mirror of
https://github.com/openembedded/meta-openembedded.git
synced 2026-06-14 05:49:57 +00:00
Zhang Peng
84ebedfcf4
CVE-2024-27913: ospf_te_parse_te in ospfd/ospf_te.c in FRRouting (FRR) through 9.1 allows remote attackers to cause a denial of service (ospfd daemon crash) via a malformed OSPF LSA packet, because of an attempted access to a missing attribute field. CVE-2024-34088: In FRRouting (FRR) through 9.1, it is possible for the get_edge() function in ospf_te.c in the OSPF daemon to return a NULL pointer. In cases where calling functions do not handle the returned NULL value, the OSPF daemon crashes, leading to denial of service. CVE-2024-31950: In FRRouting (FRR) through 9.1, there can be a buffer overflow and daemon crash in ospf_te_parse_ri for OSPF LSA packets during an attempt to read Segment Routing subTLVs (their size is not validated). CVE-2024-31951: In the Opaque LSA Extended Link parser in FRRouting (FRR) through 9.1, there can be a buffer overflow and daemon crash in ospf_te_parse_ext_link for OSPF LSA packets during an attempt to read Segment Routing Adjacency SID subTLVs (lengths are not validated). CVE-2024-31948: In FRRouting (FRR) through 9.1, an attacker using a malformed Prefix SID attribute in a BGP UPDATE packet can cause the bgpd daemon to crash. Reference: [https://nvd.nist.gov/vuln/detail/CVE-2024-27913] [https://nvd.nist.gov/vuln/detail/CVE-2024-34088] [https://nvd.nist.gov/vuln/detail/CVE-2024-31951] [https://nvd.nist.gov/vuln/detail/CVE-2024-31950] [https://nvd.nist.gov/vuln/detail/CVE-2024-31948] Upstream patches: [https://github.com/FRRouting/frr/commit/a73e66d07329d721f26f3f336f7735de420b0183] [https://github.com/FRRouting/frr/commit/8c177d69e32b91b45bda5fc5da6511fa03dc11ca] [https://github.com/FRRouting/frr/commit/5557a289acdaeec8cc63ffc97b5c2abf6dee7b3a] [https://github.com/FRRouting/frr/commit/f69d1313b19047d3d83fc2b36a518355b861dfc4] [https://github.com/FRRouting/frr/commit/babb23b74855e23c987a63f8256d24e28c044d07] [https://github.com/FRRouting/frr/commit/ba6a8f1a31e1a88df2de69ea46068e8bd9b97138] Signed-off-by: Zhang Peng <peng.zhang1.cn@windriver.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
meta-networking
===============
This layer is intended to be a central point for networking-related
packages and configuration. It should be useful directly on top of
oe-core and compliments meta-openembedded. It should be primarily useful
to the following groups:
- Anyone building a small networking device (eg. a home router /
bridge / switch).
- Anyone wanting to add network services to their device (eg.
anything that might benefit from a small ftp/tftp server)
Dependencies
------------
This layer depends on:
URI: git://git.openembedded.org/openembedded-core
branch: kirkstone
For some recipes, the meta-oe layer is required:
URI: git://git.openembedded.org/meta-openembedded
subdirectory: meta-oe
branch: kirkstone
URI: git://git.openembedded.org/meta-openembedded
subdirectory: meta-python
branch: kirkstone
Maintenance
-----------
Layer maintainers: Armin Kuster <akuster808@gmail.com>
Please see the MAINTAINERS file for information on contacting the
maintainers of this layer, as well as instructions for submitting patches.