Headline
Ubuntu Security Notice USN-6240-1
Ubuntu Security Notice 6240-1 - It was discovered that FRR incorrectly handled certain messages. An attacker could possibly use this issue to cause a denial of service.
==========================================================================Ubuntu Security Notice USN-6240-1July 24, 2023frr vulnerability==========================================================================A security issue affects these releases of Ubuntu and its derivatives:- Ubuntu 23.04Summary:FRR could be made to denial of service if it received aspecially crafted message.Software Description:- frr: FRRouting suite of internet protocolsDetails:It was discovered that FRR incorrectly handled certain messages.An attacker could possibly use this issue to cause a denial of service.Update instructions:The problem can be corrected by updating your system to the followingpackage versions:Ubuntu 23.04: frr 8.4.2-1ubuntu1.2In general, a standard system update will make all the necessary changes.References: https://ubuntu.com/security/notices/USN-6240-1 CVE-2023-3748Package Information: https://launchpad.net/ubuntu/+source/frr/8.4.2-1ubuntu1.2Related news
CVE-2023-3748: Invalid Bug ID
A flaw was found in FRRouting when parsing certain babeld unicast hello messages that are intended to be ignored. This issue may allow an attacker to send specially crafted hello messages with the unicast flag set, the interval field set to 0, or any TLV that contains a sub-TLV with the Mandatory flag set to enter an infinite loop and cause a denial of service.