Not a user yet?
Log in Register for free Suggest a product
The manufacturer Canonical has not yet set up its devicebase profile. Content such as updates, compatibilities and support may only be maintained with a delay.
Update

USN-7230-2: FRR vulnerabilities

Ubuntu DesktopUbuntu Desktop
Canonical
Update from patrick-devicebaseUpdate from:
patrick-devicebase (expert)

USN-7230-2: FRR vulnerabilities
27 January 2025

FRR could be made to crash or exhibit degraded performance if it received specially crafted network traffic.

Releases
Ubuntu 24.10 Ubuntu 24.04 LTS Ubuntu 22.04 LTS Ubuntu 20.04 LTS

Packages
frr - FRRouting suite of internet protocols

Details
Iggy Frankovic discovered that FRR incorrectly handled certain BGP
messages. A remote attacker could possibly use this issue to cause FRR to
crash, resulting in a denial of service. This issue only affected Ubuntu
20.04 LTS. (CVE-2024-44070)

It was discovered that FRR re-validated all routes in certain instances
when the internal socket’s buffer size overflowed. A remote attacker could
possibly use this issue to impact the performance of FRR, resulting in a
denial of service. (CVE-2024-55553)

Update instructions
The problem can be corrected by updating your system to the following package versions:

Ubuntu 24.10

  • frr - 10.0.1-0.1ubuntu3
    Ubuntu 24.04
  • frr - 8.4.4-1.1ubuntu6.3
    Ubuntu 22.04
  • frr - 8.1-1ubuntu1.13
    Ubuntu 20.04
  • frr - 7.2.1-1ubuntu0.2+esm3

Available with Ubuntu Pro
In general, a standard system update will make all the necessary changes.

Version: 24.04 LTS Link
More updatesTo the product
Receive Important Update Messages Stay tuned for upcoming Canonical Ubuntu Desktop updates

Was the content helpful to you?

Advertisement Advertise here?
Udemy IT certification ad