Security update for quagga SUSE Patch security@suse.de SUSE Security Team SUSE-SU-2024:3426-1 Final 1 1 2024-09-24T16:42:36Z current 2024-09-24T16:42:36Z 2024-09-24T16:42:36Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z Security update for quagga This update for quagga fixes the following issues: - CVE-2017-15865: sensitive information disclosed when malformed BGP UPDATE packets are processed. (bsc#1230866) - CVE-2024-44070: crash when parsing Tunnel Encap attribute due to no length check. (bsc#1229438) - CVE-2022-37032: out-of-bounds read when parsing a BGP capability message due to incorrect size check. (bsc#1202023) Bug fixes: - References to /var/adm/fillup-templates replaced with new %_fillupdir macro. (bsc#1069468) The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). SUSE-2024-3426,SUSE-SLE-SDK-12-SP5-2024-3426,SUSE-SLE-SERVER-12-SP5-2024-3426 Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) https://www.suse.com/support/update/announcement/2024/suse-su-20243426-1/ Link for SUSE-SU-2024:3426-1 https://lists.suse.com/pipermail/sle-security-updates/2024-September/019517.html E-Mail link for SUSE-SU-2024:3426-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings https://bugzilla.suse.com/1069468 SUSE Bug 1069468 https://bugzilla.suse.com/1079798 SUSE Bug 1079798 https://bugzilla.suse.com/1079799 SUSE Bug 1079799 https://bugzilla.suse.com/1079800 SUSE Bug 1079800 https://bugzilla.suse.com/1079801 SUSE Bug 1079801 https://bugzilla.suse.com/1202023 SUSE Bug 1202023 https://bugzilla.suse.com/1229438 SUSE Bug 1229438 https://bugzilla.suse.com/1230866 SUSE Bug 1230866 https://www.suse.com/security/cve/CVE-2017-15865/ SUSE CVE CVE-2017-15865 page https://www.suse.com/security/cve/CVE-2018-5378/ SUSE CVE CVE-2018-5378 page https://www.suse.com/security/cve/CVE-2018-5379/ SUSE CVE CVE-2018-5379 page https://www.suse.com/security/cve/CVE-2018-5380/ SUSE CVE CVE-2018-5380 page https://www.suse.com/security/cve/CVE-2018-5381/ SUSE CVE CVE-2018-5381 page https://www.suse.com/security/cve/CVE-2022-37032/ SUSE CVE CVE-2022-37032 page https://www.suse.com/security/cve/CVE-2024-44070/ SUSE CVE CVE-2024-44070 page SUSE Linux Enterprise Server 12 SP5 SUSE Linux Enterprise Server for SAP Applications 12 SP5 SUSE Linux Enterprise Software Development Kit 12 SP5 libfpm_pb0-1.1.1-17.13.1 libospf0-1.1.1-17.13.1 libospfapiclient0-1.1.1-17.13.1 libquagga_pb0-1.1.1-17.13.1 libzebra1-1.1.1-17.13.1 quagga-1.1.1-17.13.1 quagga-devel-1.1.1-17.13.1 libfpm_pb0-1.1.1-17.13.1 as a component of SUSE Linux Enterprise Server 12 SP5 libospf0-1.1.1-17.13.1 as a component of SUSE Linux Enterprise Server 12 SP5 libospfapiclient0-1.1.1-17.13.1 as a component of SUSE Linux Enterprise Server 12 SP5 libquagga_pb0-1.1.1-17.13.1 as a component of SUSE Linux Enterprise Server 12 SP5 libzebra1-1.1.1-17.13.1 as a component of SUSE Linux Enterprise Server 12 SP5 quagga-1.1.1-17.13.1 as a component of SUSE Linux Enterprise Server 12 SP5 libfpm_pb0-1.1.1-17.13.1 as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP5 libospf0-1.1.1-17.13.1 as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP5 libospfapiclient0-1.1.1-17.13.1 as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP5 libquagga_pb0-1.1.1-17.13.1 as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP5 libzebra1-1.1.1-17.13.1 as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP5 quagga-1.1.1-17.13.1 as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP5 quagga-devel-1.1.1-17.13.1 as a component of SUSE Linux Enterprise Software Development Kit 12 SP5 bgpd in FRRouting (FRR) before 2.0.2 and 3.x before 3.0.2, as used in Cumulus Linux before 3.4.3 and other products, allows remote attackers to obtain sensitive information via a malformed BGP UPDATE packet from a connected peer, which triggers transmission of up to a few thousand unintended bytes because of a mishandled attribute length, aka RN-690 (CM-18492). CVE-2017-15865 SUSE Linux Enterprise Server 12 SP5:libfpm_pb0-1.1.1-17.13.1 SUSE Linux Enterprise Server 12 SP5:libospf0-1.1.1-17.13.1 SUSE Linux Enterprise Server 12 SP5:libospfapiclient0-1.1.1-17.13.1 SUSE Linux Enterprise Server 12 SP5:libquagga_pb0-1.1.1-17.13.1 SUSE Linux Enterprise Server 12 SP5:libzebra1-1.1.1-17.13.1 SUSE Linux Enterprise Server 12 SP5:quagga-1.1.1-17.13.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:libfpm_pb0-1.1.1-17.13.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:libospf0-1.1.1-17.13.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:libospfapiclient0-1.1.1-17.13.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:libquagga_pb0-1.1.1-17.13.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:libzebra1-1.1.1-17.13.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:quagga-1.1.1-17.13.1 SUSE Linux Enterprise Software Development Kit 12 SP5:quagga-devel-1.1.1-17.13.1 important 5 AV:N/AC:L/Au:N/C:P/I:N/A:N To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2024/suse-su-20243426-1/ https://www.suse.com/security/cve/CVE-2017-15865.html CVE-2017-15865 https://bugzilla.suse.com/1230866 SUSE Bug 1230866 The Quagga BGP daemon (bgpd) prior to version 1.2.3 does not properly bounds check the data sent with a NOTIFY to a peer, if an attribute length is invalid. Arbitrary data from the bgpd process may be sent over the network to a peer and/or bgpd may crash. CVE-2018-5378 SUSE Linux Enterprise Server 12 SP5:libfpm_pb0-1.1.1-17.13.1 SUSE Linux Enterprise Server 12 SP5:libospf0-1.1.1-17.13.1 SUSE Linux Enterprise Server 12 SP5:libospfapiclient0-1.1.1-17.13.1 SUSE Linux Enterprise Server 12 SP5:libquagga_pb0-1.1.1-17.13.1 SUSE Linux Enterprise Server 12 SP5:libzebra1-1.1.1-17.13.1 SUSE Linux Enterprise Server 12 SP5:quagga-1.1.1-17.13.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:libfpm_pb0-1.1.1-17.13.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:libospf0-1.1.1-17.13.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:libospfapiclient0-1.1.1-17.13.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:libquagga_pb0-1.1.1-17.13.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:libzebra1-1.1.1-17.13.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:quagga-1.1.1-17.13.1 SUSE Linux Enterprise Software Development Kit 12 SP5:quagga-devel-1.1.1-17.13.1 moderate 4.9 AV:N/AC:M/Au:S/C:P/I:N/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2024/suse-su-20243426-1/ https://www.suse.com/security/cve/CVE-2018-5378.html CVE-2018-5378 https://bugzilla.suse.com/1079798 SUSE Bug 1079798 The Quagga BGP daemon (bgpd) prior to version 1.2.3 can double-free memory when processing certain forms of UPDATE message, containing cluster-list and/or unknown attributes. A successful attack could cause a denial of service or potentially allow an attacker to execute arbitrary code. CVE-2018-5379 SUSE Linux Enterprise Server 12 SP5:libfpm_pb0-1.1.1-17.13.1 SUSE Linux Enterprise Server 12 SP5:libospf0-1.1.1-17.13.1 SUSE Linux Enterprise Server 12 SP5:libospfapiclient0-1.1.1-17.13.1 SUSE Linux Enterprise Server 12 SP5:libquagga_pb0-1.1.1-17.13.1 SUSE Linux Enterprise Server 12 SP5:libzebra1-1.1.1-17.13.1 SUSE Linux Enterprise Server 12 SP5:quagga-1.1.1-17.13.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:libfpm_pb0-1.1.1-17.13.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:libospf0-1.1.1-17.13.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:libospfapiclient0-1.1.1-17.13.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:libquagga_pb0-1.1.1-17.13.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:libzebra1-1.1.1-17.13.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:quagga-1.1.1-17.13.1 SUSE Linux Enterprise Software Development Kit 12 SP5:quagga-devel-1.1.1-17.13.1 critical 7.5 AV:N/AC:L/Au:N/C:P/I:P/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2024/suse-su-20243426-1/ https://www.suse.com/security/cve/CVE-2018-5379.html CVE-2018-5379 https://bugzilla.suse.com/1079799 SUSE Bug 1079799 The Quagga BGP daemon (bgpd) prior to version 1.2.3 can overrun internal BGP code-to-string conversion tables used for debug by 1 pointer value, based on input. CVE-2018-5380 SUSE Linux Enterprise Server 12 SP5:libfpm_pb0-1.1.1-17.13.1 SUSE Linux Enterprise Server 12 SP5:libospf0-1.1.1-17.13.1 SUSE Linux Enterprise Server 12 SP5:libospfapiclient0-1.1.1-17.13.1 SUSE Linux Enterprise Server 12 SP5:libquagga_pb0-1.1.1-17.13.1 SUSE Linux Enterprise Server 12 SP5:libzebra1-1.1.1-17.13.1 SUSE Linux Enterprise Server 12 SP5:quagga-1.1.1-17.13.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:libfpm_pb0-1.1.1-17.13.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:libospf0-1.1.1-17.13.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:libospfapiclient0-1.1.1-17.13.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:libquagga_pb0-1.1.1-17.13.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:libzebra1-1.1.1-17.13.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:quagga-1.1.1-17.13.1 SUSE Linux Enterprise Software Development Kit 12 SP5:quagga-devel-1.1.1-17.13.1 moderate 4 AV:N/AC:L/Au:S/C:N/I:N/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2024/suse-su-20243426-1/ https://www.suse.com/security/cve/CVE-2018-5380.html CVE-2018-5380 https://bugzilla.suse.com/1079800 SUSE Bug 1079800 The Quagga BGP daemon (bgpd) prior to version 1.2.3 has a bug in its parsing of "Capabilities" in BGP OPEN messages, in the bgp_packet.c:bgp_capability_msg_parse function. The parser can enter an infinite loop on invalid capabilities if a Multi-Protocol capability does not have a recognized AFI/SAFI, causing a denial of service. CVE-2018-5381 SUSE Linux Enterprise Server 12 SP5:libfpm_pb0-1.1.1-17.13.1 SUSE Linux Enterprise Server 12 SP5:libospf0-1.1.1-17.13.1 SUSE Linux Enterprise Server 12 SP5:libospfapiclient0-1.1.1-17.13.1 SUSE Linux Enterprise Server 12 SP5:libquagga_pb0-1.1.1-17.13.1 SUSE Linux Enterprise Server 12 SP5:libzebra1-1.1.1-17.13.1 SUSE Linux Enterprise Server 12 SP5:quagga-1.1.1-17.13.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:libfpm_pb0-1.1.1-17.13.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:libospf0-1.1.1-17.13.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:libospfapiclient0-1.1.1-17.13.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:libquagga_pb0-1.1.1-17.13.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:libzebra1-1.1.1-17.13.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:quagga-1.1.1-17.13.1 SUSE Linux Enterprise Software Development Kit 12 SP5:quagga-devel-1.1.1-17.13.1 important 5 AV:N/AC:L/Au:N/C:N/I:N/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2024/suse-su-20243426-1/ https://www.suse.com/security/cve/CVE-2018-5381.html CVE-2018-5381 https://bugzilla.suse.com/1079801 SUSE Bug 1079801 An out-of-bounds read in the BGP daemon of FRRouting FRR before 8.4 may lead to a segmentation fault and denial of service. This occurs in bgp_capability_msg_parse in bgpd/bgp_packet.c. CVE-2022-37032 SUSE Linux Enterprise Server 12 SP5:libfpm_pb0-1.1.1-17.13.1 SUSE Linux Enterprise Server 12 SP5:libospf0-1.1.1-17.13.1 SUSE Linux Enterprise Server 12 SP5:libospfapiclient0-1.1.1-17.13.1 SUSE Linux Enterprise Server 12 SP5:libquagga_pb0-1.1.1-17.13.1 SUSE Linux Enterprise Server 12 SP5:libzebra1-1.1.1-17.13.1 SUSE Linux Enterprise Server 12 SP5:quagga-1.1.1-17.13.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:libfpm_pb0-1.1.1-17.13.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:libospf0-1.1.1-17.13.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:libospfapiclient0-1.1.1-17.13.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:libquagga_pb0-1.1.1-17.13.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:libzebra1-1.1.1-17.13.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:quagga-1.1.1-17.13.1 SUSE Linux Enterprise Software Development Kit 12 SP5:quagga-devel-1.1.1-17.13.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2024/suse-su-20243426-1/ https://www.suse.com/security/cve/CVE-2022-37032.html CVE-2022-37032 https://bugzilla.suse.com/1202023 SUSE Bug 1202023 An issue was discovered in FRRouting (FRR) through 10.1. bgp_attr_encap in bgpd/bgp_attr.c does not check the actual remaining stream length before taking the TLV value. CVE-2024-44070 SUSE Linux Enterprise Server 12 SP5:libfpm_pb0-1.1.1-17.13.1 SUSE Linux Enterprise Server 12 SP5:libospf0-1.1.1-17.13.1 SUSE Linux Enterprise Server 12 SP5:libospfapiclient0-1.1.1-17.13.1 SUSE Linux Enterprise Server 12 SP5:libquagga_pb0-1.1.1-17.13.1 SUSE Linux Enterprise Server 12 SP5:libzebra1-1.1.1-17.13.1 SUSE Linux Enterprise Server 12 SP5:quagga-1.1.1-17.13.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:libfpm_pb0-1.1.1-17.13.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:libospf0-1.1.1-17.13.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:libospfapiclient0-1.1.1-17.13.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:libquagga_pb0-1.1.1-17.13.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:libzebra1-1.1.1-17.13.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:quagga-1.1.1-17.13.1 SUSE Linux Enterprise Software Development Kit 12 SP5:quagga-devel-1.1.1-17.13.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2024/suse-su-20243426-1/ https://www.suse.com/security/cve/CVE-2024-44070.html CVE-2024-44070 https://bugzilla.suse.com/1229438 SUSE Bug 1229438