frr-7.5.1-24.el8_10
エラータID: AXSA:2026-771:01
Release date:
Wednesday, June 10, 2026 - 09:24
Subject:
frr-7.5.1-24.el8_10
Affected Channels:
Asianux Server 8 for x86_64
Severity:
High
Description:
FRRouting is free software that manages TCP/IP based routing protocols. It supports BGP4, OSPFv2, OSPFv3, ISIS, RIP, RIPng, PIM, NHRP, PBR, EIGRP and BFD.
Security Fix(es):
* frr: denial of service via crafted FlowSpec component (CVE-2026-37457)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
CVE-2026-37457
An off-by-one out-of-bounds write vulnerability in the bgp_flowspec_op_decode() function (bgpd/bgp_flowspec_util.c) of FRRouting (FRR) stable/10.0 allows attackers to cause a Denial of Service (DoS) via supplying a crafted FlowSpec component.
Solution:
Update packages.
CVEs:
CVE-2026-37457
An off-by-one out-of-bounds write vulnerability in the bgp_flowspec_op_decode() function (bgpd/bgp_flowspec_util.c) of FRRouting (FRR) stable/10.0 allows attackers to cause a Denial of Service (DoS) via supplying a crafted FlowSpec component.
An off-by-one out-of-bounds write vulnerability in the bgp_flowspec_op_decode() function (bgpd/bgp_flowspec_util.c) of FRRouting (FRR) stable/10.0 allows attackers to cause a Denial of Service (DoS) via supplying a crafted FlowSpec component.
Additional Info:
N/A
Download:
SRPMS
- frr-7.5.1-24.el8_10.src.rpm
MD5: 9acab81c2fdf1de68eda1a90220a0d51
SHA-256: e902177010b56b705cdb77219acee68f18674edd5373f9e9395d23b088bcfa71
Size: 6.44 MB
Asianux Server 8 for x86_64
- frr-7.5.1-24.el8_10.x86_64.rpm
MD5: 79b673dff32f87248b8dba7e8cea6f61
SHA-256: 39d6afc29851fe298d0a4b090aa33fc8cdcb19a8a013e67c694ba56186db03be
Size: 3.15 MB - frr-selinux-7.5.1-24.el8_10.noarch.rpm
MD5: fafd3265485655820c3d28b7e57e84d9
SHA-256: ff6c37f85f3df89eebec43f80d622edc479e18e266641b3b39f0b28a152c981f
Size: 26.70 kB