CVE-2024-52949

iptraf-ng 1.2.1 has a stack-based buffer overflow. In src/ifaces.c, the strcpy function consistently fails to control the size, and it is consequently possible to overflow memory on the stack.

References:

Package frr updated to version 10.2-alt1 for branch sisyphus_loongarch64.

Published: 2024-08-18

BDU:2024-06868

Уязвимость функции bgp_attr_encap() в файле bgpd/bgp_attr.c программного средства реализации сетевой маршрутизации на Unix-подобных системах FRRouting, позволяющая нарушителю вызвать отказ в обслуживании

Severity: HIGH (7.5) Vector: AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

References:

CVE-2024-44070

Published: 2024-08-19
Modified: 2024-08-30

CVE-2024-44070

An issue was discovered in FRRouting (FRR) through 10.1. bgp_attr_encap in bgpd/bgp_attr.c does not check the actual remaining stream length before taking the TLV value.

Severity: HIGH (7.5) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

References:

https://github.com/FRRouting/frr/pull/16497

Package passes updated to version 0.10-alt2 for branch sisyphus_loongarch64.

Оптимизировать список зависимостей (BuildRequires)

Version: 2.1.0

Branch sisyphus_loongarch64 update on 2024-11-25

ALT-BU-2024-16152-1

ALT-PU-2024-16148-1

Closed vulnerabilities

CVE-2024-52949

ALT-PU-2024-16150-1

Closed vulnerabilities

BDU:2024-06868

CVE-2024-44070

ALT-PU-2024-16151-1

Closed bugs

Bug #51801