RHSA-2022:8112: Red Hat Security Advisory: frr security, bug fix, and enhancement update

Skip to navigation Skip to main content

Utilities

• Subscriptions
• Downloads
• Containers
• Support Cases

Infrastructure and Management

• Red Hat Enterprise Linux
• Red Hat Virtualization
• Red Hat Identity Management
• Red Hat Directory Server
• Red Hat Certificate System
• Red Hat Satellite
• Red Hat Subscription Management
• Red Hat Update Infrastructure
• Red Hat Insights
• Red Hat Ansible Automation Platform

Cloud Computing

• Red Hat OpenShift
• Red Hat CloudForms
• Red Hat OpenStack Platform
• Red Hat OpenShift Container Platform
• Red Hat OpenShift Data Science
• Red Hat OpenShift Online
• Red Hat OpenShift Dedicated
• Red Hat Advanced Cluster Security for Kubernetes
• Red Hat Advanced Cluster Management for Kubernetes
• Red Hat Quay
• Red Hat CodeReady Workspaces
• Red Hat OpenShift Service on AWS

Storage

• Red Hat Gluster Storage
• Red Hat Hyperconverged Infrastructure
• Red Hat Ceph Storage
• Red Hat OpenShift Data Foundation

Runtimes

• Red Hat Runtimes
• Red Hat JBoss Enterprise Application Platform
• Red Hat Data Grid
• Red Hat JBoss Web Server
• Red Hat Single Sign On
• Red Hat support for Spring Boot
• Red Hat build of Node.js
• Red Hat build of Thorntail
• Red Hat build of Eclipse Vert.x
• Red Hat build of OpenJDK
• Red Hat build of Quarkus

Integration and Automation

• Red Hat Process Automation
• Red Hat Process Automation Manager
• Red Hat Decision Manager

All Products

Issued:

2022-11-15

Updated:

2022-11-15

RHSA-2022:8112 - Security Advisory

• Overview
• Updated Packages

Synopsis

Moderate: frr security, bug fix, and enhancement update

Type/Severity

Security Advisory: Moderate

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for frr is now available for Red Hat Enterprise Linux 9.

Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

FRRouting is free software that manages TCP/IP based routing protocols. It supports BGP4, OSPFv2, OSPFv3, ISIS, RIP, RIPng, PIM, NHRP, PBR, EIGRP and BFD.

The following packages have been upgraded to a later upstream version: frr (8.2.2). (BZ#2069563)

Security Fix(es):

• frrouting: overflow bugs in unpack_tlv_router_cap (CVE-2022-26125)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Additional Changes:

For detailed information on changes in this release, see the Red Hat Enterprise Linux 9.1 Release Notes linked from the References section.

Affected Products

• Red Hat Enterprise Linux for x86_64 9 x86_64
• Red Hat Enterprise Linux for IBM z Systems 9 s390x
• Red Hat Enterprise Linux for Power, little endian 9 ppc64le
• Red Hat Enterprise Linux for ARM 64 9 aarch64

Fixes

• BZ - 2058628 - CVE-2022-26125 frrouting: overflow bugs in unpack_tlv_router_cap
• BZ - 2069563 - [RFE] Rebase frr to more recent version
• BZ - 2081304 - Enhanced TMT testing for centos-stream
• BZ - 2095404 - [RFE] frr use systemd-sysusers

References

• https://access.redhat.com/security/updates/classification/#moderate
• https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/9/html/9.1_release_notes/index

Red Hat Enterprise Linux for x86_64 9

SRPM

frr-8.2.2-4.el9.src.rpm

SHA-256: e26091fcc4387704492e762f4168a40502e6e1c50a94d0c3567c3d766ce68082

x86_64

frr-8.2.2-4.el9.x86_64.rpm

SHA-256: d9050bb2ea77a4365cfe693624b1b461828bef62ce4f229cf0ae39137aaff322

frr-debuginfo-8.2.2-4.el9.x86_64.rpm

SHA-256: 2c6f490439fb3e33d07de9b51923719e17a471fd4d3d584cbf3b044feb12f7c8

frr-debugsource-8.2.2-4.el9.x86_64.rpm

SHA-256: 9cb07403133c9277a66e2711a19b1bf5bd1c45fc2d725b77acbc70481c87eb55

Red Hat Enterprise Linux for IBM z Systems 9

SRPM

frr-8.2.2-4.el9.src.rpm

SHA-256: e26091fcc4387704492e762f4168a40502e6e1c50a94d0c3567c3d766ce68082

s390x

frr-8.2.2-4.el9.s390x.rpm

SHA-256: 552367a394c7821f7900800aa3d50210bd0d8f198316afc7a74abd173a65f042

frr-debuginfo-8.2.2-4.el9.s390x.rpm

SHA-256: 33fd5c1e8946fbed3a2215f63805bb7f7604804801b37f5434a48d7b7f7af9a3

frr-debugsource-8.2.2-4.el9.s390x.rpm

SHA-256: 3f5022d57fc0e2b135286289293317f88e6730f6709f155eaf1c5e388ddbeea9

Red Hat Enterprise Linux for Power, little endian 9

SRPM

frr-8.2.2-4.el9.src.rpm

SHA-256: e26091fcc4387704492e762f4168a40502e6e1c50a94d0c3567c3d766ce68082

ppc64le

frr-8.2.2-4.el9.ppc64le.rpm

SHA-256: 94ae0bd64325480928af97fbbcba964d08832a814f0b59bc6b00a2f3bb3ceeee

frr-debuginfo-8.2.2-4.el9.ppc64le.rpm

SHA-256: b0dc3a3af25f1a21493dd70d619e1f1fa78dcee6e1a6cc37fde97caac4f4951a

frr-debugsource-8.2.2-4.el9.ppc64le.rpm

SHA-256: 1580c7a33cae88611603bd773b8781a06bc9b23603d26bae3f7fd50a1b2093b6

Red Hat Enterprise Linux for ARM 64 9

SRPM

frr-8.2.2-4.el9.src.rpm

SHA-256: e26091fcc4387704492e762f4168a40502e6e1c50a94d0c3567c3d766ce68082

aarch64

frr-8.2.2-4.el9.aarch64.rpm

SHA-256: 4fb04979483a12894ee261b811815f7b9aa94c547c5ce47ddf0a37a8c8865f48

frr-debuginfo-8.2.2-4.el9.aarch64.rpm

SHA-256: c37cd56d0824893862da3a977ce7e4654fee482450913be75f2eb0cc65b9ad63

frr-debugsource-8.2.2-4.el9.aarch64.rpm

SHA-256: 4c1061b57add0a2895d85b58bda4124039071158124589331a9630b25f3b27dc

The Red Hat security contact is [email protected]. More contact details at https://access.redhat.com/security/team/contact/.