mirrors/meta-openembedded
1
0
Fork 0
mirror of https://github.com/openembedded/meta-openembedded.git synced 2026-06-14 05:49:57 +00:00
Code Issues Projects Releases Wiki Activity
Files
e656a5b1817e074819c32b750ae4f5c6795971c6
meta-openembedded/meta-networking
T
History
Zhang Peng e656a5b181 frr: fix CVE-2024-55553 
CVE-2024-55553:
In FRRouting (FRR) before 10.3 from 6.0 onward, all routes are re-validated if the total size
of an update received via RTR exceeds the internal socket's buffer size, default 4K on most OSes.
An attacker can use this to trigger re-parsing of the RIB for FRR routers using RTR by causing
more than this number of updates during an update interval (usually 30 minutes).
Additionally, this effect regularly occurs organically. Furthermore, an attacker can use this
to trigger route validation continuously. Given that routers with large full tables may need
more than 30 minutes to fully re-validate the table, continuous issuance/withdrawal of large numbers
of ROA may be used to impact the route handling performance of all FRR instances using RPKI globally.
Additionally, the re-validation will cause heightened BMP traffic to ingestors.
Fixed Versions: 10.0.3, 10.1.2, 10.2.1, >= 10.3.

Reference:
[https://nvd.nist.gov/vuln/detail/CVE-2024-55553]

Upstream patches:
[https://github.com/FRRouting/frr/commit/b0800bfdf04b4fcf48504737ebfe4ba7f05268d3]

Signed-off-by: Zhang Peng <peng.zhang1.cn@windriver.com>
Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com>
2025-11-21 11:06:13 +05:30
..
classes
waf-samba: replace oldincludedir
2024-04-14 08:38:42 -07:00
conf
Wolfssl: add ptest
2025-03-23 15:27:08 -04:00
dynamic-layers/meta-python
system-config-printer: fix runtime for system-config-printer
2024-01-28 08:39:17 -08:00
files
ntp: Add missing 'ntp' static group id
2024-02-17 10:26:58 -08:00
licenses
meta-networking/licenses/netperf: remove unused license
2023-04-28 06:59:50 -07:00
recipes-connectivity
mbedtls: update SRC_URI branch
2025-11-12 11:32:47 +05:30
recipes-core
Wolfssl: add ptest
2025-03-23 15:27:08 -04:00
recipes-daemons
squid: patch CVE-2025-62168
2025-11-17 11:50:20 +05:30
recipes-devtools
libcoap: patch CVE-2024-31031
2025-08-02 13:37:04 -04:00
recipes-extended
kronosnet: Fetch version tag with BB_GIT_SHALLOW_EXTRA_REFS
2025-11-12 11:14:57 +05:30
recipes-filter
arno-iptables-firewall: upgrade 2.1.1 -> 2.1.1a
2025-11-12 11:14:57 +05:30
recipes-irc
znc: Fix buildpaths QA errors
2024-08-10 11:21:45 -04:00
recipes-kernel/wireguard
wireguard-tools: fix do_fetch error
2024-11-09 14:31:19 -05:00
recipes-protocols
frr: fix CVE-2024-55553
2025-11-21 11:06:13 +05:30
recipes-support
unbound: fix SRC_URI
2025-11-12 11:38:29 +05:30
COPYING.MIT
MAINTAINERS
meta-openemnedded: Add myself as scarthgap maintainer
2024-03-27 20:07:53 -07:00
README.md
meta-openemnedded: Add myself as scarthgap maintainer
2024-03-27 20:07:53 -07:00

README.md

meta-networking

This layer is intended to be a central point for networking-related packages and configuration. It should be useful directly on top of oe-core and compliments meta-openembedded. It should be primarily useful to the following groups:

  - Anyone building a small networking device (eg. a home router /
    bridge / switch).

  - Anyone wanting to add network services to their device (eg.
    anything that might benefit from a small ftp/tftp server)

Dependencies

This layer depends on:

URI: git://git.openembedded.org/openembedded-core branch: Scarthgap

For some recipes, the meta-oe layer is required:

URI: git://git.openembedded.org/meta-openembedded subdirectory: meta-oe branch: Scarthgap

URI: git://git.openembedded.org/meta-openembedded subdirectory: meta-python branch: Scarthgap

Maintenance

Stable Layer maintainer: Armin Kuster akuster808@gmail.com

Please see the MAINTAINERS file for information on contacting the maintainers of this layer, as well as instructions for submitting patches.

Reference in New Issue View Git Blame Copy Permalink