Test ID:	1.3.6.1.4.1.25623.1.1.12.2024.6807.1
Category:	Ubuntu Local Security Checks
Title:	Ubuntu: Security Advisory (USN-6807-1)
Summary:	The remote host is missing an update for the 'frr' package(s) announced via the USN-6807-1 advisory.
Description:	Summary: The remote host is missing an update for the 'frr' package(s) announced via the USN-6807-1 advisory. Vulnerability Insight: It was discovered that FRR incorrectly handled certain network traffic. A remote attacker could possibly use this issue to cause FRR to crash, resulting in a denial of service. (CVE-2022-26126, CVE-2022-26127, CVE-2022-26128, CVE-2022-26129, CVE-2022-37032, CVE-2022-37035, CVE-2023-31490, CVE-2023-38406, CVE-2023-38407, CVE-2023-46752, CVE-2023-46753, CVE-2023-47234, CVE-2023-47235, CVE-2024-31948) Ben Cartwright-Cox discovered that FRR incorrectly handled certain network traffic. A remote attacker could possibly use this issue to cause FRR to crash, resulting in a denial of service. (CVE-2023-38802) Affected Software/OS: 'frr' package(s) on Ubuntu 20.04. Solution: Please install the updated package(s). CVSS Score: 6.8 CVSS Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2022-26126 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VTYSAL4QCE4XWMMBKUB7LSLPAFLWUML4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XUCZR6RYQVZ35BFUV7OLIUEHZW2433I2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MIEQNIWUSBQTFR65HM2LLIB7PH27CZUZ/ https://github.com/FRRouting/frr/issues/10505 https://lists.debian.org/debian-lts-announce/2024/04/msg00019.html Common Vulnerability Exposure (CVE) ID: CVE-2022-26127 https://github.com/FRRouting/frr/issues/10487 Common Vulnerability Exposure (CVE) ID: CVE-2022-26128 https://github.com/FRRouting/frr/issues/10502 Common Vulnerability Exposure (CVE) ID: CVE-2022-26129 https://github.com/FRRouting/frr/issues/10503 Common Vulnerability Exposure (CVE) ID: CVE-2022-37032 Debian Security Information: DSA-5362 (Google Search) https://www.debian.org/security/2023/dsa-5362 https://github.com/FRRouting/frr/commit/6d58272b4cf96f0daa846210dd2104877900f921 https://github.com/FRRouting/frr/commit/ff6db1027f8f36df657ff2e5ea167773752537ed https://lists.debian.org/debian-lts-announce/2022/11/msg00039.html Common Vulnerability Exposure (CVE) ID: CVE-2022-37035 https://docs.google.com/document/d/1TqYEcZbFeDTMKe2N4XRFwyAjw_mynIHfvzwbx1fmJj8/edit?usp=sharing https://github.com/FRRouting/frr/issues/11698 Common Vulnerability Exposure (CVE) ID: CVE-2023-31490 Debian Security Information: DSA-5495 (Google Search) https://www.debian.org/security/2023/dsa-5495 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LMJNX44SMJM25JZO7XWHDQCOB4SNJPIE/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WXR6PIVY4SWO7HDT4EY733H4X32SCPM4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JLG64IF3FU7V76K4TKCCXVNEE6P2VUDO/ https://github.com/FRRouting/frr/issues/13099 https://lists.debian.org/debian-lts-announce/2023/09/msg00020.html Common Vulnerability Exposure (CVE) ID: CVE-2023-38406 https://github.com/FRRouting/frr/compare/frr-8.4.2...frr-8.4.3 https://github.com/FRRouting/frr/pull/12884 Common Vulnerability Exposure (CVE) ID: CVE-2023-38407 https://github.com/FRRouting/frr/compare/frr-8.5-rc...frr-8.5 https://github.com/FRRouting/frr/pull/12951 https://github.com/FRRouting/frr/pull/12956 Common Vulnerability Exposure (CVE) ID: CVE-2023-38802 https://blog.benjojo.co.uk/post/bgp-path-attributes-grave-error-handling https://news.ycombinator.com/item?id=37305800 Common Vulnerability Exposure (CVE) ID: CVE-2023-46752 https://github.com/FRRouting/frr/pull/14645/commits/b08afc81c60607a4f736f418f2e3eb06087f1a35 Common Vulnerability Exposure (CVE) ID: CVE-2023-46753 https://github.com/FRRouting/frr/pull/14645/commits/d8482bf011cb2b173e85b65b4bf3d5061250cdb9 Common Vulnerability Exposure (CVE) ID: CVE-2023-47234 https://github.com/FRRouting/frr/pull/14716/commits/c37119df45bbf4ef713bc10475af2ee06e12f3bf Common Vulnerability Exposure (CVE) ID: CVE-2023-47235 https://github.com/FRRouting/frr/pull/14716/commits/6814f2e0138a6ea5e1f83bdd9085d9a77999900b Common Vulnerability Exposure (CVE) ID: CVE-2024-31948 https://github.com/FRRouting/frr/pull/15628 https://github.com/FRRouting/frr/pull/15628/commits/ba6a8f1a31e1a88df2de69ea46068e8bd9b97138
Copyright	Copyright (C) 2024 Greenbone AG

This is only one of 146377 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.