UbuntuUpdates.org

Package "frr"

Name: frr

Description:

FRRouting suite of internet protocols (BGP, OSPF, IS-IS, ...)
Latest version: 8.4.4-1.1ubuntu6.7
Release: noble (24.04)
Level: updates
Repository: main
Homepage: https://www.frrouting.org/

Links

All versions of this package
Bug fixes

List of files in package
Repository home page

Download "frr"

32-bit deb package
64-bit deb package
APT INSTALL

Other versions of "frr" in Noble

Repository Area Version
base universe 8.4.4-1.1ubuntu6
base main 8.4.4-1.1ubuntu6
security main 8.4.4-1.1ubuntu6.7
security universe 8.4.4-1.1ubuntu6.7
updates universe 8.4.4-1.1ubuntu6.7

Packages in group

Deleted packages are displayed in grey.


Changelog

Version: 8.4.4-1.1ubuntu6.7 2026-06-03 18:07:42 UTC

  frr (8.4.4-1.1ubuntu6.7) noble-security; urgency=medium

  * SECURITY UPDATE: integer overflow in OSPF parsing
    - debian/patches/CVE-2026-28532.patch: ospfd: harden TE/SR TLV iteration
      against malformed lengths in ospfd/ospf_sr.c, ospfd/ospf_te.c.
    - CVE-2026-28532
  * SECURITY UPDATE: DoS via crafted FlowSpec component
    - debian/patches/CVE-2026-37457.patch: bgpd: fix off-by-one error in
      FlowSpec operator array bounds check in bgpd/bgp_flowspec_util.c.
    - CVE-2026-37457
  * SECURITY UPDATE: DoS via crafted UPDATE message
    - debian/patches/CVE-2026-37458.patch: bgpd: Validate MP_REACH_NLRI
      attribute against incorrect next-hop in bgpd/bgp_attr.c.
    - CVE-2026-37458

 -- Marc Deslauriers <email address hidden> Sat, 30 May 2026 11:43:02 -0400
Source diff to previous version
CVE-2026-28532 FRRouting before 10.5.3 contains an integer overflow vulnerability in seven OSPF Traffic Engineering and Segment Routing TLV parser functions where a
CVE-2026-37457 An off-by-one out-of-bounds write vulnerability in the bgp_flowspec_op_decode() function (bgpd/bgp_flowspec_util.c) of FRRouting (FRR) stable/10.0 al
CVE-2026-37458 Missing input validation in the MP_REACH_NLRI component of FRRouting (FRR) stable/10.0 to stable/10.6 allows authenticated attackers to cause a Denia

Version: 8.4.4-1.1ubuntu6.6 2026-04-15 06:09:31 UTC

  frr (8.4.4-1.1ubuntu6.6) noble-security; urgency=medium

  * SECURITY UPDATE: Improper Access Controls
    - debian/patches/CVE-2026-5107.patch: Improve packet parsing for
      EVPN and ENCAP/VNC
    - CVE-2026-5107

 -- Bruce Cable <email address hidden> Fri, 10 Apr 2026 12:42:03 +1000
Source diff to previous version
CVE-2026-5107 A vulnerability has been found in FRRouting FRR up to 10.5.1. This affects the function process_type2_route of the file bgpd/bgp_evpn.c of the compon

Version: 8.4.4-1.1ubuntu6.5 2026-02-17 22:08:21 UTC

  frr (8.4.4-1.1ubuntu6.5) noble-security; urgency=medium

  * SECURITY UPDATE: multiple ospf security issues
    - debian/patches/CVE-2025-61xxx-1.patch: add null check for vty_out in
      check_tlv_size in ospfd/ospf_ext.c.
    - debian/patches/CVE-2025-61xxx-2.patch: fix NULL Pointer Deference
      when dumping link info in ospfd/ospf_ext.c.
    - debian/patches/CVE-2025-61xxx-3.patch: skip subsequent tlvs after
      invalid length in ospfd/ospf_ext.c, ospfd/ospf_ri.c, ospfd/ospf_te.c.
    - debian/patches/CVE-2025-61xxx-4.patch: reformat check_tlv_size macro
      in ospfd/ospf_ext.c, ospfd/ospf_ri.c, ospfd/ospf_te.c.
    - CVE-2025-61099, CVE-2025-61100, CVE-2025-61101, CVE-2025-61102,
      CVE-2025-61103, CVE-2025-61104, CVE-2025-61105, CVE-2025-61106,
      CVE-2025-61107

 -- Marc Deslauriers <email address hidden> Thu, 12 Feb 2026 09:42:08 -0500
Source diff to previous version
CVE-2025-61099 FRRouting/frr from v2.0 through v10.4.1 was discovered to contain a NULL pointer dereference via the opaque_info_detail function at ospf_opaque.c. Th
CVE-2025-61100 FRRouting/frr from v2.0 through v10.4.1 was discovered to contain a NULL pointer dereference via the ospf_opaque_lsa_dump function at ospf_opaque.c.
CVE-2025-61101 FRRouting/frr from v4.0 through v10.4.1 was discovered to contain a NULL pointer dereference via the show_vty_ext_link_rmt_itf_addr function at ospf_
CVE-2025-61102 FRRouting/frr from v4.0 through v10.4.1 was discovered to contain a NULL pointer dereference via the show_vty_ext_link_adj_sid function at ospf_ext.c
CVE-2025-61103 FRRouting/frr from v4.0 through v10.4.1 was discovered to contain a NULL pointer dereference via the show_vty_ext_link_lan_adj_sid function at ospf_e
CVE-2025-61104 FRRouting/frr from v4.0 through v10.4.1 was discovered to contain a NULL pointer dereference via the show_vty_unknown_tlv function at ospf_ext.c. Thi
CVE-2025-61105 FRRouting/frr from v4.0 through v10.4.1 was discovered to contain a NULL pointer dereference via the show_vty_link_info function at ospf_ext.c. This
CVE-2025-61106 FRRouting/frr from v4.0 through v10.4.1 was discovered to contain a NULL pointer dereference via the show_vty_ext_pref_pref_sid function at ospf_ext.
CVE-2025-61107 FRRouting/frr from v4.0 through v10.4.1 was discovered to contain a NULL pointer dereference via the show_vty_ext_pref_pref_sid function at ospf_ext.

Version: 8.4.4-1.1ubuntu6.4 2026-02-03 09:08:13 UTC

  frr (8.4.4-1.1ubuntu6.4) noble; urgency=medium

  * d/p/lp2113448-evpn-vxlan-macs: fix forgeting learned MACs on redundant
    EVPN over VXLAN links (LP: #2113448)

 -- Jonas Jelten <email address hidden> Mon, 20 Oct 2025 11:12:35 +0200
Source diff to previous version
2113448 FRR forgets learned MACs on redundant EVPN over VXLAN links

Version: 8.4.4-1.1ubuntu6.3 2025-01-27 22:06:59 UTC

  frr (8.4.4-1.1ubuntu6.3) noble-security; urgency=medium

  * SECURITY UPDATE: Denial of service via route re-validation
    - debian/patches/CVE-2024-55553.patch: bgpd: Validate only affected
      RPKI prefixes instead of a full RIB.
    - Ubuntu note: Adjusted from backport of 7.5 to fit 8.4.4.
    - CVE-2024-55553

 -- John Breton <email address hidden> Fri, 24 Jan 2025 09:43:49 -0500
CVE-2024-55553 In FRRouting (FRR) before 10.3 from 6.0 onward, all routes are re-validated if the total size of an update received via RTR exceeds the internal sock


About   -   Send Feedback to @ubuntu_updates