38802,CVE-2023-38407,CVE-2023-38406,
CVE-2023-3748,CVE-2023-31490,CVE-2023-31489 and other bugfixes. See
https://frrouting.org/release/8.5.6/ for details.
The most recent frr 8.x series provides several new features, improvements and
bug fixes for various protocols and daemons, especially for PIM/PIMv6/BGP and
VRF support.
See https://frrouting.org/release/8.5/ for details and links.
## Patch Instructions:
To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
* openSUSE Leap 15.5
zypper in -t patch SUSE-2024-4090=1 openSUSE-SLE-15.5-2024-4090=1
* openSUSE Leap 15.6
zypper in -t patch openSUSE-SLE-15.6-2024-4090=1
* Server Applications Module 15-SP5
zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP5-2024-4090=1
* Server Applications Module 15-SP6
zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP6-2024-4090=1
## Package List:
* openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64 i586)
* libfrrzmq0-debuginfo-8.5.6-150500.4.30.1
* libfrrospfapiclient0-8.5.6-150500.4.30.1
* libfrrsnmp0-8.5.6-150500.4.30.1
* libfrrzmq0-8.5.6-150500.4.30.1
* libfrrfpm_pb0-8.5.6-150500.4.30.1
* libfrrcares0-8.5.6-150500.4.30.1
* libfrrsnmp0-debuginfo-8.5.6-150500.4.30.1
* libfrr0-8.5.6-150500.4.30.1
* frr-devel-8.5.6-150500.4.30.1
* libfrrospfapiclient0-debuginfo-8.5.6-150500.4.30.1
* libfrrfpm_pb0-debuginfo-8.5.6-150500.4.30.1
* libfrr0-debuginfo-8.5.6-150500.4.30.1
* libfrr_pb0-8.5.6-150500.4.30.1
* frr-8.5.6-150500.4.30.1
* libmlag_pb0-debuginfo-8.5.6-150500.4.30.1
* libfrrcares0-debuginfo-8.5.6-150500.4.30.1
* frr-debugsource-8.5.6-150500.4.30.1
* frr-debuginfo-8.5.6-150500.4.30.1
* libmlag_pb0-8.5.6-150500.4.30.1
* libfrr_pb0-debuginfo-8.5.6-150500.4.30.1
* openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64)
* libfrrzmq0-debuginfo-8.5.6-150500.4.30.1
* libfrrospfapiclient0-8.5.6-150500.4.30.1
* libfrrsnmp0-8.5.6-150500.4.30.1
* libfrrzmq0-8.5.6-150500.4.30.1
* libfrrfpm_pb0-8.5.6-150500.4.30.1
* libfrrcares0-8.5.6-150500.4.30.1
* libfrrsnmp0-debuginfo-8.5.6-150500.4.30.1
* libfrr0-8.5.6-150500.4.30.1
* frr-devel-8.5.6-150500.4.30.1
* libfrrospfapiclient0-debuginfo-8.5.6-150500.4.30.1
* libfrrfpm_pb0-debuginfo-8.5.6-150500.4.30.1
* libfrr0-debuginfo-8.5.6-150500.4.30.1
* libfrr_pb0-8.5.6-150500.4.30.1
* frr-8.5.6-150500.4.30.1
* libmlag_pb0-debuginfo-8.5.6-150500.4.30.1
* libfrrcares0-debuginfo-8.5.6-150500.4.30.1
* frr-debugsource-8.5.6-150500.4.30.1
* frr-debuginfo-8.5.6-150500.4.30.1
* libmlag_pb0-8.5.6-150500.4.30.1
* libfrr_pb0-debuginfo-8.5.6-150500.4.30.1
* Server Applications Module 15-SP5 (aarch64 ppc64le s390x x86_64)
* libfrrzmq0-debuginfo-8.5.6-150500.4.30.1
* libfrrospfapiclient0-8.5.6-150500.4.30.1
* libfrrsnmp0-8.5.6-150500.4.30.1
* libfrrzmq0-8.5.6-150500.4.30.1
* libfrrfpm_pb0-8.5.6-150500.4.30.1
* libfrrcares0-8.5.6-150500.4.30.1
* libfrrsnmp0-debuginfo-8.5.6-150500.4.30.1
* libfrr0-8.5.6-150500.4.30.1
* frr-devel-8.5.6-150500.4.30.1
* libfrrospfapiclient0-debuginfo-8.5.6-150500.4.30.1
* libfrrfpm_pb0-debuginfo-8.5.6-150500.4.30.1
* libfrr0-debuginfo-8.5.6-150500.4.30.1
* libfrr_pb0-8.5.6-150500.4.30.1
* frr-8.5.6-150500.4.30.1
* libmlag_pb0-debuginfo-8.5.6-150500.4.30.1
* libfrrcares0-debuginfo-8.5.6-150500.4.30.1
* frr-debugsource-8.5.6-150500.4.30.1
* frr-debuginfo-8.5.6-150500.4.30.1
* libmlag_pb0-8.5.6-150500.4.30.1
* libfrr_pb0-debuginfo-8.5.6-150500.4.30.1
* Server Applications Module 15-SP6 (aarch64 ppc64le s390x x86_64)
* libfrrzmq0-debuginfo-8.5.6-150500.4.30.1
* libfrrospfapiclient0-8.5.6-150500.4.30.1
* libfrrsnmp0-8.5.6-150500.4.30.1
* libfrrzmq0-8.5.6-150500.4.30.1
* libfrrfpm_pb0-8.5.6-150500.4.30.1
* libfrrcares0-8.5.6-150500.4.30.1
* libfrrsnmp0-debuginfo-8.5.6-150500.4.30.1
* libfrr0-8.5.6-150500.4.30.1
* frr-devel-8.5.6-150500.4.30.1
* libfrrospfapiclient0-debuginfo-8.5.6-150500.4.30.1
* libfrrfpm_pb0-debuginfo-8.5.6-150500.4.30.1
* libfrr0-debuginfo-8.5.6-150500.4.30.1
* libfrr_pb0-8.5.6-150500.4.30.1
* frr-8.5.6-150500.4.30.1
* libmlag_pb0-debuginfo-8.5.6-150500.4.30.1
* libfrrcares0-debuginfo-8.5.6-150500.4.30.1
* frr-debugsource-8.5.6-150500.4.30.1
* frr-debuginfo-8.5.6-150500.4.30.1
* libmlag_pb0-8.5.6-150500.4.30.1
* libfrr_pb0-debuginfo-8.5.6-150500.4.30.1
## References:
* https://www.suse.com/security/cve/CVE-2023-31489.html
* https://www.suse.com/security/cve/CVE-2023-31490.html
* https://www.suse.com/security/cve/CVE-2023-3748.html
* https://www.suse.com/security/cve/CVE-2023-38406.html
* https://www.suse.com/security/cve/CVE-2023-38407.html
* https://www.suse.com/security/cve/CVE-2023-38802.html
* https://www.suse.com/security/cve/CVE-2023-41358.html
* https://www.suse.com/security/cve/CVE-2023-41360.html
* https://www.suse.com/security/cve/CVE-2023-41909.html
* https://www.suse.com/security/cve/CVE-2023-46752.html
* https://www.suse.com/security/cve/CVE-2023-46753.html
* https://www.suse.com/security/cve/CVE-2023-47234.html
* https://www.suse.com/security/cve/CVE-2023-47235.html
* https://www.suse.com/security/cve/CVE-2024-27913.html
* https://www.suse.com/security/cve/CVE-2024-31948.html
* https://www.suse.com/security/cve/CVE-2024-31950.html
* https://www.suse.com/security/cve/CVE-2024-31951.html
* https://www.suse.com/security/cve/CVE-2024-34088.html
* https://www.suse.com/security/cve/CVE-2024-44070.html
* https://jira.suse.com/browse/PED-11092
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-security-updates/attachments/20241128/2f4e7238/attachment.htm>
More information about the sle-security-updates
mailing list