|
|
Log in / Subscribe / Register

Ubuntu alert USN-8175-1 (frr)



From:
              noreply+usn-bot@canonical.com


To:
              ubuntu-security-announce@lists.ubuntu.com


Subject:
              [USN-8175-1] FRR vulnerability


Date:
              Thu, 16 Apr 2026 01:15:07 +0000


Message-ID:
              <E1wDBJz-00052y-8R@lists.ubuntu.com>


==========================================================================
Ubuntu Security Notice USN-8175-1
April 15, 2026

frr vulnerability
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 25.10
- Ubuntu 24.04 LTS
- Ubuntu 22.04 LTS
- Ubuntu 20.04 LTS

Summary:

FRR could allow unintended access to network services.

Software Description:
- frr: FRRouting suite of internet protocols

Details:

It was discovered that FRR did not correctly handle certain network
requests. A remote attacker could possibly use this issue to gain
unauthorized access to resources.

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 25.10
  frr                             10.4.1-3ubuntu1.2

Ubuntu 24.04 LTS
  frr                             8.4.4-1.1ubuntu6.6

Ubuntu 22.04 LTS
  frr                             8.1-1ubuntu1.15

Ubuntu 20.04 LTS
  frr                             7.2.1-1ubuntu0.2+esm4
                                  Available with Ubuntu Pro

In general, a standard system update will make all the necessary changes.

References:
  https://ubuntu.com/security/notices/USN-8175-1
  CVE-2026-5107

Package Information:
  https://launchpad.net/ubuntu/+source/frr/10.4.1-3ubuntu1.2
  https://launchpad.net/ubuntu/+source/frr/8.4.4-1.1ubuntu6.6
  https://launchpad.net/ubuntu/+source/frr/8.1-1ubuntu1.15




Attachment: signature.asc (type=application/pgp-signature)

-----BEGIN PGP SIGNATURE-----

iQIzBAABCgAdFiEE+8neBLO2Hp/ppPlOcpJm3tlzhgEFAmngKwkACgkQcpJm3tlz
hgEfQRAAiKF5wfFv6oqEKm45kxPX4YgMmw9gmoDcSdZ6bWDgrPqCSlxf9xiTwWzZ
+cOCberujp6vpV8XQ0qZr9gsBiiZzvrsTOkMhD07mLjtetcGvGwEmiSkCUlqNVqj
7YWRbC4NU5bbHg/NmfGqAZ3Ea2dqDE0K4Mrl831LZNOiJPtVondHhDY0bz+qMWps
SiqLmsvAevMs0kJQkv/0bV8d9HiXpQ42B9f0D7b05HIriWe8j5Yz9NfKF4iP9MR4
e36JJ4aLZYIeAJHMPlc7C+EgBFQ74HXkcz4Cv+ftzJhPJx97ydJ+eJgQmOMV0m+w
jVKdIeS+gloWOTxhdXrbMiBixR7cl6ovM+AysCIyEnd9r3BvUfa2qG+wjVD5Gzzj
Ws+AIfl2ci1QZkrLSHtUBMcugLX4tfnXYVDDGQWRbYU7BvPfTJhFmr7NpIWFFUdm
Wm3mSBf3fKmqjp7NjQ0vQR0jbkVCov+B1wEq220riv/SFZeb4n9gB1862tglY4DC
r0arpxPrLUdEJK10DQV/InOnXqJROyeJ35pDR7Wr732Vv23dx6ho+jprFKY2bW0S
jVwj9tKI05w53j8PVBatFicHb2TSqNP0C/96CqWlRoKQTB4NZBGLDQgRJ+t7F0ri
kym47fqf43xeGEneICvVV9EQG37AISKxCyrBq7orCEwjb9CYFPI=
=emtI
-----END PGP SIGNATURE-----
to post comments


Copyright © 2026, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds