Several vulnerabilities were discovered in FRRouting (frr), a suite of internet routing protocol daemons. A remote attacker could trigger these issues by sending specially crafted protocol packets to a vulnerable daemon, resulting in denial of service (infinite loops, NULL pointer dereferences and crashes) or potentially the execution of arbitrary code through out-of-bounds reads and writes and buffer overflows. The flaws affect packet and attribute parsing in the BGP daemon (including FlowSpec, EVPN/VNC NLRI and MP_REACH_NLRI handling), the OSPF daemon (Traffic Engineering, Segment Routing and Opaque LSA processing) and the babeld daemon.
https://security-tracker.debian.org/tracker/DSA-6322-1
Continue reading...
https://security-tracker.debian.org/tracker/DSA-6322-1
Continue reading...
