Issued:: 2023-10-05
Updated:: 2023-10-05

RHSA-2023:5464 - Security Advisory

Overview
Updated Packages

Synopsis

Important: frr security update

Type/Severity

Security Advisory: Important

Red Hat Lightspeed patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for frr is now available for Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

FRRouting is free software that manages TCP/IP based routing protocols. It supports BGP4, OSPFv2, OSPFv3, ISIS, RIP, RIPng, PIM, NHRP, PBR, EIGRP and BFD.

Security Fix(es):

frr: Incorrect handling of a error in parsing of an invalid section of a BGP update can de-peer a router (CVE-2023-38802)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

Affected Products

Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 8.1 ppc64le
Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 8.1 x86_64

Fixes

BZ - 2230983 - CVE-2023-38802 frr: Incorrect handling of a error in parsing of an invalid section of a BGP update can de-peer a router

CVEs

CVE-2023-38802

References

https://access.redhat.com/security/updates/classification/#important

Note: More recent versions of these packages may be available. Click a package name for more details.

Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 8.1

SRPM
frr-7.0-5.el8_1.1.src.rpm	SHA-256: 634eab1e67d0b3996e5813cafe9873bd086719ce3274e6bc5b8b821ccb3916a5
ppc64le
frr-7.0-5.el8_1.1.ppc64le.rpm	SHA-256: e3e7eaeea57bf037dbf444a2f5ae1d463ff73b9401eaa1adbe15f812c5d3f3a9
frr-contrib-7.0-5.el8_1.1.ppc64le.rpm	SHA-256: 5ace72e90ffff01dd2fe935983d979601051fb2864b1eb480e2fa95c8dec3f20
frr-debuginfo-7.0-5.el8_1.1.ppc64le.rpm	SHA-256: 56816032cea8d1ead62227ad91629b570ec20f2742be5f88a176625ae730fe2a
frr-debugsource-7.0-5.el8_1.1.ppc64le.rpm	SHA-256: bde05927a4f70c21d848e840828e601c4ee6873e28a301104dbc9b950eb12d26

Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 8.1

SRPM
frr-7.0-5.el8_1.1.src.rpm	SHA-256: 634eab1e67d0b3996e5813cafe9873bd086719ce3274e6bc5b8b821ccb3916a5
x86_64
frr-7.0-5.el8_1.1.x86_64.rpm	SHA-256: 1c579fc91b44f60b98d5bfb5da797a02631c09b976669231b9060bbdf6176337
frr-contrib-7.0-5.el8_1.1.x86_64.rpm	SHA-256: e7888c42d95850bbd36805646a0e5c1c79b3a356f5e503955638a27b2feedb84
frr-debuginfo-7.0-5.el8_1.1.x86_64.rpm	SHA-256: 526ab7dbb3a3793445767878bdfb050493b1aec7ed1721aff98d67cf16b9917b
frr-debugsource-7.0-5.el8_1.1.x86_64.rpm	SHA-256: a7ed3e443b403b35221d1fde53815038732f6908933527f164229bcdbfb4187c

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.

Select Your Language

Infrastructure and Management

Cloud Computing

Storage

Runtimes

Integration and Automation