{"id":"CLSA-2025-1762420748","summary":"frr: Fix of 4 CVEs","details":"- CVE-2023-41358: fix crash when processing NLRIs with zero\n  attribute length\n- CVE-2023-47235: fix EOR handling to avoid unwanted processing of\n  malformed attributes\n- CVE-2023-46753: fix mandatory attributes check for UPDATE messages\n  with unknown transit attributes\n- CVE-2023-47234: fix handling NLRIs when MP_UNREACH_NLRI received\n  without mandatory attributes","modified":"2026-06-01T00:31:15.401323904Z","published":"2025-11-06T09:19:11Z","upstream":["CVE-2023-41358","CVE-2023-47235","CVE-2023-46753","CVE-2023-47234"],"references":[{"type":"ADVISORY","url":"https://errata.tuxcare.com/els_os/almalinux9.2esu/CLSA-2025-1762420748.html"}],"affected":[{"package":{"name":"frr","ecosystem":"TuxCare:AlmaLinux:9.2","purl":"pkg:rpm/tuxcare/frr?distro=almalinux-9.2"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"8.3.1-5.el9.2.alma.tuxcare.els3"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/almalinux9.2esu/CLSA-2025-1762420748.json"}},{"package":{"name":"frr-selinux","ecosystem":"TuxCare:AlmaLinux:9.2","purl":"pkg:rpm/tuxcare/frr-selinux?distro=almalinux-9.2"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"8.3.1-5.el9.2.alma.tuxcare.els3"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/almalinux9.2esu/CLSA-2025-1762420748.json"}}],"schema_version":"1.7.5"}