frr (SUSE:Linux Enterprise Module for Server Applications 15 SP3) — known CVEs & security advisories
Known CVE vulnerabilities and GitHub Security Advisories affecting the SUSE:Linux Enterprise Module for Server Applications 15 SP3 package frr, with affected version ranges, CVSS severity, EPSS exploit prediction, and CISA KEV status.
CVEs (7)
CVE-2022-37032 — CVSS 9.1 (critical): An out-of-bounds read in the BGP daemon of FRRouting FRR before 8.4 may lead to a segmentation fault and denial of service. This occurs in…
CVE-2022-37035 — CVSS 8.1 (high): An issue was discovered in bgpd in FRRouting (FRR) 8.3. In bgp_notify_send_with_data() and bgp_process_packet() in bgp_packet.c, there is a…
CVE-2022-26127 — CVSS 7.8 (high): A buffer overflow vulnerability exists in FRRouting through 8.1.0 due to missing a check on the input packet length in the…
CVE-2022-26125 — CVSS 7.8 (high): Buffer overflow vulnerabilities exist in FRRouting through 8.1.0 due to wrong checks on the input packet length in isisd/isis_tlvs.c.
CVE-2022-26129 — CVSS 7.8 (high): Buffer overflow vulnerabilities exist in FRRouting through 8.1.0 due to wrong checks on the subtlv length in the functions…
CVE-2022-26128 — CVSS 7.8 (high): A buffer overflow vulnerability exists in FRRouting through 8.1.0 due to a wrong check on the input packet length in the…
CVE-2022-26126 — CVSS 7.8 (high): Buffer overflow vulnerabilities exist in FRRouting through 8.1.0 due to the use of strdup with a non-zero-terminated binary string in…